Am I infected?

[HelloJedi]

Hello, I haven't done a cleaning and checking of my computer in a while and it lately it seems to be heating up much more even if its watching a simple video or playing a simple flash game. Here are my logs:

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016
Ran by Vedang (administrator) on VEDANG-MYTH (14-06-2016 19:28:06)
Running from C:\Users\Vedang\Downloads
Loaded Profiles: Vedang (Available Profiles: Vedang)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\HotkeyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\HkeyTray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\hotkeyrtk.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CLEVO CO.) C:\Program Files (x86)\Hotkey\hkysound.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13664984 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-08-04] (Intel Corporation)
HKLM\...\Run: [MBCfg64] => C:\windows\system32\RunDLL32.exe C:\windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Sound Blaster X-Fi MB 3] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB3\Sound Blaster X-Fi MB3\SBXFIMB3.exe [2112000 2013-06-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-08-08] (cyberlink)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [839648 2016-03-10] (DivX, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2530249291-437664421-3989359840-1001\...\Run: [Power2GoExpress] => 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2014-09-29]
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-09-29]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7411487A-FF21-481E-AB53-BF27FF30E042}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{35d8b8ff-a4c0-446f-8691-11b6dc21caa5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c1c8ad6e-6fc5-488b-a809-b386c0aa2e6a}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
HKU\S-1-5-21-2530249291-437664421-3989359840-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mythlogic.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-22] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2530249291-437664421-3989359840-1001 -> is enabled.

FireFox:
========
FF ProfilePath: C:\Users\Vedang\AppData\Roaming\Mozilla\Firefox\Profiles\qzaq91rb.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-03-04] (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-22] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2530249291-437664421-3989359840-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2530249291-437664421-3989359840-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vedang\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Extension: Greasemonkey - C:\Users\Vedang\AppData\Roaming\Mozilla\Firefox\Profiles\qzaq91rb.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-05-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Vedang\AppData\Roaming\Mozilla\Firefox\Profiles\qzaq91rb.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-05-02]
FF Extension: Adblock Plus - C:\Users\Vedang\AppData\Roaming\Mozilla\Firefox\Profiles\qzaq91rb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]

Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup default
CHR Extension: (Adblock Plus) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-10] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (One Number) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi [2015-05-11] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (ICE Quick Stream) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2015-02-16] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Wallet) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-03] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Profile: C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup Default 2
CHR Extension: (YouTube) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup Default 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-14]
CHR Extension: (Google Search) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup Default 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-28]
CHR Extension: (Bookmark Manager) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup Default 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup Default 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-11]
CHR Extension: (Google Wallet) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup Default 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-11]
CHR Extension: (Gmail) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Backup Default 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-11]
CHR Extension: (Google Docs) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-11]
CHR Extension: (Google Drive) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-05]
CHR Extension: (Google Search) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (ICE Quick Stream) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2015-05-19]
CHR Extension: (Google Sheets) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Vedang\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-08-09] (CyberLink)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-09-29] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-09-29] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [406016 2011-09-14] (Creative Technology Ltd) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-11-25] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-01] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-08-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-01] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-01] (NVIDIA Corporation)
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [76152 2015-01-12] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-01-12] ()
R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [23552 2014-05-27] (CLEVO CO.) [File not signed]
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-09-18] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [33488 2015-06-25] (Insyde Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R0 FPWinIo; C:\Windows\System32\drivers\FPWinIo.sys [83688 2013-08-08] (Egis Technology Inc.)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-17] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek                                            )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-09-18] (Synaptics Incorporated)
S3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2007-12-12] ()
R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-14 19:28 - 2016-06-14 19:28 - 00023460 _____ C:\Users\Vedang\Downloads\FRST.txt
2016-06-14 19:27 - 2016-06-14 19:28 - 00000000 ____D C:\FRST
2016-06-14 19:25 - 2016-06-14 19:26 - 02385920 _____ (Farbar) C:\Users\Vedang\Downloads\FRST64.exe
2016-06-14 18:49 - 2016-06-14 18:49 - 00000000 ____D C:\WINDOWS\LastGood
2016-06-14 18:49 - 2016-04-13 22:38 - 00113216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-06-14 18:49 - 2016-04-13 22:38 - 00102976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-06-13 18:00 - 2016-06-13 18:00 - 00541171 _____ C:\Users\Vedang\Downloads\http _horsepowerkings.com_ford-shelby-gt500-under-development_.htm
2016-06-07 20:06 - 2016-06-07 20:06 - 00665884 _____ C:\Users\Vedang\Downloads\Insurance_Fraud_Detection.pdf
2016-05-26 12:31 - 2016-05-26 12:31 - 00111547 _____ C:\Users\Vedang\Downloads\schedule.pdf
2016-05-24 09:31 - 2016-05-24 09:31 - 00357393 _____ C:\Users\Vedang\Downloads\DA_01050_F9.pdf
2016-05-24 08:01 - 2016-05-24 08:01 - 00219991 _____ C:\Users\Vedang\Downloads\DA_01044_TA.pdf
2016-05-24 07:52 - 2016-05-24 07:52 - 00085958 _____ C:\Users\Vedang\Downloads\OL_OverviewofthePersonalAutoPolicy.pdf
2016-05-24 07:43 - 2016-05-24 07:43 - 00050120 _____ C:\Users\Vedang\Downloads\PP00010105.pdf
2016-05-24 00:06 - 2016-05-24 00:06 - 00044933 _____ C:\Users\Vedang\Downloads\OL_BenefitsofInsurance.pdf
2016-05-23 23:50 - 2016-05-23 23:50 - 00085508 _____ C:\Users\Vedang\Downloads\OL_ExamplesOfForeignLossExposures.pdf
2016-05-23 23:19 - 2016-05-23 23:19 - 00083745 _____ C:\Users\Vedang\Downloads\OL_TypicalExclusionsOfSiteSpecificEILPolicies.pdf
2016-05-23 21:32 - 2016-05-23 21:32 - 00043557 _____ C:\Users\Vedang\Downloads\OL_Example3singlepolicyexamplebalancesheetentriesonly.pdf
2016-05-23 21:28 - 2016-05-23 21:28 - 00058090 _____ C:\Users\Vedang\Downloads\OL_Example1SinglePolicyExample.pdf
2016-05-23 20:30 - 2016-05-23 20:30 - 00083491 _____ C:\Users\Vedang\Downloads\OL_KnowledgeToActionHO3CoverageCase06677.pdf
2016-05-23 20:17 - 2016-05-23 20:17 - 00090560 _____ C:\Users\Vedang\Downloads\Ol_SummaryofEndorsements.pdf
2016-05-23 19:51 - 2016-05-23 19:51 - 00087239 _____ C:\Users\Vedang\Downloads\OL_ISOHomeownersFormsSimilaritiesandDifferences.pdf
2016-05-23 19:38 - 2016-05-23 19:38 - 00100513 _____ C:\Users\Vedang\Downloads\OL_HOPolicyComparisonBySection.pdf
2016-05-23 19:34 - 2016-05-23 19:34 - 00086347 _____ C:\Users\Vedang\Downloads\OL_KnowledgeToActionHO3SectionIILiabilityCoverageCase.pdf
2016-05-23 19:14 - 2016-05-23 19:14 - 00087511 _____ C:\Users\Vedang\Downloads\OL_GeneralFunctionsofHO3SectionIIConditions.pdf
2016-05-23 19:03 - 2016-05-23 19:03 - 00084212 _____ C:\Users\Vedang\Downloads\DA_01021_04.pdf
2016-05-23 18:33 - 2016-05-23 18:33 - 00089311 _____ C:\Users\Vedang\Downloads\OL_PolicyDefinitionsAndHowTheyApplyToSectionII.pdf
2016-05-23 18:22 - 2016-05-23 18:22 - 00088546 _____ C:\Users\Vedang\Downloads\OL_SpecialLimitsOfLiability.pdf
2016-05-23 18:01 - 2016-05-23 18:01 - 00080438 _____ C:\Users\Vedang\Downloads\OL_LossSettlementExamples.pdf
2016-05-23 17:43 - 2016-05-23 17:43 - 00091144 _____ C:\Users\Vedang\Downloads\OL_AdditionalCoverages.pdf
2016-05-23 17:26 - 2016-05-23 17:26 - 00093745 _____ C:\Users\Vedang\Downloads\OL_KeyChangesInTheISO2011ProgramRevision.pdf
2016-05-23 17:16 - 2016-05-23 17:16 - 00084035 _____ C:\Users\Vedang\Downloads\OL_HowTheISOHomeownersProgramPolicyFormsAddressPersonalRiskManagementNeeds.pdf
2016-05-22 15:11 - 2016-05-22 15:11 - 00102384 _____ C:\Users\Vedang\Downloads\OL_CoveredCausesOfLossInTheBasicFormAndBroadForm.pdf
2016-05-18 18:17 - 2016-05-18 18:17 - 00211078 _____ C:\Users\Vedang\Downloads\46-4416.pdf
2016-05-17 21:11 - 2016-05-29 23:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-14 19:16 - 2014-10-01 14:11 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6D72703A-89CF-4F73-A922-6690DDCBDE9B}
2016-06-14 19:07 - 2015-05-11 04:53 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-14 18:50 - 2015-01-12 18:11 - 00000000 ____D C:\Users\Vedang\AppData\Local\NVIDIA
2016-06-14 18:50 - 2014-09-29 12:19 - 00000000 ____D C:\Users\Vedang\AppData\Local\NVIDIA Corporation
2016-06-14 18:49 - 2015-10-30 00:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-14 18:37 - 2015-10-30 00:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-14 18:32 - 2015-10-10 14:55 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-14 18:07 - 2015-05-11 04:53 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-14 17:52 - 2015-10-30 00:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-14 17:52 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-12 17:47 - 2015-01-24 08:25 - 00000000 ____D C:\Users\Vedang\AppData\Roaming\vlc
2016-06-07 19:08 - 2015-05-11 04:53 - 00002278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-07 19:08 - 2015-05-11 04:53 - 00002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-02 19:54 - 2015-11-22 16:48 - 00881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-29 23:58 - 2015-11-22 16:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-29 23:58 - 2014-09-29 11:59 - 00000000 __SHD C:\Users\Vedang\IntelGraphicsProfiles
2016-05-29 23:57 - 2015-11-22 16:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-29 23:57 - 2015-11-22 16:40 - 00147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2016-05-29 23:57 - 2015-02-21 14:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-29 22:36 - 2015-10-29 23:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-26 04:02 - 2015-03-02 21:08 - 00000151 _____ C:\Users\Vedang\Documents\The Institutes.txt
2016-05-23 18:44 - 2015-11-22 16:49 - 00002415 _____ C:\Users\Vedang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-23 18:44 - 2015-11-22 16:49 - 00000000 ___RD C:\Users\Vedang\OneDrive
2016-05-21 17:24 - 2015-11-10 19:30 - 00000000 ____D C:\Users\Vedang\Desktop\notes 2

