Jump to content

Recommended Posts

Hey all, I'm Moto pleased to meet you.
So a couple of days ago I noticed that there was a 'Name Not Available' in my volume mixer, A while back I got a similar thing on my old computer which I was able to fix by following online instructions. However this time I've tried everything and I can't seem to get it to go away. I'm a little concerned. 
So please MWB Team you're my only hope.

I did a farbar recovery scan tool scan and here is my FRST result

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02
Ran by Moto (administrator) on SARAH (27-06-2016 04:42:16)
Running from G:\Desktop
Loaded Profiles: Moto (Available Profiles: Moto & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Gigabyte\AmbientLED\LEDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5020\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Moto\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1259008 2016-04-05] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Spotify Web Helper] => C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-16] (Spotify Ltd)
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Discord] => C:\Users\Moto\AppData\Local\Discord\app-0.0.290\Discord.exe [57924280 2016-05-05] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-01-02]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-01-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-01-08]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
Startup: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop.scf [2013-05-06] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{06fe9622-fd21-4162-a578-1daad5f44bb1}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1643741209-629586362-3516323415-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-01-24] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-20]
FF HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-04]
CHR Extension: (Kaspersky Protection) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-02-19]
CHR Extension: (Infinite HD App) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\laealigljflmglcgncipdbmbjgjdpiim [2016-06-22]
CHR Extension: (TubeBuddy) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2016-06-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-01-02] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2015-12-31] (Scarlet.Crush Productions) [File not signed]
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2015-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LEDCtrl; C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe [34624 2014-09-24] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed]
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658)
R3 ElgatoVAD; C:\Windows\system32\DRIVERS\ElgatoVAD.sys [28800 2016-03-30] (Elgato Systems GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-01-02] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-02] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-25] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-04-23] (hxxp://libusb-win32.sourceforge.net)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 MZ0380.X64; C:\Windows\system32\DRIVERS\MZ0380.X64.SYS [3528456 2016-03-29] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-25 12:29 - 2016-06-25 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Test
2016-06-24 19:11 - 2016-06-24 19:11 - 00000000 ____D C:\Users\Moto\AppData\Local\PeerDistRepub
2016-06-24 19:01 - 2016-06-24 19:01 - 00000000 ____D C:\Users\Moto\AppData\Local\ActiveSync
2016-06-24 18:59 - 2016-06-24 18:59 - 00000000 ____D C:\Users\Moto\.android
2016-06-24 18:21 - 2016-06-24 18:00 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-06-24 18:00 - 2016-06-24 18:19 - 00000000 ____D C:\zoek_backup
2016-06-24 17:58 - 2016-06-27 04:42 - 00000000 ____D C:\FRST
2016-06-24 17:44 - 2016-06-24 17:50 - 00000000 ____D C:\AdwCleaner
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignf50f45bb3287bb54
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignb1c5c93b4d5fae5f
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6af0b4a821d51b28
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6982e884f92a7019
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign2d6006ca443bf9eb
2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignc36f1afca5bd07cb
2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9354230b3c411d78
2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign23c18db989f93014
2016-06-22 01:44 - 2016-06-22 01:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\dungeoneering
2016-06-21 15:24 - 2016-06-21 15:24 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe SpeedGrade CC 2015.lnk
2016-06-21 15:22 - 2016-06-21 15:22 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9ddec1ddef1b277e
2016-06-21 15:20 - 2016-06-21 15:20 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate CC 2015.2.lnk
2016-06-21 15:16 - 2016-06-21 15:16 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.2.lnk
2016-06-21 15:13 - 2016-06-21 15:13 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-06-21 15:09 - 2016-06-21 15:09 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.3.lnk
2016-06-21 15:06 - 2016-06-21 15:06 - 00001144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-06-21 15:01 - 2016-06-21 15:01 - 00001252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.3.lnk
2016-06-21 14:58 - 2016-06-21 14:58 - 00001356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview 4).lnk
2016-06-21 14:54 - 2016-06-21 14:54 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-06-19 15:35 - 2016-06-19 15:35 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-14 22:41 - 2016-05-28 07:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-14 22:41 - 2016-05-28 06:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-14 22:41 - 2016-05-28 06:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-14 22:41 - 2016-05-28 06:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-14 22:41 - 2016-05-28 06:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-14 22:41 - 2016-05-28 06:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-14 22:41 - 2016-05-28 06:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-14 22:41 - 2016-05-28 06:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-14 22:41 - 2016-05-28 06:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-14 22:41 - 2016-05-28 06:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-14 22:41 - 2016-05-28 06:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-14 22:41 - 2016-05-28 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-14 22:41 - 2016-05-28 06:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-14 22:41 - 2016-05-28 06:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-14 22:41 - 2016-05-28 06:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-14 22:41 - 2016-05-28 06:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-14 22:41 - 2016-05-28 06:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-14 22:41 - 2016-05-28 06:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-14 22:41 - 2016-05-28 06:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-14 22:41 - 2016-05-28 06:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-14 22:41 - 2016-05-28 06:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-14 22:41 - 2016-05-28 06:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-14 22:41 - 2016-05-28 06:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 22:41 - 2016-05-28 06:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-14 22:41 - 2016-05-28 06:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-14 22:41 - 2016-05-28 06:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-14 22:41 - 2016-05-28 06:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-14 22:41 - 2016-05-28 06:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-14 22:41 - 2016-05-28 06:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-14 22:41 - 2016-05-28 06:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-14 22:41 - 2016-05-28 06:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-14 22:41 - 2016-05-28 06:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-14 22:41 - 2016-05-28 06:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-14 22:41 - 2016-05-28 05:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-14 22:41 - 2016-05-28 05:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-14 22:41 - 2016-05-28 05:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-14 22:41 - 2016-05-28 05:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-14 22:41 - 2016-05-28 05:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-14 22:41 - 2016-05-28 05:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-14 22:41 - 2016-05-28 05:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-14 22:41 - 2016-05-28 05:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-14 22:41 - 2016-05-28 05:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-14 22:41 - 2016-05-28 05:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-14 22:41 - 2016-05-28 05:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-14 22:41 - 2016-05-28 05:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-14 22:41 - 2016-05-28 05:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-14 22:41 - 2016-05-28 05:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 22:41 - 2016-05-28 05:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-14 22:41 - 2016-05-28 05:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-14 22:41 - 2016-05-28 05:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-14 22:41 - 2016-05-28 05:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-14 22:41 - 2016-05-28 05:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-14 22:41 - 2016-05-28 05:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-14 22:41 - 2016-05-28 05:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-14 22:41 - 2016-05-28 05:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-14 22:41 - 2016-05-28 05:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-14 22:41 - 2016-05-28 05:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-14 22:41 - 2016-05-28 05:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-14 22:41 - 2016-05-28 05:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-14 22:41 - 2016-05-28 05:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-14 22:41 - 2016-05-28 05:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-14 22:41 - 2016-05-28 05:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 22:41 - 2016-05-28 05:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-14 22:41 - 2016-05-28 05:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-14 22:41 - 2016-05-28 05:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-14 22:41 - 2016-05-28 05:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-14 22:41 - 2016-05-28 05:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-14 22:41 - 2016-05-28 05:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-14 22:41 - 2016-05-28 05:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-14 22:41 - 2016-05-28 05:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-14 22:41 - 2016-05-28 05:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-14 22:41 - 2016-05-28 05:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-14 22:41 - 2016-05-28 05:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-14 22:41 - 2016-05-28 05:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-14 22:41 - 2016-05-28 05:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-14 22:41 - 2016-05-28 05:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-14 22:41 - 2016-05-28 05:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-14 22:41 - 2016-05-28 05:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-14 22:41 - 2016-05-28 05:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-14 22:41 - 2016-05-28 05:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-14 22:41 - 2016-05-28 05:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-14 22:41 - 2016-05-28 05:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-14 22:41 - 2016-05-28 05:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-14 22:41 - 2016-05-28 04:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-14 22:41 - 2016-05-28 04:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-14 22:41 - 2016-05-28 04:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-14 22:41 - 2016-05-28 04:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-09 18:20 - 2016-06-09 18:20 - 00000000 ____D C:\Users\Moto\AppData\Local\mslug3
2016-06-09 09:19 - 2016-06-09 09:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-09 09:19 - 2016-06-03 08:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-09 09:19 - 2016-06-03 04:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-09 09:19 - 2016-05-04 03:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-09 09:19 - 2016-05-04 03:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-09 09:19 - 2016-05-04 03:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-09 09:19 - 2016-05-04 03:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iTunes
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iPod
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-27 04:34 - 2016-01-02 12:03 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-27 03:43 - 2016-03-20 22:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-27 03:24 - 2016-05-04 15:46 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-06-27 03:24 - 2016-01-02 04:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-06-27 03:15 - 2016-04-20 18:48 - 01218544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-27 03:15 - 2016-04-20 14:32 - 00171290 _____ C:\WINDOWS\system32\prfh0404.dat
2016-06-27 03:15 - 2016-04-20 14:32 - 00057268 _____ C:\WINDOWS\system32\prfc0404.dat
2016-06-27 03:15 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-27 03:14 - 2016-04-28 16:56 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A706311-F243-4979-80A9-A75224DCACAD}
2016-06-27 03:14 - 2016-01-02 04:37 - 00000000 ____D C:\Users\Moto\AppData\Local\Adobe
2016-06-27 03:10 - 2016-05-04 15:47 - 00000000 ____D C:\Users\Moto\AppData\Local\Battle.net
2016-06-27 03:10 - 2016-01-02 18:14 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Skype
2016-06-27 03:10 - 2016-01-02 04:44 - 00000000 ___RD C:\Users\Moto\Creative Cloud Files
2016-06-27 03:10 - 2016-01-02 04:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-27 03:09 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-27 03:09 - 2016-02-13 18:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-27 03:09 - 2016-01-02 12:03 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-27 03:09 - 2016-01-02 04:52 - 00026192 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2016-06-26 17:02 - 2016-04-20 18:49 - 00000000 ____D C:\Users\Moto
2016-06-26 17:02 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-26 14:57 - 2016-05-05 12:10 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-26 12:55 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-25 14:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-24 18:59 - 2016-01-08 05:44 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-24 18:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-06-24 18:16 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-06-24 17:50 - 2016-01-24 05:37 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Yahoo!
2016-06-24 17:22 - 2016-01-02 05:32 - 00000000 ____D C:\Users\Moto\AppData\Local\CrashDumps
2016-06-24 16:38 - 2016-01-03 14:11 - 00000000 ____D C:\Users\Moto\AppData\Local\ElevatedDiagnostics
2016-06-24 16:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-24 16:37 - 2016-01-13 12:29 - 00000000 ____D C:\ProgramData\Oracle
2016-06-24 16:32 - 2016-01-13 12:30 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\Users\Moto\.oracle_jre_usage
2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-24 16:32 - 2016-01-13 12:29 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-22 13:06 - 2016-01-24 04:58 - 00000033 _____ C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat
2016-06-21 15:27 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Adobe
2016-06-21 15:24 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 15:24 - 2016-01-02 04:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Adobe
2016-06-21 14:57 - 2016-01-02 04:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-19 21:18 - 2016-01-02 21:09 - 00000000 ____D C:\Users\Moto\AppData\Roaming\vlc
2016-06-19 15:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 21:35 - 2016-01-02 12:03 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 21:14 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 21:06 - 2016-02-13 18:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 21:02 - 2016-02-13 10:23 - 04916168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 21:45 - 2016-01-02 04:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 21:42 - 2016-01-02 04:45 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 21:40 - 2016-01-02 04:41 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-14 21:01 - 2016-03-23 20:10 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-06-14 19:33 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-09 09:20 - 2016-03-23 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-09 09:19 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-06 11:45 - 2016-01-03 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ____D C:\ProgramData\Skype
2016-06-04 01:51 - 2015-08-29 00:31 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 08:22 - 2016-05-23 23:17 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-03 08:22 - 2016-05-23 23:17 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 08:22 - 2015-08-07 08:10 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 04:59 - 2016-04-20 18:47 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 04:59 - 2016-04-20 18:47 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 04:59 - 2016-04-20 18:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-03 04:59 - 2016-03-30 10:06 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 04:59 - 2016-03-30 10:06 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-02 22:48 - 2016-02-19 13:28 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-06-02 22:48 - 2016-02-19 13:28 - 00002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-06-01 06:25 - 2016-01-03 18:37 - 00000000 ____D C:\Users\Moto\AppData\Roaming\OBS
2016-05-29 21:35 - 2016-01-02 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-28 06:55 - 2016-02-13 18:28 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories =======