==================== Files in the root of some directories =======

2015-03-08 13:51 - 2015-05-10 21:26 - 0000020 _____ () C:\Users\Vedang\AppData\Roaming\appdataFr3.bin
2014-09-29 12:04 - 2014-09-29 12:04 - 0000000 _____ () C:\Users\Vedang\AppData\Local\BluetoothPresent.flag
2014-09-29 12:04 - 2014-09-29 12:04 - 0000000 _____ () C:\Users\Vedang\AppData\Local\Driver_Jupiter_01Present.flag
2015-11-10 17:34 - 2015-11-10 17:34 - 0045153 _____ () C:\Users\Vedang\AppData\Local\Tempdivx3a52
2015-06-24 18:11 - 2015-06-24 18:11 - 0043682 _____ () C:\Users\Vedang\AppData\Local\Tempdivx5c24
2015-05-19 02:43 - 2015-05-19 02:43 - 0247298 _____ () C:\Users\Vedang\AppData\Local\Tempdivx65cc
2015-05-19 22:26 - 2015-05-19 22:26 - 0043665 _____ () C:\Users\Vedang\AppData\Local\Tempdivx6966
2015-05-14 20:39 - 2015-05-14 20:39 - 0247263 _____ () C:\Users\Vedang\AppData\Local\Tempdivx6a65
2015-09-15 19:22 - 2015-09-15 19:22 - 0266074 _____ () C:\Users\Vedang\AppData\Local\Tempdivx8818
2015-07-07 23:08 - 2015-07-07 23:08 - 0253196 _____ () C:\Users\Vedang\AppData\Local\Tempdivx8b3b
2015-06-24 18:11 - 2015-06-24 18:11 - 1328472 _____ (DivX, LLC) C:\Users\Vedang\AppData\Local\Tempdivxacdc.exe
2015-11-04 08:20 - 2015-11-04 08:20 - 0260500 _____ () C:\Users\Vedang\AppData\Local\Tempdivxceff
2015-07-12 08:30 - 2015-07-12 08:30 - 0043494 _____ () C:\Users\Vedang\AppData\Local\Tempdivxd8e5
2015-10-30 17:25 - 2015-10-30 17:25 - 0047475 _____ () C:\Users\Vedang\AppData\Local\Tempdivxd949
2015-02-21 15:03 - 2016-04-05 23:27 - 0000629 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\Vedang\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Vedang\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Vedang\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Vedang\AppData\Local\Temp\RSPUpgradeInstaller.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-18 20:17

==================== End of FRST.txt ============================

 

 

and Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2016
Ran by Vedang (2016-06-14 19:28:27)
Running from C:\Users\Vedang\Downloads
Windows 10 Home Version 1511 (X64) (2015-11-22 23:47:00)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2530249291-437664421-3989359840-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2530249291-437664421-3989359840-503 - Limited - Disabled)
Guest (S-1-5-21-2530249291-437664421-3989359840-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2530249291-437664421-3989359840-1003 - Limited - Enabled)
Vedang (S-1-5-21-2530249291-437664421-3989359840-1001 - Administrator - Enabled) => C:\Users\Vedang

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM-x32\...\{7330098c-3669-4f39-9e82-4221d489db39}) (Version: 1.4.828.0 - Futuremark)
3DMark (Version: 1.4.828.0 - Futuremark) Hidden
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Airplane Mode Hid Installer (HKLM-x32\...\InstallShield_{5E5B067F-52A4-447E-A3F1-D6DD10565E73}) (Version: 2.0.0.5 - )
Airplane Mode Hid Installer (x32 Version: 2.0.0.5 - ) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.4218 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2914c - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5425.52 - CyberLink Corp.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.18 - DivX, LLC)
DVDFab Media Player 2 (HKLM-x32\...\DVDFab Media Player 2_is1) (Version: 2.5.0.2 - Fengtao Software Inc.)
EgisTec Fingerprint Driver (HKLM-x32\...\InstallShield_{74AB6665-AFFE-4419-BC7D-7EB3A68DE5BC}) (Version: 3.2.7.0 - Egis Technology Inc.)
Fingerprint Driver (x32 Version: 3.2.7.0 - Egis Technology Inc.) Hidden
Futuremark SystemInfo (HKLM-x32\...\{03856D3F-DDDC-4C9A-9202-36529D21D94C}) (Version: 4.32.483.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Hotkey 2.34.48 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 2.34.48 - )
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.2 - Insyde Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{a6e81627-a651-408c-8fb6-19a078070830}) (Version: 5.1.0.23 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 5.1.0.23 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.4.1000 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)
IZArc 4.1.9 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.9 - Ivan Zahariev)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.38.1281 - Qualcomm Atheros) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.1.312 - Qualcomm Atheros Communications) Hidden
Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.1.38.1281 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.38.1281 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{70352071-9C2B-4EF0-88E6-9F16FEBAEB36}) (Version: 1.1.38.1281 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sound Blaster X-Fi MB3 (HKLM-x32\...\{3689CE39-3173-4952-B7AF-F1A9D6F9A288}) (Version: 1.00.04 - Creative Technology Limited)
StatMaker (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995}) (Version:  - Software Publisher) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.24.1 - Synaptics Incorporated)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
Unity Web Player (HKU\S-1-5-21-2530249291-437664421-3989359840-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
Windows Driver Package - Insyde (AirplaneModeHid) HIDClass  (07/01/2013 1.3.0.0) (HKLM\...\E38E8D276444640BFCE21B5A73FD63C479B76259) (Version: 07/01/2013 1.3.0.0 - Insyde)
Windows Driver Package - Synaptics (SmbDrv) System  (12/20/2013 18.0.5.0) (HKLM\...\DA080BB0CE3DAD8E62D50FD987729CEA6269CC02) (Version: 12/20/2013 18.0.5.0 - Synaptics)
Windows Driver Package - Synaptics (SynTP) Mouse  (12/20/2013 18.0.5.0) (HKLM\...\E9740F400D100CC09BF3C9C7C39C99108CAE5A47) (Version: 12/20/2013 18.0.5.0 - Synaptics)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2530249291-437664421-3989359840-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vedang\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {068EBF87-8017-4DFE-9082-BB1E13F48ECB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
Task: {0B37670F-B2B3-4CEA-92BD-89D9EC74EA7A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0ED2AC58-A813-403F-8EB9-58870FDB4DA5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {181ECAED-5DC2-4201-A057-73226FBBDC4D} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-03-01] (DivX, LLC)
Task: {211AE974-CA43-4674-A375-ECC5F236D040} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2A214081-9B23-4110-89AF-7847040CACD4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {44BE9146-762E-4C7B-99B3-30A1DEAB9E17} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated)
Task: {4CADF07B-9FCA-4FE6-A9DE-B7B233CB6F90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-11] (Google Inc.)
Task: {5096AA5E-C0B3-4029-A1A9-6B69B92ED4CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-11] (Google Inc.)
Task: {7EDAE6D3-5819-4C86-9FA1-F8BB8C2315B1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {88961517-4805-40EE-84AC-A9A79C923636} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {90F203D8-C9FE-44B7-8204-88DD5DEBE608} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9A21947C-DC84-4CCD-A0CB-9C8DBD283E74} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B7C95EA6-AB84-4499-947D-3DFBB48DA240} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {B8BBF911-D00D-49A8-B443-E593F4DEDC02} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C7F2C0D1-A9CD-4105-A7D6-01EF6CF1B3B2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {CD9E506A-F5BC-4F7D-842B-FE23924A056E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {D50019EA-9AE3-4411-9F2B-92B677F48B11} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E9DD04EB-9583-402E-ABD4-3AB6FAB9265C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Vedang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Vedang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-22 16:38 - 2016-03-21 19:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-30 14:54 - 2015-01-12 20:38 - 00076152 _____ () C:\windows\system32\PnkBstrA.exe