2016-01-24 04:58 - 2016-06-22 13:06 - 0000033 _____ () C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat
2016-02-15 06:51 - 2016-05-09 21:23 - 0001456 _____ () C:\Users\Moto\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-02 19:07 - 2016-01-02 19:07 - 0003584 _____ () C:\Users\Moto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-02 20:46 - 2016-04-14 00:41 - 0007643 _____ () C:\Users\Moto\AppData\Local\Resmon.ResmonCfg
2016-04-20 18:47 - 2016-04-20 18:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-24 05:35 - 2016-01-24 05:39 - 0000823 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-18 13:48

==================== End of FRST.txt ============================

 

and this is the 'Addition' file which was made 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Moto (2016-06-24 17:58:58)
Running from G:\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-20 18:03:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1643741209-629586362-3516323415-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1643741209-629586362-3516323415-503 - Limited - Disabled)
Guest (S-1-5-21-1643741209-629586362-3516323415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1643741209-629586362-3516323415-1002 - Limited - Enabled)
Moto (S-1-5-21-1643741209-629586362-3516323415-1000 - Administrator - Enabled) => C:\Users\Moto

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B15.0630.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe Animate CC 2015.2 (HKLM-x32\...\FLPR_15_2) (Version: 15.2 - Adobe Systems Incorporated)
Adobe Audition CC 2015.2 (HKLM-x32\...\AUDT_9_2_0) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_0_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.1.0 - Adobe Systems Incorporated)
AmbientLED B15.0520.1 (HKLM-x32\...\InstallShield_{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE)
AmbientLED B15.0520.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte)
APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assault Android Cactus (HKLM-x32\...\Steam App 250110) (Version:  - Witch Beam)
Batman™: Arkham Knight (HKLM\...\Steam App 208650) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 -  GIGABYTE)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - Playsaurus)
Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1511.3001 - GIGABYTE)
Cloud Station Server (x32 Version: 1.00.1511.3001 - GIGABYTE) Hidden
CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0018 - GIGABYTE)
CloudStation (x32 Version: 1.00.0018 - GIGABYTE) Hidden
Colortone (HKLM-x32\...\Steam App 375320) (Version:  - Kirill Belman)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.2.5742 - Corsair)
Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dex (HKLM-x32\...\Steam App 269650) (Version:  - Dreadlocks Ltd.)
Discord (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Discord) (Version: 0.0.290 - Hammer & Chisel, Inc.)
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dreaming Sarah (HKLM-x32\...\Steam App 296870) (Version:  - Andre Chagas Silva)
Duck Game (HKLM\...\Steam App 312530) (Version:  - Landon Podbielski)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE)
EasyTune (x32 Version: 1.15.0626 - GIGABYTE) Hidden
Elgato Game Capture HD (HKLM\...\{BD8B183B-2634-4040-B25F-3964751D462F}) (Version: 3.20.2.1502 - Elgato Systems GmbH)
Enter the Gungeon (HKLM\...\Steam App 311690) (Version:  - Dodge Roll)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EZSetup B15.0811.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
EZSetup B15.0811.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE)
Fast Boot (x32 Version: 1.15.0626 - GIGABYTE) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
GameCtrl B15.0803.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE)
GameCtrl B15.0803.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Gang Beasts (HKLM\...\Steam App 285900) (Version:  - Boneloaf)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Guild of Dungeoneering (HKLM\...\Steam App 317820) (Version:  - Gambrinous)
Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version:  - Defiant Development)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
High-Logic FontCreator 9.1 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HunieCam Studio (HKLM\...\Steam App 426000) (Version:  - HuniePot)
Intel(R) Chipset Device Software (x32 Version: 10.1.2.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
METAL SLUG 3 (HKLM\...\Steam App 250180) (Version:  - DotEmu)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
Murder (HKLM-x32\...\Steam App 404080) (Version:  - Peter Moorhead)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM-x32\...\Steam App 349040) (Version:  - CyberConnect2 Co. Ltd.)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B15.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Phantom Breaker: Battle Grounds (HKLM\...\Steam App 329490) (Version:  - MAGES.)
Poltergeist: A Pixelated Horror (HKLM-x32\...\Steam App 323700) (Version:  - Glitchy Pixel)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Read Only Memories (HKLM-x32\...\Steam App 330820) (Version:  - MidBoss, LLC.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Renowned Explorers: International Society (HKLM-x32\...\Steam App 296970) (Version:  - Abbey Games)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - Hopoo Games, LLC)
Road Redemption (HKLM-x32\...\Steam App 300380) (Version:  - Epic Quest  Games)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
ScpToolkit (HKLM\...\{4DB6F58D-A87D-4087-8FD7-B87FC4C72054}) (Version: 1.6.229.15365 - Nefarius Software Solutions)
Secret Ponchos (HKLM-x32\...\Steam App 265750) (Version:  - Switchblade Monkeys Entertainment)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shovel Knight (HKLM\...\Steam App 250760) (Version:  - Yacht Club Games)
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE)
SIV (x32 Version: 1.15.0701 - GIGABYTE) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Smart Recovery 2 B15.1002.1  (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0003 - GIGABYTE)
Smart TimeLock B15.0626.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B15.0626.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SpeedRunners (HKLM\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spotify (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter V (HKLM-x32\...\Steam App 310950) (Version:  - Capcom)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC)
The Bug Butcher (HKLM-x32\...\Steam App 350740) (Version:  - Awfully Nice Studios)
The Marvellous Miss Take (HKLM\...\Steam App 327310) (Version:  - Wonderstruck)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Type light 3.2.038 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 038 - CR8 Software Solutions)
Ultratron (HKLM-x32\...\Steam App 219190) (Version:  - Puppygames)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE)
VTuner (x32 Version: 1.15.0626 - GIGABYTE) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version:  - Firaxis)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D5F9018-105D-4680-B5EC-3943F27551E3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {0F9844FB-DBD7-4F4D-A4D7-73ACCF9738CD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {14D97E43-1636-4410-B922-FFE857DA5533} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {168AB430-FB91-41A8-9FF5-CCAB93B90931} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1991CADF-F402-4227-8400-867103C48792} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1AD56683-137C-4B97-9EE9-3B93F2027FAD} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {21FE65DD-2895-496E-B435-99DEA5628EC2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2C8E393F-9D61-41E8-B106-B61DF4DB75FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.)
Task: {3148EBA2-0CA4-46C0-A60F-35D31C8898B4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {35D8E9A0-AE1E-4B53-A16B-7FFDEDC86C10} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {3B4868C8-25E2-4BE1-8B95-2D1D34B76695} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {3C1704F1-AB09-45E4-A76D-24EAB02274AF} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {3D3162CE-D502-4A77-826B-5BFD93BD2230} - System32\Tasks\AdobeAAMUpdater-1.0-Sarah-Moto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {40208021-119E-4BCC-A6D4-757F0D7E0958} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {42713F69-5302-4ADD-9EE2-DCF4BEF6E573} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {4432CDF6-8F4B-41A7-809B-6161EF2D73CD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {462B99D0-C67C-4CD2-B483-AE2F2399AC31} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {51046135-D10B-426A-90A9-628E7FC05FE7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51875138-BEF2-45A6-A995-158C021984CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5EF7C3A0-FA21-4D31-B5DB-98FEEEA935E2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {66CBAFFE-E361-4472-B2E5-A3EF9B03EB9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {67A85CAB-BD85-447C-91B4-54121A2137DA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CF89165-B7FA-45C6-8326-71FFE9EDE7E9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {702C63BC-E036-4114-8C13-1D7E0BF14E90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {78E1B67D-BFA3-4A77-B1B3-5E4CFB977922} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-09-21] ()
Task: {7A9EBE94-98B0-45AF-8860-D2A77B72707E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7BB01A67-1A51-469B-9027-F834B8416418} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {8A580AED-1C90-4E46-9E00-F75E227EEEEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B25EAEC-0EB2-4F01-8804-616820D092ED} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8DB3194E-BE4B-475C-A0AA-40834A57273F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {9320D06B-7FE9-418F-8EBF-38C9B98FAFD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A8D884F5-A534-4985-B2FF-F3A10CDC7CA4} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B05BF8EC-6ACE-468C-ADAB-412655204634} - System32\Tasks\{D96E2F50-8C0E-437E-BC0E-620C93C159D6} => pcalua.exe -a G:\Downloads\atBIOS\setup.exe -d G:\Downloads\atBIOS
Task: {B10AF64B-8931-4423-8622-E1217F5F1363} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BCB0290C-9261-4465-9814-71A692E8BCFA} - System32\Tasks\{69189473-A455-4422-B8CC-34262F7CCD69} => pcalua.exe -a G:\Desktop\HijackThis.exe -d G:\Desktop
Task: {C2980F00-9F7F-4FC9-985C-7B31224CB1A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C4CF494C-7B54-4734-A183-0D4CCCCA10B9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C4FF7F19-DEDB-4FF6-8859-4DB0EB6201E7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C63E91BA-F82A-4B5F-A4B1-85F406A30E0A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {C68B4BFE-6FCF-4CBD-82FA-91B0C01F4985} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\Windows\System32\GWX\GWX.exe
Task: {CF62AB66-4030-4A7A-A0FC-B23511777967} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D68B8E12-293E-4C5E-9E47-9F748E040592} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D83B1817-7728-46D2-9CDC-6EFD92167346} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DD1B9A29-49AB-4CED-A498-3B533F0EEE06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {E01E3344-96D1-45C9-BDFA-57F035F15BE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E0F52BBF-83A4-485E-89A2-0922D15F77B0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E3870F23-BD82-48D4-9517-5321FD87D8A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {E5C66B98-FE6A-4965-9FC6-EE9E4654B3FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {F1F44088-57AF-4F82-B4A6-F5B792BD2454} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F208B383-9F25-489E-A77E-C2442F1EA3A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {F8270596-B4D8-48FE-9CCC-88CAE3C6E72E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Infinite HD App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=laealigljflmglcgncipdbmbjgjdpiim