2016-04-12 18:14 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 18:14 - 2016-03-29 03:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-23 18:44 - 2016-05-23 18:44 - 00959168 _____ () C:\Users\Vedang\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-19 12:47 - 2016-04-19 12:47 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-07-18 00:35 - 2015-12-19 01:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-17 18:08 - 2015-12-06 21:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-10 19:19 - 2016-04-22 21:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-10 19:19 - 2016-04-22 21:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-10 19:19 - 2016-04-22 20:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-10 19:19 - 2016-04-22 20:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-10 19:20 - 2016-04-22 21:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-29 10:14 - 2013-01-25 08:08 - 00089600 _____ () C:\windows\SYSTEM32\CmdRtr64.DLL
2014-09-29 10:14 - 2013-01-25 08:06 - 00328704 _____ () C:\windows\SYSTEM32\APOMgr64.DLL
2013-12-09 12:07 - 2013-12-09 12:07 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2016-01-20 18:07 - 2016-01-20 18:07 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-14 17:49 - 2015-12-14 17:49 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-14 18:49 - 2016-05-01 22:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-17 12:59 - 2016-05-01 22:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-06-14 18:49 - 2016-05-01 22:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-06-14 18:49 - 2016-05-01 22:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-14 18:49 - 2016-05-01 22:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-06-14 18:49 - 2016-05-01 22:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-06-14 18:49 - 2016-05-01 22:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-17 12:59 - 2016-05-01 22:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-06-14 18:49 - 2016-05-01 22:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-06-14 18:49 - 2016-05-01 22:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-19 12:47 - 2016-04-19 12:47 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 12:47 - 2016-04-19 12:47 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-23 18:44 - 2016-05-23 18:44 - 00679624 _____ () C:\Users\Vedang\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2011-03-09 11:21 - 2011-03-09 11:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 11:21 - 2011-03-09 11:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-03 08:03 - 2014-09-03 08:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-09 10:29 - 2016-05-01 23:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-07 19:08 - 2016-06-03 18:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-07 19:08 - 2016-06-03 18:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll
2016-06-07 19:08 - 2016-06-03 18:56 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2530249291-437664421-3989359840-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vedang\Pictures\new_york_city_aerial_view-wallpaper-1920x1080.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKU\S-1-5-21-2530249291-437664421-3989359840-1001\...\StartupApproved\StartupFolder: => "gtgBR72G.mkv.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5659E3D2-CA85-441B-A960-7349611B10CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6415DAB-A2C6-4FE4-AC23-70D8E43AE63A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{159A68FC-1F99-4383-AC13-FACD22E99ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6D106E9A-2F9E-4FF7-99EB-585794601886}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D908A8E7-1AF9-4867-955B-FBFE9DD2EF6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [UDP Query User{2E72AE6E-2668-4881-AEA9-DFDF7D832B83}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{73F04D33-9C0E-4FEA-AD38-39E982A3641E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{68D4BFD4-C02B-4A06-B15A-4352E15D4A32}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A8CDC26A-AAEC-4EA1-95A5-7527ED8F6A22}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B64AF227-64E6-4161-92A2-CFAD19B92514}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BD6696A-201B-4D2C-B326-C95380106E17}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{C0B422E0-9B13-4AFA-B79E-22533609AA7C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{B703D59D-04F6-4EC6-A691-5018D767005E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{FBFA2CA1-0402-48ED-B3E5-0A4B441E4BF9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{21D8C075-5E01-4DED-8545-F83A87CD264F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{991A5242-DD95-4B71-BD5E-531A31ACC8A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{7D06D8C0-E083-4658-B619-4E3CFBFAA0B7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9A352ECB-E2CD-4B82-AC1A-CFC706575274}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0B472FCC-86A3-492C-9CBE-2C88331CDE3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FBD82ADB-BD88-4B7A-87CB-34CB417F9B1C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{17CC09F6-FECB-4076-948D-F2EBD2185A5E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B474403F-F99F-4D8E-B046-77D0A6E93B75}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{0FCDFE3C-BA07-491D-9A08-12A03C7022FC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{B71AED4C-EF50-462A-AB34-C112A47E49C8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9B31B57D-D360-4EBD-9B47-343F85C6C0F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CFAFC46D-0102-44D6-BF94-17408CA2006B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EDF2500A-2769-4BF1-9BB4-D0040FC0E453}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{054A1C41-C7F1-4E59-B1B5-77799353AD39}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1F9089CF-5002-49F2-B271-55E483343930}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{D3F850F7-DF8B-4702-A42C-CBFF1AE68BAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{13EF03E0-E9DB-4477-A686-0AAA672EB5E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{18905F2F-8F32-499F-B92B-FE6BCB9737D7}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{7F9F4D33-C49E-492E-B121-55991325ABFE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{71072265-5C8C-4271-A6B9-8FD642B6C9D6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{5D4A1234-E17C-410C-ABAF-41520C6CFAE2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{97D0AE5E-113E-446B-AD22-A7442C7B26C6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{AB814216-204F-49C5-B8AE-1BA8D4D1BD4A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{4045576E-FE0C-4502-9867-3618DB3A9CE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

22-05-2016 19:14:41 Scheduled Checkpoint
31-05-2016 21:37:27 Scheduled Checkpoint
11-06-2016 18:15:16 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2016 06:15:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/31/2016 09:37:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/22/2016 07:14:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/19/2016 07:44:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/18/2016 01:07:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1c48

Start Time: 01d1b13f30cd594e

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: 1add6882-1d34-11e6-82e8-80fa5b034ed7

Faulting package full name: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Error: (05/14/2016 12:59:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/12/2016 12:18:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_StateRepository, version: 10.0.10586.0, time stamp: 0x5632d7ba
Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a849ab
Exception code: 0xc0000005
Fault offset: 0x0000000000056e29
Faulting process id: 0x9ec
Faulting application start time: 0xsvchost.exe_StateRepository0
Faulting application path: svchost.exe_StateRepository1
Faulting module path: svchost.exe_StateRepository2
Report Id: svchost.exe_StateRepository3
Faulting package full name: svchost.exe_StateRepository4
Faulting package-relative application ID: svchost.exe_StateRepository5

Error: (05/10/2016 10:53:58 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (05/10/2016 10:50:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/10/2016 10:50:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

System errors:
=============
Error: (06/14/2016 06:44:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/14/2016 05:26:57 PM) (Source: DCOM) (EventID: 10016) (User: Vedang-MYTH)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vedang-MYTHVedangS-1-5-21-2530249291-437664421-3989359840-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/14/2016 05:26:57 PM) (Source: DCOM) (EventID: 10016) (User: Vedang-MYTH)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vedang-MYTHVedangS-1-5-21-2530249291-437664421-3989359840-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/14/2016 02:12:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/13/2016 02:07:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/13/2016 12:07:39 AM) (Source: DCOM) (EventID: 10016) (User: Vedang-MYTH)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vedang-MYTHVedangS-1-5-21-2530249291-437664421-3989359840-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/13/2016 12:07:39 AM) (Source: DCOM) (EventID: 10016) (User: Vedang-MYTH)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Vedang-MYTHVedangS-1-5-21-2530249291-437664421-3989359840-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/12/2016 08:50:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/12/2016 06:16:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/12/2016 06:01:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

CodeIntegrity:
===================================
  Date: 2016-05-30 21:42:29.077
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-17 20:15:47.488
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-15 12:36:04.658
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 00:04:47.408
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-12 00:34:17.011
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-12 00:23:05.475
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 22:19:18.843
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-11 17:42:47.722
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-10 17:32:59.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-20 18:02:26.868
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
Percentage of memory in use: 30%
Total physical RAM: 16300.14 MB
Available physical RAM: 11401.25 MB
Total Virtual: 16500.14 MB
Available Virtual: 10996.93 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:228.07 GB) (Free:165.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 7E9946AB)

Partition: GPT.