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-20 18:47 - 2016-06-03 04:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2016-05-12 20:34 - 2016-05-12 20:34 - 00307712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\8646218657a9e1a03dfd1082f11cb43d\ReactiveSockets.ni.dll
2014-05-02 12:52 - 2014-05-02 12:52 - 00599040 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 07:55 - 2014-05-02 07:55 - 00185344 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 07:05 - 2014-05-02 07:05 - 00173056 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2014-09-24 20:57 - 2014-09-24 20:57 - 00034624 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe
2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-12 15:16 - 2016-05-12 15:16 - 00959168 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-20 18:49 - 2016-04-20 18:49 - 00008704 _____ () C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2016-02-13 18:02 - 2016-02-13 18:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 13:38 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 13:38 - 2016-04-23 05:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2016-06-14 22:41 - 2016-05-28 04:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 22:41 - 2016-05-28 04:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 22:41 - 2016-05-28 04:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 22:41 - 2016-05-28 04:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-02 15:26 - 2016-01-11 18:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-04-20 11:31 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-02-16 11:47 - 2015-02-16 11:47 - 00105472 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\ycc.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2016-03-23 20:10 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-12 15:16 - 2016-05-12 15:16 - 00679624 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-16 21:34 - 2016-06-15 10:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-16 21:34 - 2016-06-15 10:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-04-20 11:31 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2016-04-20 11:31 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2016-04-20 11:31 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-11-06 11:46 - 2015-11-06 11:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-13 11:52 - 2015-11-13 11:52 - 00824192 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-08 00:41 - 2016-06-08 00:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00121344 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-03 03:20 - 2016-06-03 03:20 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-05-20 17:30 - 2016-05-20 17:30 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-05-20 17:29 - 2016-05-20 17:29 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-01-04 04:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1643741209-629586362-3516323415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moto\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Moto\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "G:\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "Elgato Sound Capture"
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{34F16DFA-05A0-4411-9CB6-50B0B76E5282}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{370E29C0-E93F-4F15-8F51-2DFABFEA3268}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{F7B58E62-1C3E-4A2B-9E5A-1D5A6730A3E3}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe
FirewallRules: [{44069F59-4680-4E14-B369-FBA91FC604F2}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe
FirewallRules: [{C2965D9F-F5FE-4F18-9E3A-FF4F36C32B52}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{C1B1AB2D-A565-46B6-B850-A5E3AE974299}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{D495D03D-B88C-49DD-9326-0BF0115C7490}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{2B94CA5C-3F2F-442F-9C70-41D9A30D9526}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{C6A3CE8E-0F35-4598-A791-EB70599F1C6B}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe
FirewallRules: [{634FFD85-BC1C-4812-A3AB-CE3D14E3AEF5}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe
FirewallRules: [{78EC40A7-EBA2-498C-BA7C-FB0846AE5B27}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{F5746522-DCEC-4EF3-BCD1-68E0BE0521D3}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{897B4201-5466-41B3-BC6B-17CC0A3A856B}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{C278C86D-B5EE-48D6-9494-17A1B1236460}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{81307196-7BD0-4D6D-9902-8B80D31C5516}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe
FirewallRules: [{CFE92BF2-2B12-40A3-B798-2F7E5C36D125}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe
FirewallRules: [{C0C31D2F-A5D4-43A6-B978-3A266AA19900}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe
FirewallRules: [{C1BD2C63-A885-4C1F-89B9-643B9A102732}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe
FirewallRules: [{569D2C15-433F-418A-8D49-D60562CD4D0A}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{64F3FF5D-D91B-4691-ADB8-7D55FF9E0A79}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{6606998C-146E-4231-9624-9EAB07675A2A}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{09D9201E-F700-4163-B96F-4C0CA8EE2DFE}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{C15C657E-C12F-419F-9605-8CC998ECE614}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe
FirewallRules: [{2D823B94-5415-4BB4-88F3-4552C0C60393}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe
FirewallRules: [{A83C6427-045F-4E8B-870F-25E78D9A9D92}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe
FirewallRules: [{266BDFA5-875F-4D06-AFC2-A08F0FA20E3C}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe
FirewallRules: [{9240F07B-66BC-444E-B27B-FBE3CAECE5CA}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{4EF67D00-D91C-44BF-B6E6-2A4E82344D45}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{16544387-18A1-4C33-89B8-AF607E3C688B}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{7E8DA020-8A90-4B1A-A4A3-E9AD413B23FA}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{33921DE3-1678-47F3-B03D-58ADFAAA8E75}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{4262CF90-CDB3-48E4-8262-420F3959870C}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{E7A13D16-D383-4C17-BA17-967D807E7910}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{55146114-42A9-4CE5-9C2D-1F9131EEB6CE}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{55330B54-752C-4609-ADD0-E853567843B1}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{9B86476D-4B8E-4E99-BAAE-EDA3AE124075}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B8FE4828-C5B8-4A76-9B8F-BF26CB9750E5}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{5DD6404D-026D-42CA-9BD6-090EEAADD966}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{41B54F67-9BC0-4378-BAAB-62D37E28EE56}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe
FirewallRules: [{FF1F9AF3-EBAF-4536-9B22-747706491C3C}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe
FirewallRules: [{38EE0B79-7C2F-4E11-A694-6F9933F442F1}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [{F97DAFDF-83AA-4F82-92CA-16C7FF590E5F}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [{1D29C21C-4377-4608-9FF3-D5BC34CC3C4F}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe
FirewallRules: [{17CD0ECA-6326-4F1B-B6AB-9A4E8A102419}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe
FirewallRules: [{30D9CEDC-1322-4DE4-B4CE-B9D5047E8A54}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{040D1641-4C56-4A15-93CC-C40D90548981}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{C8178934-0524-4EC5-BA8B-7E3DAC08D530}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{5992693D-8903-47C6-BAA2-2756F7A6D6D3}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{1DC510B0-AEEB-4493-9188-C68DF1F32639}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe
FirewallRules: [{A5E43CD3-E354-41E3-9AC0-313D1EC0E1C5}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe
FirewallRules: [{333BC897-90AC-482F-8F21-EE9DF23F3DA5}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{127529E8-13F9-4DEA-B0E3-E697D0126341}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{984443CE-2414-4470-9101-6CD0D8751E51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{0F6F90B8-252C-4DED-9768-04BE7D70B184}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{737020B6-038D-47FD-A552-DEE0C32184F5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8BF08470-F436-4125-BC5C-9F5BE0BD8BC6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B23A9CBD-944A-4B8A-908D-F05FD7FE0A43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{862ED0C8-9A3B-43FA-BF95-D9BDF1C5F46B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{3481929B-73FE-4E93-AB4C-8D64F1514BB5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{EF6E2FFE-04E4-43E3-8238-B837DF95C4F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{D3FEAB5E-4E26-4E4C-BB4B-CF6EB31B41F9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{093BF596-4D5D-498C-BC4E-6B27BB70A194}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{312A6D96-6255-46D1-BA42-B2AE5C26F7DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{470BE6A0-726A-46DB-B85D-53BFD5782143}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{519D4705-92EC-46D2-9C72-FFDBB9A2BE77}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{BD8F58A2-001D-48B5-B334-C412CD9251C8}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{91FF854C-8A60-4441-BEFA-F55411869C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A56FB58A-4C3D-44A2-A7B8-30B1F51D34DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{04DC6D2D-5496-4AFC-B81C-F659EAA5D7DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{25A176A3-16B1-4F36-92F8-6E9052135F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B746569-C12E-434A-B519-C4F88BF1F3C1}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{47272534-44FF-4A2B-900D-A8E83FA9CAA9}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{CF14700C-45FB-416A-9165-B3F05A854DF9}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{44AFC687-00BC-400D-9488-7B3C183E5F86}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{8466E68E-4FC1-419F-8EEA-B68DF3D3F849}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{45C56902-A463-4E95-9EE4-F117A0A0E5AC}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{C1C31FCB-560F-4B70-89DF-BD38FF695D2E}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe
FirewallRules: [{174710AB-2116-4E23-950E-626C3A82AD77}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe
FirewallRules: [{58353D8B-67DF-48AA-BA6F-BB9D0FB051C8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{A3642419-CCC8-4855-ABD2-8031EE486622}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{C2C56234-E2FE-4E48-8DE1-CA7B0B7A173A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4C546305-7914-43E0-B9C4-E7D008A8641A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{A9D776B6-2B87-42BC-BC1E-485822AF4E95}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CBC4515A-2873-4CC4-A195-D80B9F4C6BA5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{07CB98CA-5F80-43B9-A072-FE3355D96FA9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BA759C96-9FF3-4CA9-B4FD-5EF5D1217F07}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{CB8CE0AB-2C77-4120-8008-0096614F5CDB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2C2F497D-C1AE-4205-99D0-498CD78474EF}] => (Allow) LPort=8844
FirewallRules: [{FB9D0B5C-521E-4050-AEEC-E764B21810CF}] => (Allow) LPort=1900
FirewallRules: [{01B461EF-AA00-4C4D-8D0A-D6E2A15D2FFC}] => (Allow) LPort=1900
FirewallRules: [{C73DDE85-C48D-40DC-8C59-3DFB65676C41}] => (Allow) LPort=1980
FirewallRules: [{821B5ED0-202B-43B7-AD37-01B0958A4049}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{6C39CC60-F195-44B3-9FD9-553BE0B136CC}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{4A18B241-9257-498B-A638-3A4ADD4E1B2D}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [{EDEFC1A6-6235-460A-906A-2304A28D2E42}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{842DAF56-24D4-4E0B-B32A-58BC936FE22F}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2EB9C82B-3AD7-4B9E-BD8E-4451DC46CB83}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{54488B43-960F-4D12-AE69-0946E2CDD058}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{BEF599F6-1DDE-459C-BA3D-83F26BE54C6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9683C0F8-A9CB-4186-BB0A-72A33E7F75E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{71A4F426-78BA-45F0-9846-4E98A821D710}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CD76C50E-AD9D-40D4-B774-7602C6B418BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AEE12E4A-3222-4045-91F6-19243B6C043E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{715BEECC-1619-4764-A28E-88797F5736CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6711424F-4792-4727-A710-245B80991B2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AA2A22BC-7D90-4B13-A822-729F908D5179}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{94A526D4-60F7-4E85-8877-F8484FF5354C}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{2EFEF08A-2605-49E1-AA2E-757F35357D23}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3A3C1E4B-CEF6-4B6D-9771-14C0257FECE4}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{9CD1A4CD-3418-42DB-A2FB-BD17916ACD7F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{97FDE75A-EFF0-4D0F-9337-A4FF2739435F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{7DDEDE23-8EA3-42CC-9483-BF4D509B05D3}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe
FirewallRules: [{778BBD36-E31F-4D0C-BC80-85AB5D6EB0C5}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe
FirewallRules: [{71FD6C43-3435-455C-9003-92844E435C9A}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{ED93A94E-3585-411B-8DFD-46E4BF277273}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{1A7C2B0D-AE80-45DF-9D84-B70264F5B9A0}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{DC823B45-6A70-429E-897A-B8F473594558}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{5CA73B85-4988-4426-A422-80CED2383079}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{55A8DEB8-8EEC-48BB-B6C3-24EC61FEC173}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{BC1D0292-4AEE-4D48-848B-06836A171463}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{972A9258-F0E0-4B80-94DA-785704AB3C8A}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{8C756373-14E7-43C7-86D7-F455CD411704}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{42F3BB53-D6E0-4E2A-9AF7-2F4A515ACF26}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{1E9EB20A-38B2-49C6-9E7F-08514D986BBC}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{C98FCD3A-75DB-4758-9D04-78A42CC9689B}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{C023F0B8-3DB5-48E9-9153-AEA0C16CE10D}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{BAE0B04E-D105-4630-8B40-39CB5487E1BE}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{D1036E5B-5F4F-46CA-8947-0AEC60F7FC2A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{017611F5-21A5-45BA-A716-9E9A1D831ACE}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{38EB278A-52FB-4BD5-BF8C-343A419CCB30}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{CB3BF89D-DAD2-429C-BF11-27907AA75F2B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EF435C5B-9A92-461F-8ADE-84D1AAD6DBCA}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{6926DFA3-F39B-4F35-B750-809B11A1A7AE}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{2C9BFD9B-ABAC-4E56-9B53-60D481B088E4}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe
FirewallRules: [{0F9BFCA7-AC9C-4388-B0B6-078162F63C87}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe
FirewallRules: [{53D6424B-907C-49B1-884F-6C2E48F7D84B}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{B2ED2CAB-75A6-4F8E-9FB9-9B11C28C0921}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

21-06-2016 15:24:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
21-06-2016 15:24:28 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
24-06-2016 17:20:46 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2016 05:52:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process ID: 0x13f4
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report ID: NvStreamNetworkService.exe3
Faulting package full name: NvStreamNetworkService.exe4
Faulting package-relative application ID: NvStreamNetworkService.exe5

Error: (06/24/2016 05:22:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Adobe CEF Helper.exe, version: 3.7.0.271, time stamp: 0x57515883
Faulting module name: libcef.dll, version: 3.2171.2069.0, time stamp: 0x551bdc44
Exception code: 0xc0000005
Fault offset: 0x00444106
Faulting process ID: 0x288c
Faulting application start time: 0xAdobe CEF Helper.exe0
Faulting application path: Adobe CEF Helper.exe1
Faulting module path: Adobe CEF Helper.exe2
Report ID: Adobe CEF Helper.exe3
Faulting package full name: Adobe CEF Helper.exe4
Faulting package-relative application ID: Adobe CEF Helper.exe5

Error: (06/24/2016 05:20:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/24/2016 05:04:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process ID: 0x2d60
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report ID: NvStreamNetworkService.exe3
Faulting package full name: NvStreamNetworkService.exe4
Faulting package-relative application ID: NvStreamNetworkService.exe5

Error: (06/22/2016 02:03:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f
Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643
Exception code: 0xc0000005
Fault offset: 0x000000000019c458
Faulting process ID: 0x220c
Faulting application start time: 0xAdobe Premiere Pro.exe0
Faulting application path: Adobe Premiere Pro.exe1
Faulting module path: Adobe Premiere Pro.exe2
Report ID: Adobe Premiere Pro.exe3
Faulting package full name: Adobe Premiere Pro.exe4
Faulting package-relative application ID: Adobe Premiere Pro.exe5

Error: (06/21/2016 04:18:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f
Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643
Exception code: 0xc0000005
Fault offset: 0x000000000019c458
Faulting process ID: 0x2608
Faulting application start time: 0xAdobe Premiere Pro.exe0
Faulting application path: Adobe Premiere Pro.exe1
Faulting module path: Adobe Premiere Pro.exe2
Report ID: Adobe Premiere Pro.exe3
Faulting package full name: Adobe Premiere Pro.exe4
Faulting package-relative application ID: Adobe Premiere Pro.exe5

Error: (06/21/2016 03:24:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/21/2016 03:24:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/20/2016 12:04:16 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: Access is denied. (0x80070005).

Error: (06/20/2016 12:04:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (06/24/2016 05:52:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (06/24/2016 05:52:14 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056 = An instance of the service is already running.


Error: (06/24/2016 05:50:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2016-06-19 19:00:13.820
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-18 13:06:52.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 21:02:14.837
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 22:04:15.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-23 17:26:06.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-21 04:08:55.886
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-20 04:36:53.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 04:26:54.937
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 04:01:32.726
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 15:03:41.951
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 11%
Total physical RAM: 32574.06 MB
Available physical RAM: 28985.02 MB
Total Virtual: 65342.06 MB
Available Virtual: 61505.16 MB

==================== Drives ================================

Drive c: (Sarah) (Fixed) (Total:222.9 GB) (Free:119.74 GB) NTFS
Drive f: (Pandora) (Fixed) (Total:1862.88 GB) (Free:644.21 GB) exFAT
Drive g: (Mei) (Fixed) (Total:1863.01 GB) (Free:570.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D347A590)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=42)

========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: DB3EED98)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

 

Thanks again for your time

-Moto

Link to post
Share on other sites

  • Root Admin

Hello @AppleMoto

I've done a couple of these recently. One was fixed by cleanup and a couple others were not. Which leads me to believe there is possibly some type of registry damage that is involved here. We can look at scanning for any malware first and clean up but no promise we'll be able to find and fix this issue, but we'll try.

 

Please read the following and post back the logs when ready and we'll see what wee can do

Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.

  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
  • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly
  • Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive
  • Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you.
  • The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue.
  • You can check here if you're not sure if your computer is 32-bit or 64-bit
  • Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners.
  • When we are done, I'll give you instructions on how to cleanup all the tools and logs
  • Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.
  • Your topic will be closed if you haven't replied within 3 days
  • (If I have not responded within 24 hours, please send me a Private Message as a reminder)



STEP 01
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1 | Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 02
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe



STEP 03
Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below please see the following:
MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

Link to post
Share on other sites

Thanks for getting back to me okay Here's the log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 01/07/2016
Scan Time: 23:30
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.01.09
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Moto

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374566
Time Elapsed: 7 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

  • Root Admin

Please go ahead and run through the following steps and post back the logs when ready. If the ESET antivirus scan hangs then just skip it and move on.

STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus



STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista / Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.


STEP 06
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.



STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
Link to post
Share on other sites

it was upgraded from windows 7, probably like 2 or 3 months ago.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Pro x64 
Ran by Moto (Administrator) on 02/07/2016 at  1:26:19.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 0 


Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/07/2016 at  1:27:22.09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

# AdwCleaner v5.201 - Logfile created 02/07/2016 at 01:44:11
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-01.1 [Server]
# Operating system : Windows 10 Pro  (X64)
# Username : Moto - SARAH
# Running from : G:\Desktop\AdwCleaner (1).exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3288 bytes] - [24/06/2016 17:50:45]
C:\AdwCleaner\AdwCleaner[S1].txt - [3256 bytes] - [24/06/2016 17:45:15]
C:\AdwCleaner\AdwCleaner[S2].txt - [753 bytes] - [02/07/2016 01:44:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [825 bytes] ##########
 