==================== End of Addition.txt ============================

 

 

[TwinHeadedEagle]

Hello and

 

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on icon and select Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition.txt option is checked. option is checked.

  

• Press Scan button and wait.
  

• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
  

Please attach report into your next reply.

[HelloJedi]

Thanks! I have them attached.

FRST.txt

Addition.txt

[TwinHeadedEagle]

Please uninstall StatMaker

 

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on icon and select Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finishes FRST will generate a log on the Desktop, called Fixlog.txt.
  

Please attach it to your reply.

 

Fix with ESET Services Repair

Please download [URL=https://www.sendspace.com/file/0grp2v]Services Repair[/URL] by ESET and save it to your desktop.

• Right-click on icon and select Run as Administrator to start the tool.
• If security notifications appear, click Continue or Run.
• Accept the prompt about restoring services.
• Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.
• A log will be saved in the CCSupport folder the tool created on your desktop.
  

Please include that logfile in your next reply.

 

 

fixlist.txt

[HelloJedi]

I'm running into an issue uninstalling that software from the control panel's Programs and Features screen. I get the error dialogue:

 

Do I need to uninstall that program before I do those fixes?

[TwinHeadedEagle]

No, you can proceed with other steps.

[HelloJedi]

Okay. It is now attached.

 

 

Fixlog.txt

SvcRepair.log

[TwinHeadedEagle]

How is your PC behaving now?

[HelloJedi]

It seems to run okay did you see anything that seemed out of the ordinary in the logs? I still have that Statmaker program on my programs list. I'm not sure how that is affecting my system, but according to a few articles it looks like I should remove it. Should we try other malware removal tools?

I'll be out for the next few hours, but can be back later today.

[TwinHeadedEagle]

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

• Right-click on icon and select Run as Administrator to start the tool.
• Accept the Terms of use.
• Wait until the database is updated.
• Click Scan.
• When finished, please click Cleaning.
• Your PC should reboot now.
• After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

[HelloJedi]

It looks like it worked! Log file is attached. I checked my programs list and statmaker is no longer there.

Unless you see anything strange in the log file, I think that should be it. Thanks!

AdwCleaner[S1].txt

AdwCleaner[C1].txt

[TwinHeadedEagle]

Since there are no more problems, we can declare this PC clean

Now, we can proceed with post-cleanup procedures. Let's remove my tools and create a new, non infected restore point concurrently deleting old ones.

Step 1. - Creation of system restore point and tools removal.

Download DelFix by Xplode and save it to your desktop.

• Run the tool by right click on the icon and Run as administrator option.
• Make sure that these ones are checked:
  
  • Remove disinfection tools
  • Purge system restore
  • Reset system settings
    
  
  
• Push Run and wait until the tool completes his work.
• All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt). I don't need it for review.
  

Tool deletes old system restore points and creates a fresh system restore point after cleaning.

Step 2. - Tips and tricks to keep your computer clean, safe and in a good shape.

Security tips - highly recommended reading:

• Simple and easy ways to keep your computer safe and secure on the Internet
  

Maintenance tips:

• Optimize Windows for better performance
  

Additional software that I personally use and install on all my clients devices:

• Malwarebytes' Anti-Malware(paid version highly recommended) - to scan your system from time to time in search for malware.
• Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
• McShield - to prevent infections spread by removable media.
• Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.
• CryptoPrevent - tool for protection against Cryptolocker and similar ransomware infections.
• Adblock - to surf the web without annoying ads!
• Qualys BrowserCheck - cloud service that scans your browsers and plugins to see if they’re all up-to-date.
  

My help is free for everybody.

If you're happy with the help provided and/or wish to show your appreciaton, please consider a donation:
Thank you!

Stay safe,
TwinHeadedEagle

[HelloJedi]

Thanks!

[AdvancedSetup]

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!