ESET Came back clean, no threats found

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Moto (administrator) on SARAH (02-07-2016 03:23:21)
Running from G:\Desktop
Loaded Profiles: Moto (Available Profiles: Moto & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\Gigabyte\AmbientLED\LEDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\TimeMgmtDaemon.exe
(Scarlet.Crush Productions) C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\Gigabyte\Smart TimeLock\AlarmClock.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5020\Agent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() G:\Desktop\AdwCleaner (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) G:\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-05-05] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1259008 2016-04-05] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\RunOnce: [EasyTune] => C:\Program Files (x86)\Gigabyte\EasyTune\etro.exe [5632 2014-08-18] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Spotify Web Helper] => C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-16] (Spotify Ltd)
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Discord] => C:\Users\Moto\AppData\Local\Discord\app-0.0.290\Discord.exe [57924280 2016-05-05] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-01-02]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\Gigabyte\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-01-24]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-01-08]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions)
Startup: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktop.scf [2013-05-06] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{06fe9622-fd21-4162-a578-1daad5f44bb1}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1643741209-629586362-3516323415-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-24] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-02] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-24] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-01-24] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-20]
FF HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (BetterTTV) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-04]
CHR Extension: (Kaspersky Protection) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-02-19]
CHR Extension: (Infinite HD App) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\laealigljflmglcgncipdbmbjgjdpiim [2016-06-22]
CHR Extension: (TubeBuddy) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2016-07-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Moto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-01-02] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2015-12-31] (Scarlet.Crush Productions) [File not signed]
R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2015-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LEDCtrl; C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe [34624 2014-09-24] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart TimeLock\TimeMgmtDaemon.exe [102400 2013-02-22] (Gigabyte Technology CO., LTD.) [File not signed]
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [43488 2015-11-06] (UB658)
R3 ElgatoVAD; C:\Windows\system32\DRIVERS\ElgatoVAD.sys [28800 2016-03-30] (Elgato Systems GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-01-02] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-02] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-25] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-04-23] (hxxp://libusb-win32.sourceforge.net)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-07] (Intel Corporation)
R3 MZ0380.X64; C:\Windows\system32\DRIVERS\MZ0380.X64.SYS [3528456 2016-03-29] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-02 01:45 - 2016-07-02 01:45 - 00000000 ____D C:\Users\Moto\AppData\Local\ESET
2016-07-01 23:27 - 2016-07-01 23:27 - 00000000 ____D C:\WINDOWS\ERDNT
2016-07-01 23:27 - 2016-07-01 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2016-07-01 23:27 - 2016-07-01 23:27 - 00000000 ____D C:\Program Files (x86)\ERUNT
2016-06-25 12:29 - 2016-06-25 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Test
2016-06-24 19:11 - 2016-06-24 19:11 - 00000000 ____D C:\Users\Moto\AppData\Local\PeerDistRepub
2016-06-24 19:01 - 2016-06-24 19:01 - 00000000 ____D C:\Users\Moto\AppData\Local\ActiveSync
2016-06-24 18:59 - 2016-06-24 18:59 - 00000000 ____D C:\Users\Moto\.android
2016-06-24 18:21 - 2016-06-24 18:00 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-06-24 18:00 - 2016-06-24 18:19 - 00000000 ____D C:\zoek_backup
2016-06-24 17:58 - 2016-07-02 03:23 - 00000000 ____D C:\FRST
2016-06-24 17:44 - 2016-07-02 01:44 - 00000000 ____D C:\AdwCleaner
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignf50f45bb3287bb54
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignb1c5c93b4d5fae5f
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6af0b4a821d51b28
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign6982e884f92a7019
2016-06-22 13:07 - 2016-06-22 13:07 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign2d6006ca443bf9eb
2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsignc36f1afca5bd07cb
2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9354230b3c411d78
2016-06-22 13:06 - 2016-06-22 13:06 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign23c18db989f93014
2016-06-22 01:44 - 2016-06-22 01:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\dungeoneering
2016-06-21 15:24 - 2016-06-21 15:24 - 00001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe SpeedGrade CC 2015.lnk
2016-06-21 15:22 - 2016-06-21 15:22 - 00000000 ____D C:\Users\Moto\AppData\Local\Tempzxpsign9ddec1ddef1b277e
2016-06-21 15:20 - 2016-06-21 15:20 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate CC 2015.2.lnk
2016-06-21 15:16 - 2016-06-21 15:16 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.2.lnk
2016-06-21 15:13 - 2016-06-21 15:13 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-06-21 15:09 - 2016-06-21 15:09 - 00002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.3.lnk
2016-06-21 15:06 - 2016-06-21 15:06 - 00001144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-06-21 15:01 - 2016-06-21 15:01 - 00001252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.3.lnk
2016-06-21 14:58 - 2016-06-21 14:58 - 00001356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview 4).lnk
2016-06-21 14:54 - 2016-06-21 14:54 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-06-19 15:35 - 2016-06-19 15:35 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-14 22:41 - 2016-05-28 07:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-14 22:41 - 2016-05-28 07:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-14 22:41 - 2016-05-28 06:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-14 22:41 - 2016-05-28 06:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-14 22:41 - 2016-05-28 06:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-14 22:41 - 2016-05-28 06:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-14 22:41 - 2016-05-28 06:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-14 22:41 - 2016-05-28 06:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-14 22:41 - 2016-05-28 06:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-14 22:41 - 2016-05-28 06:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-14 22:41 - 2016-05-28 06:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-14 22:41 - 2016-05-28 06:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-14 22:41 - 2016-05-28 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-14 22:41 - 2016-05-28 06:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-14 22:41 - 2016-05-28 06:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-14 22:41 - 2016-05-28 06:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-14 22:41 - 2016-05-28 06:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-14 22:41 - 2016-05-28 06:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-14 22:41 - 2016-05-28 06:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-14 22:41 - 2016-05-28 06:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-14 22:41 - 2016-05-28 06:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-14 22:41 - 2016-05-28 06:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-14 22:41 - 2016-05-28 06:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-14 22:41 - 2016-05-28 06:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-14 22:41 - 2016-05-28 06:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 22:41 - 2016-05-28 06:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-14 22:41 - 2016-05-28 06:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-14 22:41 - 2016-05-28 06:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-14 22:41 - 2016-05-28 06:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-14 22:41 - 2016-05-28 06:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-14 22:41 - 2016-05-28 06:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-14 22:41 - 2016-05-28 06:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-14 22:41 - 2016-05-28 06:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-14 22:41 - 2016-05-28 06:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-14 22:41 - 2016-05-28 06:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-14 22:41 - 2016-05-28 05:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-14 22:41 - 2016-05-28 05:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-14 22:41 - 2016-05-28 05:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-14 22:41 - 2016-05-28 05:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-14 22:41 - 2016-05-28 05:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-14 22:41 - 2016-05-28 05:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-14 22:41 - 2016-05-28 05:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-14 22:41 - 2016-05-28 05:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-14 22:41 - 2016-05-28 05:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-14 22:41 - 2016-05-28 05:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-14 22:41 - 2016-05-28 05:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-14 22:41 - 2016-05-28 05:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-14 22:41 - 2016-05-28 05:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-14 22:41 - 2016-05-28 05:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-14 22:41 - 2016-05-28 05:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-14 22:41 - 2016-05-28 05:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-14 22:41 - 2016-05-28 05:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-14 22:41 - 2016-05-28 05:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-14 22:41 - 2016-05-28 05:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-14 22:41 - 2016-05-28 05:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-14 22:41 - 2016-05-28 05:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-14 22:41 - 2016-05-28 05:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-14 22:41 - 2016-05-28 05:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-14 22:41 - 2016-05-28 05:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-14 22:41 - 2016-05-28 05:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-14 22:41 - 2016-05-28 05:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-14 22:41 - 2016-05-28 05:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-14 22:41 - 2016-05-28 05:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-14 22:41 - 2016-05-28 05:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-14 22:41 - 2016-05-28 05:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-14 22:41 - 2016-05-28 05:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-14 22:41 - 2016-05-28 05:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-14 22:41 - 2016-05-28 05:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-14 22:41 - 2016-05-28 05:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-14 22:41 - 2016-05-28 05:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-14 22:41 - 2016-05-28 05:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-14 22:41 - 2016-05-28 05:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-14 22:41 - 2016-05-28 05:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-14 22:41 - 2016-05-28 05:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-14 22:41 - 2016-05-28 05:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-14 22:41 - 2016-05-28 05:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-14 22:41 - 2016-05-28 05:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-14 22:41 - 2016-05-28 05:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-14 22:41 - 2016-05-28 05:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-14 22:41 - 2016-05-28 05:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-14 22:41 - 2016-05-28 05:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-14 22:41 - 2016-05-28 05:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-14 22:41 - 2016-05-28 05:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-14 22:41 - 2016-05-28 05:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-14 22:41 - 2016-05-28 05:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-14 22:41 - 2016-05-28 05:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-14 22:41 - 2016-05-28 05:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-14 22:41 - 2016-05-28 05:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-14 22:41 - 2016-05-28 05:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-14 22:41 - 2016-05-28 05:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-14 22:41 - 2016-05-28 05:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-14 22:41 - 2016-05-28 05:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-14 22:41 - 2016-05-28 05:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-14 22:41 - 2016-05-28 05:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-14 22:41 - 2016-05-28 05:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-14 22:41 - 2016-05-28 05:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-14 22:41 - 2016-05-28 05:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-14 22:41 - 2016-05-28 05:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-14 22:41 - 2016-05-28 05:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-14 22:41 - 2016-05-28 05:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-14 22:41 - 2016-05-28 05:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-14 22:41 - 2016-05-28 05:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-14 22:41 - 2016-05-28 05:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-14 22:41 - 2016-05-28 04:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-14 22:41 - 2016-05-28 04:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-14 22:41 - 2016-05-28 04:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-14 22:41 - 2016-05-28 04:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-14 22:41 - 2016-05-28 04:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-09 18:20 - 2016-06-09 18:20 - 00000000 ____D C:\Users\Moto\AppData\Local\mslug3
2016-06-09 09:19 - 2016-06-09 09:19 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-09 09:19 - 2016-06-03 08:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00786176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00631288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00601752 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00549240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00452616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00385592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00316632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00153232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-06-09 09:19 - 2016-06-03 08:22 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-06-09 09:19 - 2016-06-03 04:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-09 09:19 - 2016-05-04 03:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-09 09:19 - 2016-05-04 03:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-09 09:19 - 2016-05-04 03:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-09 09:19 - 2016-05-04 03:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iTunes
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files\iPod
2016-06-06 11:45 - 2016-06-06 11:45 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-02 03:23 - 2016-05-04 15:47 - 00000000 ____D C:\Users\Moto\AppData\Local\Battle.net
2016-07-02 03:23 - 2016-01-02 18:14 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Skype
2016-07-02 02:43 - 2016-03-20 22:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-02 02:34 - 2016-01-02 12:03 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-02 02:00 - 2016-01-02 04:37 - 00000000 ____D C:\Users\Moto\AppData\Local\Adobe
2016-07-02 01:27 - 2016-01-02 04:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-02 01:26 - 2016-01-02 05:32 - 00000000 ____D C:\Users\Moto\AppData\Local\CrashDumps
2016-07-01 23:53 - 2016-05-04 15:46 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-01 23:34 - 2016-01-02 12:03 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-01 23:30 - 2016-03-27 23:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 23:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-01 23:17 - 2016-04-20 18:48 - 01218544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 23:17 - 2016-04-20 14:32 - 00171290 _____ C:\WINDOWS\system32\prfh0404.dat
2016-07-01 23:17 - 2016-04-20 14:32 - 00057268 _____ C:\WINDOWS\system32\prfc0404.dat
2016-07-01 23:17 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-01 23:16 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 23:15 - 2016-04-28 16:56 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A706311-F243-4979-80A9-A75224DCACAD}
2016-07-01 23:12 - 2016-01-02 04:44 - 00000000 ___RD C:\Users\Moto\Creative Cloud Files
2016-07-01 23:12 - 2016-01-02 04:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-07-01 23:11 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-01 23:11 - 2016-02-13 18:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-01 23:11 - 2016-01-02 04:52 - 00026192 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys
2016-07-01 02:21 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-30 21:01 - 2016-05-05 12:10 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-06-30 01:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-28 03:15 - 2016-03-11 11:55 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Spotify
2016-06-28 00:20 - 2016-03-11 11:56 - 00000000 ____D C:\Users\Moto\AppData\Local\Spotify
2016-06-26 17:02 - 2016-04-20 18:49 - 00000000 ____D C:\Users\Moto
2016-06-24 18:59 - 2016-01-08 05:44 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-24 18:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-06-24 18:16 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-06-24 17:50 - 2016-01-24 05:37 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Yahoo!
2016-06-24 16:38 - 2016-01-03 14:11 - 00000000 ____D C:\Users\Moto\AppData\Local\ElevatedDiagnostics
2016-06-24 16:37 - 2016-01-13 12:29 - 00000000 ____D C:\ProgramData\Oracle
2016-06-24 16:32 - 2016-01-13 12:30 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\Users\Moto\.oracle_jre_usage
2016-06-24 16:32 - 2016-01-13 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-24 16:32 - 2016-01-13 12:29 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-22 13:06 - 2016-01-24 04:58 - 00000033 _____ C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat
2016-06-21 15:27 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Adobe
2016-06-21 15:24 - 2016-01-02 05:08 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 15:24 - 2016-01-02 04:44 - 00000000 ____D C:\Users\Moto\AppData\Roaming\Adobe
2016-06-21 14:57 - 2016-01-02 04:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-19 21:18 - 2016-01-02 21:09 - 00000000 ____D C:\Users\Moto\AppData\Roaming\vlc
2016-06-19 15:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 21:35 - 2016-01-02 12:03 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 21:14 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 21:06 - 2016-02-13 18:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 21:02 - 2016-02-13 10:23 - 04916168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-06-16 09:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 21:45 - 2016-01-02 04:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 21:42 - 2016-01-02 04:45 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 21:40 - 2016-01-02 04:41 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-14 21:01 - 2016-03-23 20:10 - 01767944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 01377800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-06-14 21:01 - 2016-03-23 20:10 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-06-14 19:33 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-09 09:20 - 2016-03-23 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-09 09:19 - 2016-04-20 18:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-06 11:45 - 2016-01-03 21:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-06 10:17 - 2016-01-02 18:14 - 00000000 ____D C:\ProgramData\Skype
2016-06-04 01:51 - 2015-08-29 00:31 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 08:22 - 2016-05-23 23:17 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-03 08:22 - 2016-05-23 23:17 - 00379808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 08:22 - 2015-08-29 00:31 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 08:22 - 2015-08-07 08:10 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 04:59 - 2016-04-20 18:47 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 04:59 - 2016-04-20 18:47 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 04:59 - 2016-04-20 18:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 04:59 - 2016-04-20 18:47 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-03 04:59 - 2016-03-30 10:06 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 04:59 - 2016-03-30 10:06 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-02 22:48 - 2016-02-19 13:28 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-06-02 22:48 - 2016-02-19 13:28 - 00002119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk

==================== Files in the root of some directories =======

2016-01-24 04:58 - 2016-06-22 13:06 - 0000033 _____ () C:\Users\Moto\AppData\Roaming\AdobeWLCMCache.dat
2016-02-15 06:51 - 2016-05-09 21:23 - 0001456 _____ () C:\Users\Moto\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-02 19:07 - 2016-01-02 19:07 - 0003584 _____ () C:\Users\Moto\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-02 20:46 - 2016-04-14 00:41 - 0007643 _____ () C:\Users\Moto\AppData\Local\Resmon.ResmonCfg
2016-04-20 18:47 - 2016-04-20 18:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-24 05:35 - 2016-01-24 05:39 - 0000823 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Moto\AppData\Local\Temp\libeay32.dll
C:\Users\Moto\AppData\Local\Temp\msvcr120.dll
C:\Users\Moto\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-27 15:51

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01
Ran by Moto (2016-06-24 17:58:58)
Running from G:\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-20 18:03:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1643741209-629586362-3516323415-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1643741209-629586362-3516323415-503 - Limited - Disabled)
Guest (S-1-5-21-1643741209-629586362-3516323415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1643741209-629586362-3516323415-1002 - Limited - Enabled)
Moto (S-1-5-21-1643741209-629586362-3516323415-1000 - Administrator - Enabled) => C:\Users\Moto

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B15.0630.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_0) (Version: 13.8.0 - Adobe Systems Incorporated)
Adobe Animate CC 2015.2 (HKLM-x32\...\FLPR_15_2) (Version: 15.2 - Adobe Systems Incorporated)
Adobe Audition CC 2015.2 (HKLM-x32\...\AUDT_9_2_0) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_0_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_3_0) (Version: 10.3.0 - Adobe Systems Incorporated)
Adobe SpeedGrade CC 2015 (HKLM-x32\...\{8FD7F1DB-7355-469E-A3F2-2118148D8477}) (Version: 9.1.0 - Adobe Systems Incorporated)
AmbientLED B15.0520.1 (HKLM-x32\...\InstallShield_{31D031E2-A5CC-47F2-BAAD-13B4494E8077}) (Version: 1.00.0000 - GIGABYTE)
AmbientLED B15.0520.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte)
APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assault Android Cactus (HKLM-x32\...\Steam App 250110) (Version:  - Witch Beam)
Batman™: Arkham Knight (HKLM\...\Steam App 208650) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
BUSB (HKLM-x32\...\{0AADC50C-C4F8-49A7-8699-AFE46875CA67}) (Version: 1.14.0819.1 -  GIGABYTE)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - Playsaurus)
Cloud Station Server (HKLM-x32\...\InstallShield_{41B20CB6-32EE-468B-982C-4864E2135BD0}) (Version: 1.00.1511.3001 - GIGABYTE)
Cloud Station Server (x32 Version: 1.00.1511.3001 - GIGABYTE) Hidden
CloudStation (HKLM-x32\...\InstallShield_{6D8DA122-A40A-421B-9D95-FE4C806BCDBE}) (Version: 1.00.0018 - GIGABYTE)
CloudStation (x32 Version: 1.00.0018 - GIGABYTE) Hidden
Colortone (HKLM-x32\...\Steam App 375320) (Version:  - Kirill Belman)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.2.5742 - Corsair)
Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dex (HKLM-x32\...\Steam App 269650) (Version:  - Dreadlocks Ltd.)
Discord (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Discord) (Version: 0.0.290 - Hammer & Chisel, Inc.)
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Don't Starve Together Beta (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
Dreaming Sarah (HKLM-x32\...\Steam App 296870) (Version:  - Andre Chagas Silva)
Duck Game (HKLM\...\Steam App 312530) (Version:  - Landon Podbielski)
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.15.0626 - GIGABYTE)
EasyTune (x32 Version: 1.15.0626 - GIGABYTE) Hidden
Elgato Game Capture HD (HKLM\...\{BD8B183B-2634-4040-B25F-3964751D462F}) (Version: 3.20.2.1502 - Elgato Systems GmbH)
Enter the Gungeon (HKLM\...\Steam App 311690) (Version:  - Dodge Roll)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EZSetup B15.0811.1 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE)
EZSetup B15.0811.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE)
Fast Boot (x32 Version: 1.15.0626 - GIGABYTE) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Game Capture HD v2.3.3.40 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 2.3.3.40 - Elgato Systems)
Game Capture HD60 Pro v1.1.0.149 (HKLM-x32\...\Software_Elgato_Game Capture HD60 Pro) (Version: 1.1.0.149 - Elgato Systems)
Game Capture HD60 S v1.1.0.160 (HKLM-x32\...\Software_Elgato_Game Capture HD60 S) (Version: 1.1.0.160 - Elgato Systems)
Game Capture HD60 v2.1.1.4 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.4 - Elgato Systems)
GameCtrl B15.0803.1 (HKLM-x32\...\InstallShield_{6BBE6CF2-84B2-4ECA-9ECA-C56925C1CCE2}) (Version: 1.00.0000 - GIGABYTE)
GameCtrl B15.0803.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Gang Beasts (HKLM\...\Steam App 285900) (Version:  - Boneloaf)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.22.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Guild of Dungeoneering (HKLM\...\Steam App 317820) (Version:  - Gambrinous)
Hand Of Fate (HKLM-x32\...\Steam App 266510) (Version:  - Defiant Development)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
High-Logic FontCreator 9.1 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.4.18.7 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HunieCam Studio (HKLM\...\Steam App 426000) (Version:  - HuniePot)
Intel(R) Chipset Device Software (x32 Version: 10.1.2.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
METAL SLUG 3 (HKLM\...\Steam App 250180) (Version:  - DotEmu)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
Murder (HKLM-x32\...\Steam App 404080) (Version:  - Peter Moorhead)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 4 (HKLM-x32\...\Steam App 349040) (Version:  - CyberConnect2 Co. Ltd.)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B15.0709.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Phantom Breaker: Battle Grounds (HKLM\...\Steam App 329490) (Version:  - MAGES.)
Poltergeist: A Pixelated Horror (HKLM-x32\...\Steam App 323700) (Version:  - Glitchy Pixel)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Read Only Memories (HKLM-x32\...\Steam App 330820) (Version:  - MidBoss, LLC.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Renowned Explorers: International Society (HKLM-x32\...\Steam App 296970) (Version:  - Abbey Games)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - Hopoo Games, LLC)
Road Redemption (HKLM-x32\...\Steam App 300380) (Version:  - Epic Quest  Games)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
ScpToolkit (HKLM\...\{4DB6F58D-A87D-4087-8FD7-B87FC4C72054}) (Version: 1.6.229.15365 - Nefarius Software Solutions)
Secret Ponchos (HKLM-x32\...\Steam App 265750) (Version:  - Switchblade Monkeys Entertainment)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shovel Knight (HKLM\...\Steam App 250760) (Version:  - Yacht Club Games)
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE)
SIV (x32 Version: 1.15.0701 - GIGABYTE) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Smart Recovery 2 B15.1002.1  (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 1.00.0003 - GIGABYTE)
Smart TimeLock B15.0626.1 (HKLM-x32\...\InstallShield_{5D93E30A-78A3-4890-962F-56B61A5873DD}) (Version: 1.00.0001 - GIGABYTE)
Smart TimeLock B15.0626.1 (x32 Version: 1.00.0001 - GIGABYTE) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SpeedRunners (HKLM\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spotify (HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Fighter V (HKLM-x32\...\Steam App 310950) (Version:  - Capcom)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC)
The Bug Butcher (HKLM-x32\...\Steam App 350740) (Version:  - Awfully Nice Studios)
The Marvellous Miss Take (HKLM\...\Steam App 327310) (Version:  - Wonderstruck)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Type light 3.2.038 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 038 - CR8 Software Solutions)
Ultratron (HKLM-x32\...\Steam App 219190) (Version:  - Puppygames)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.15.0626 - GIGABYTE)
VTuner (x32 Version: 1.15.0626 - GIGABYTE) Hidden
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XCOM 2 (HKLM-x32\...\Steam App 268500) (Version:  - Firaxis)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1643741209-629586362-3516323415-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D5F9018-105D-4680-B5EC-3943F27551E3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {0F9844FB-DBD7-4F4D-A4D7-73ACCF9738CD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {14D97E43-1636-4410-B922-FFE857DA5533} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {168AB430-FB91-41A8-9FF5-CCAB93B90931} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1991CADF-F402-4227-8400-867103C48792} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1AD56683-137C-4B97-9EE9-3B93F2027FAD} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {21FE65DD-2895-496E-B435-99DEA5628EC2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2C8E393F-9D61-41E8-B106-B61DF4DB75FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.)
Task: {3148EBA2-0CA4-46C0-A60F-35D31C8898B4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {35D8E9A0-AE1E-4B53-A16B-7FFDEDC86C10} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {3B4868C8-25E2-4BE1-8B95-2D1D34B76695} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {3C1704F1-AB09-45E4-A76D-24EAB02274AF} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {3D3162CE-D502-4A77-826B-5BFD93BD2230} - System32\Tasks\AdobeAAMUpdater-1.0-Sarah-Moto => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated)
Task: {40208021-119E-4BCC-A6D4-757F0D7E0958} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {42713F69-5302-4ADD-9EE2-DCF4BEF6E573} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {4432CDF6-8F4B-41A7-809B-6161EF2D73CD} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {462B99D0-C67C-4CD2-B483-AE2F2399AC31} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {51046135-D10B-426A-90A9-628E7FC05FE7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {51875138-BEF2-45A6-A995-158C021984CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5EF7C3A0-FA21-4D31-B5DB-98FEEEA935E2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {66CBAFFE-E361-4472-B2E5-A3EF9B03EB9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {67A85CAB-BD85-447C-91B4-54121A2137DA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6CF89165-B7FA-45C6-8326-71FFE9EDE7E9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {702C63BC-E036-4114-8C13-1D7E0BF14E90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {78E1B67D-BFA3-4A77-B1B3-5E4CFB977922} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2015-09-21] ()
Task: {7A9EBE94-98B0-45AF-8860-D2A77B72707E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {7BB01A67-1A51-469B-9027-F834B8416418} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {8A580AED-1C90-4E46-9E00-F75E227EEEEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {8B25EAEC-0EB2-4F01-8804-616820D092ED} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8DB3194E-BE4B-475C-A0AA-40834A57273F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {9320D06B-7FE9-418F-8EBF-38C9B98FAFD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A8D884F5-A534-4985-B2FF-F3A10CDC7CA4} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B05BF8EC-6ACE-468C-ADAB-412655204634} - System32\Tasks\{D96E2F50-8C0E-437E-BC0E-620C93C159D6} => pcalua.exe -a G:\Downloads\atBIOS\setup.exe -d G:\Downloads\atBIOS
Task: {B10AF64B-8931-4423-8622-E1217F5F1363} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {BCB0290C-9261-4465-9814-71A692E8BCFA} - System32\Tasks\{69189473-A455-4422-B8CC-34262F7CCD69} => pcalua.exe -a G:\Desktop\HijackThis.exe -d G:\Desktop
Task: {C2980F00-9F7F-4FC9-985C-7B31224CB1A1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C4CF494C-7B54-4734-A183-0D4CCCCA10B9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C4FF7F19-DEDB-4FF6-8859-4DB0EB6201E7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C63E91BA-F82A-4B5F-A4B1-85F406A30E0A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {C68B4BFE-6FCF-4CBD-82FA-91B0C01F4985} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\Windows\System32\GWX\GWX.exe
Task: {CF62AB66-4030-4A7A-A0FC-B23511777967} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D68B8E12-293E-4C5E-9E47-9F748E040592} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {D83B1817-7728-46D2-9CDC-6EFD92167346} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DD1B9A29-49AB-4CED-A498-3B533F0EEE06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {E01E3344-96D1-45C9-BDFA-57F035F15BE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E0F52BBF-83A4-485E-89A2-0922D15F77B0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E3870F23-BD82-48D4-9517-5321FD87D8A3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {E5C66B98-FE6A-4965-9FC6-EE9E4654B3FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {F1F44088-57AF-4F82-B4A6-F5B792BD2454} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F208B383-9F25-489E-A77E-C2442F1EA3A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {F8270596-B4D8-48FE-9CCC-88CAE3C6E72E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Moto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Infinite HD App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=laealigljflmglcgncipdbmbjgjdpiim

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-20 18:47 - 2016-06-03 04:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2016-05-12 20:34 - 2016-05-12 20:34 - 00307712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\8646218657a9e1a03dfd1082f11cb43d\ReactiveSockets.ni.dll
2014-05-02 12:52 - 2014-05-02 12:52 - 00599040 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 07:55 - 2014-05-02 07:55 - 00185344 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 07:05 - 2014-05-02 07:05 - 00173056 _____ () C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2014-09-24 20:57 - 2014-09-24 20:57 - 00034624 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\LEDCtrl.exe
2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 19:37 - 2016-04-20 19:37 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-12 15:16 - 2016-05-12 15:16 - 00959168 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-20 18:49 - 2016-04-20 18:49 - 00008704 _____ () C:\WINDOWS\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2016-02-13 18:02 - 2016-02-13 18:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 13:38 - 2016-04-23 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 13:38 - 2016-04-23 05:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2016-06-14 22:41 - 2016-05-28 04:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-14 22:41 - 2016-05-28 04:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-14 22:41 - 2016-05-28 04:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-14 22:41 - 2016-05-28 04:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-02 15:26 - 2016-01-11 18:30 - 01349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-04-20 11:31 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-02-16 11:47 - 2015-02-16 11:47 - 00105472 _____ () C:\Program Files (x86)\GIGABYTE\AmbientLED\ycc.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2016-03-23 20:10 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-12 15:16 - 2016-05-12 15:16 - 00679624 _____ () C:\Users\Moto\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-16 21:34 - 2016-06-15 10:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-16 21:34 - 2016-06-15 10:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-04-20 11:31 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2016-04-20 11:31 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2016-04-20 11:31 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-11-06 11:46 - 2015-11-06 11:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-13 11:52 - 2015-11-13 11:52 - 00824192 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2016-06-03 03:36 - 2016-06-03 03:36 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-06-08 00:10 - 2016-06-08 00:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-08 00:41 - 2016-06-08 00:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-06-08 00:10 - 2016-06-08 00:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-05-20 17:30 - 2016-05-20 17:30 - 00121344 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00126464 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-05-20 17:31 - 2016-05-20 17:31 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-03 03:20 - 2016-06-03 03:20 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-05-20 17:30 - 2016-05-20 17:30 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-05-20 17:29 - 2016-05-20 17:29 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-01-04 04:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1643741209-629586362-3516323415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moto\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Moto\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moto\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "G:\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "Elgato Sound Capture"
HKU\S-1-5-21-1643741209-629586362-3516323415-1000\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{34F16DFA-05A0-4411-9CB6-50B0B76E5282}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{370E29C0-E93F-4F15-8F51-2DFABFEA3268}] => (Allow) G:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{F7B58E62-1C3E-4A2B-9E5A-1D5A6730A3E3}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe
FirewallRules: [{44069F59-4680-4E14-B369-FBA91FC604F2}] => (Allow) G:\Steam\steamapps\common\HunieCam Studio\HunieCamStudio.exe
FirewallRules: [{C2965D9F-F5FE-4F18-9E3A-FF4F36C32B52}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{C1B1AB2D-A565-46B6-B850-A5E3AE974299}] => (Allow) G:\Steam\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{D495D03D-B88C-49DD-9326-0BF0115C7490}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{2B94CA5C-3F2F-442F-9C70-41D9A30D9526}] => (Allow) G:\Steam\steamapps\common\SecretPonchos\bin\SecretPonchosD3D11.exe
FirewallRules: [{C6A3CE8E-0F35-4598-A791-EB70599F1C6B}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe
FirewallRules: [{634FFD85-BC1C-4812-A3AB-CE3D14E3AEF5}] => (Allow) G:\Steam\steamapps\common\The Marvellous Miss Take\misstake.exe
FirewallRules: [{78EC40A7-EBA2-498C-BA7C-FB0846AE5B27}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{F5746522-DCEC-4EF3-BCD1-68E0BE0521D3}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{897B4201-5466-41B3-BC6B-17CC0A3A856B}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{C278C86D-B5EE-48D6-9494-17A1B1236460}] => (Allow) G:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{81307196-7BD0-4D6D-9902-8B80D31C5516}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe
FirewallRules: [{CFE92BF2-2B12-40A3-B798-2F7E5C36D125}] => (Allow) G:\Steam\steamapps\common\RoadRedemption\RoadRedemptionEarlyAccess.exe
FirewallRules: [{C0C31D2F-A5D4-43A6-B978-3A266AA19900}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe
FirewallRules: [{C1BD2C63-A885-4C1F-89B9-643B9A102732}] => (Allow) G:\Steam\steamapps\common\TheBugButcher\TheBugButcher.exe
FirewallRules: [{569D2C15-433F-418A-8D49-D60562CD4D0A}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{64F3FF5D-D91B-4691-ADB8-7D55FF9E0A79}] => (Allow) G:\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{6606998C-146E-4231-9624-9EAB07675A2A}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{09D9201E-F700-4163-B96F-4C0CA8EE2DFE}] => (Allow) G:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{C15C657E-C12F-419F-9605-8CC998ECE614}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe
FirewallRules: [{2D823B94-5415-4BB4-88F3-4552C0C60393}] => (Allow) G:\Steam\steamapps\common\Dreaming Sarah\nw.exe
FirewallRules: [{A83C6427-045F-4E8B-870F-25E78D9A9D92}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe
FirewallRules: [{266BDFA5-875F-4D06-AFC2-A08F0FA20E3C}] => (Allow) G:\Steam\steamapps\common\PoltergeistAPixelatedHorror\Poltergeist.exe
FirewallRules: [{9240F07B-66BC-444E-B27B-FBE3CAECE5CA}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{4EF67D00-D91C-44BF-B6E6-2A4E82344D45}] => (Allow) G:\Steam\steamapps\common\Spelunky\Spelunky.exe
FirewallRules: [{16544387-18A1-4C33-89B8-AF607E3C688B}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{7E8DA020-8A90-4B1A-A4A3-E9AD413B23FA}] => (Allow) G:\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{33921DE3-1678-47F3-B03D-58ADFAAA8E75}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{4262CF90-CDB3-48E4-8262-420F3959870C}] => (Allow) G:\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 4\NSUNS4.exe
FirewallRules: [{E7A13D16-D383-4C17-BA17-967D807E7910}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{55146114-42A9-4CE5-9C2D-1F9131EEB6CE}] => (Allow) G:\Steam\steamapps\common\StreetFighterV\StreetFighterV.exe
FirewallRules: [{55330B54-752C-4609-ADD0-E853567843B1}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{9B86476D-4B8E-4E99-BAAE-EDA3AE124075}] => (Allow) G:\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{B8FE4828-C5B8-4A76-9B8F-BF26CB9750E5}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{5DD6404D-026D-42CA-9BD6-090EEAADD966}] => (Allow) G:\Steam\steamapps\common\Dex\GamepadConfigTool.exe
FirewallRules: [{41B54F67-9BC0-4378-BAAB-62D37E28EE56}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe
FirewallRules: [{FF1F9AF3-EBAF-4536-9B22-747706491C3C}] => (Allow) G:\Steam\steamapps\common\Dex\Dex.exe
FirewallRules: [{38EE0B79-7C2F-4E11-A694-6F9933F442F1}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [{F97DAFDF-83AA-4F82-92CA-16C7FF590E5F}] => (Allow) G:\Steam\steamapps\common\Hand of Fate\Hand of Fate.exe
FirewallRules: [{1D29C21C-4377-4608-9FF3-D5BC34CC3C4F}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe
FirewallRules: [{17CD0ECA-6326-4F1B-B6AB-9A4E8A102419}] => (Allow) G:\Steam\steamapps\common\Ultratron\Ultratron.exe
FirewallRules: [{30D9CEDC-1322-4DE4-B4CE-B9D5047E8A54}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{040D1641-4C56-4A15-93CC-C40D90548981}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{C8178934-0524-4EC5-BA8B-7E3DAC08D530}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{5992693D-8903-47C6-BAA2-2756F7A6D6D3}] => (Allow) G:\Steam\steamapps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{1DC510B0-AEEB-4493-9188-C68DF1F32639}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe
FirewallRules: [{A5E43CD3-E354-41E3-9AC0-313D1EC0E1C5}] => (Allow) G:\Steam\steamapps\common\Assault Android Cactus\cactus.exe
FirewallRules: [{333BC897-90AC-482F-8F21-EE9DF23F3DA5}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{127529E8-13F9-4DEA-B0E3-E697D0126341}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{984443CE-2414-4470-9101-6CD0D8751E51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{0F6F90B8-252C-4DED-9768-04BE7D70B184}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{737020B6-038D-47FD-A552-DEE0C32184F5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8BF08470-F436-4125-BC5C-9F5BE0BD8BC6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{B23A9CBD-944A-4B8A-908D-F05FD7FE0A43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{862ED0C8-9A3B-43FA-BF95-D9BDF1C5F46B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{3481929B-73FE-4E93-AB4C-8D64F1514BB5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{EF6E2FFE-04E4-43E3-8238-B837DF95C4F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{D3FEAB5E-4E26-4E4C-BB4B-CF6EB31B41F9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{093BF596-4D5D-498C-BC4E-6B27BB70A194}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{312A6D96-6255-46D1-BA42-B2AE5C26F7DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{470BE6A0-726A-46DB-B85D-53BFD5782143}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{519D4705-92EC-46D2-9C72-FFDBB9A2BE77}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{BD8F58A2-001D-48B5-B334-C412CD9251C8}] => (Allow) G:\Steam\steamapps\common\Read Only Memories\ROM.exe
FirewallRules: [{91FF854C-8A60-4441-BEFA-F55411869C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A56FB58A-4C3D-44A2-A7B8-30B1F51D34DA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{04DC6D2D-5496-4AFC-B81C-F659EAA5D7DF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{25A176A3-16B1-4F36-92F8-6E9052135F8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B746569-C12E-434A-B519-C4F88BF1F3C1}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{47272534-44FF-4A2B-900D-A8E83FA9CAA9}] => (Allow) G:\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{CF14700C-45FB-416A-9165-B3F05A854DF9}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{44AFC687-00BC-400D-9488-7B3C183E5F86}] => (Allow) G:\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{8466E68E-4FC1-419F-8EEA-B68DF3D3F849}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{45C56902-A463-4E95-9EE4-F117A0A0E5AC}] => (Allow) G:\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{C1C31FCB-560F-4B70-89DF-BD38FF695D2E}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe
FirewallRules: [{174710AB-2116-4E23-950E-626C3A82AD77}] => (Allow) G:\Steam\steamapps\common\Murder\Murder.exe
FirewallRules: [{58353D8B-67DF-48AA-BA6F-BB9D0FB051C8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{A3642419-CCC8-4855-ABD2-8031EE486622}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{C2C56234-E2FE-4E48-8DE1-CA7B0B7A173A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4C546305-7914-43E0-B9C4-E7D008A8641A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{A9D776B6-2B87-42BC-BC1E-485822AF4E95}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CBC4515A-2873-4CC4-A195-D80B9F4C6BA5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{07CB98CA-5F80-43B9-A072-FE3355D96FA9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{BA759C96-9FF3-4CA9-B4FD-5EF5D1217F07}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{CB8CE0AB-2C77-4120-8008-0096614F5CDB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2C2F497D-C1AE-4205-99D0-498CD78474EF}] => (Allow) LPort=8844
FirewallRules: [{FB9D0B5C-521E-4050-AEEC-E764B21810CF}] => (Allow) LPort=1900
FirewallRules: [{01B461EF-AA00-4C4D-8D0A-D6E2A15D2FFC}] => (Allow) LPort=1900
FirewallRules: [{C73DDE85-C48D-40DC-8C59-3DFB65676C41}] => (Allow) LPort=1980
FirewallRules: [{821B5ED0-202B-43B7-AD37-01B0958A4049}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteControl\grckm.exe
FirewallRules: [{6C39CC60-F195-44B3-9FD9-553BE0B136CC}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\RemoteOC\ubssrv_oc_only.exe
FirewallRules: [{4A18B241-9257-498B-A638-3A4ADD4E1B2D}] => (Allow) C:\Program Files (x86)\Gigabyte\CloudStation\HomeCloud\HCLOUD.exe
FirewallRules: [{EDEFC1A6-6235-460A-906A-2304A28D2E42}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{842DAF56-24D4-4E0B-B32A-58BC936FE22F}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2EB9C82B-3AD7-4B9E-BD8E-4451DC46CB83}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{54488B43-960F-4D12-AE69-0946E2CDD058}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{BEF599F6-1DDE-459C-BA3D-83F26BE54C6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9683C0F8-A9CB-4186-BB0A-72A33E7F75E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{71A4F426-78BA-45F0-9846-4E98A821D710}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CD76C50E-AD9D-40D4-B774-7602C6B418BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AEE12E4A-3222-4045-91F6-19243B6C043E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{715BEECC-1619-4764-A28E-88797F5736CA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6711424F-4792-4727-A710-245B80991B2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AA2A22BC-7D90-4B13-A822-729F908D5179}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{94A526D4-60F7-4E85-8877-F8484FF5354C}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{2EFEF08A-2605-49E1-AA2E-757F35357D23}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3A3C1E4B-CEF6-4B6D-9771-14C0257FECE4}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{9CD1A4CD-3418-42DB-A2FB-BD17916ACD7F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{97FDE75A-EFF0-4D0F-9337-A4FF2739435F}] => (Allow) G:\Steam\steamapps\common\Enter the Gungeon\EtG.exe
FirewallRules: [{7DDEDE23-8EA3-42CC-9483-BF4D509B05D3}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe
FirewallRules: [{778BBD36-E31F-4D0C-BC80-85AB5D6EB0C5}] => (Allow) G:\Steam\steamapps\common\Duck Game\DuckGame.exe
FirewallRules: [{71FD6C43-3435-455C-9003-92844E435C9A}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{ED93A94E-3585-411B-8DFD-46E4BF277273}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{1A7C2B0D-AE80-45DF-9D84-B70264F5B9A0}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{DC823B45-6A70-429E-897A-B8F473594558}] => (Allow) G:\Steam\steamapps\common\Phantom Breaker Battle Grounds\bin\pbbg_win32.exe
FirewallRules: [{5CA73B85-4988-4426-A422-80CED2383079}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{55A8DEB8-8EEC-48BB-B6C3-24EC61FEC173}] => (Allow) G:\Steam\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{BC1D0292-4AEE-4D48-848B-06836A171463}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{972A9258-F0E0-4B80-94DA-785704AB3C8A}] => (Allow) G:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{8C756373-14E7-43C7-86D7-F455CD411704}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{42F3BB53-D6E0-4E2A-9AF7-2F4A515ACF26}] => (Allow) G:\Steam\steamapps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{1E9EB20A-38B2-49C6-9E7F-08514D986BBC}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{C98FCD3A-75DB-4758-9D04-78A42CC9689B}] => (Allow) G:\Steam\steamapps\common\Gang Beasts\Gang Beasts.exe
FirewallRules: [{C023F0B8-3DB5-48E9-9153-AEA0C16CE10D}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{BAE0B04E-D105-4630-8B40-39CB5487E1BE}] => (Allow) G:\Steam\steamapps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{D1036E5B-5F4F-46CA-8947-0AEC60F7FC2A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{017611F5-21A5-45BA-A716-9E9A1D831ACE}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{38EB278A-52FB-4BD5-BF8C-343A419CCB30}] => (Allow) G:\Steam\steamapps\common\Metal Slug 3\mslug3.exe
FirewallRules: [{CB3BF89D-DAD2-429C-BF11-27907AA75F2B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EF435C5B-9A92-461F-8ADE-84D1AAD6DBCA}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{6926DFA3-F39B-4F35-B750-809B11A1A7AE}] => (Allow) G:\Steam\steamapps\common\Renowned Explorers\win64\abbeycore_win32_steam.exe
FirewallRules: [{2C9BFD9B-ABAC-4E56-9B53-60D481B088E4}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe
FirewallRules: [{0F9BFCA7-AC9C-4388-B0B6-078162F63C87}] => (Allow) G:\Steam\steamapps\common\Guild of Dungeoneering\dungeoneering.exe
FirewallRules: [{53D6424B-907C-49B1-884F-6C2E48F7D84B}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{B2ED2CAB-75A6-4F8E-9FB9-9B11C28C0921}] => (Allow) G:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

21-06-2016 15:24:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
21-06-2016 15:24:28 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
24-06-2016 17:20:46 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2016 05:52:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process ID: 0x13f4
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report ID: NvStreamNetworkService.exe3
Faulting package full name: NvStreamNetworkService.exe4
Faulting package-relative application ID: NvStreamNetworkService.exe5

Error: (06/24/2016 05:22:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Adobe CEF Helper.exe, version: 3.7.0.271, time stamp: 0x57515883
Faulting module name: libcef.dll, version: 3.2171.2069.0, time stamp: 0x551bdc44
Exception code: 0xc0000005
Fault offset: 0x00444106
Faulting process ID: 0x288c
Faulting application start time: 0xAdobe CEF Helper.exe0
Faulting application path: Adobe CEF Helper.exe1
Faulting module path: Adobe CEF Helper.exe2
Report ID: Adobe CEF Helper.exe3
Faulting package full name: Adobe CEF Helper.exe4
Faulting package-relative application ID: Adobe CEF Helper.exe5

Error: (06/24/2016 05:20:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/24/2016 05:04:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2084.9592, time stamp: 0x57605ac0
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5760534f
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process ID: 0x2d60
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report ID: NvStreamNetworkService.exe3
Faulting package full name: NvStreamNetworkService.exe4
Faulting package-relative application ID: NvStreamNetworkService.exe5

Error: (06/22/2016 02:03:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f
Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643
Exception code: 0xc0000005
Fault offset: 0x000000000019c458
Faulting process ID: 0x220c
Faulting application start time: 0xAdobe Premiere Pro.exe0
Faulting application path: Adobe Premiere Pro.exe1
Faulting module path: Adobe Premiere Pro.exe2
Report ID: Adobe Premiere Pro.exe3
Faulting package full name: Adobe Premiere Pro.exe4
Faulting package-relative application ID: Adobe Premiere Pro.exe5

Error: (06/21/2016 04:18:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Adobe Premiere Pro.exe, version: 10.3.0.202, time stamp: 0x574e936f
Faulting module name: LogSession.dll, version: 7.4.1.12, time stamp: 0x57446643
Exception code: 0xc0000005
Fault offset: 0x000000000019c458
Faulting process ID: 0x2608
Faulting application start time: 0xAdobe Premiere Pro.exe0
Faulting application path: Adobe Premiere Pro.exe1
Faulting module path: Adobe Premiere Pro.exe2
Report ID: Adobe Premiere Pro.exe3
Faulting package full name: Adobe Premiere Pro.exe4
Faulting package-relative application ID: Adobe Premiere Pro.exe5

Error: (06/21/2016 03:24:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/21/2016 03:24:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/20/2016 12:04:16 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: Access is denied. (0x80070005).

Error: (06/20/2016 12:04:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.


System errors:
=============
Error: (06/24/2016 05:52:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (06/24/2016 05:52:14 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/24/2016 05:52:06 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_56cf6 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (06/24/2016 05:51:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056 = An instance of the service is already running.


Error: (06/24/2016 05:50:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).


CodeIntegrity:
===================================
  Date: 2016-06-19 19:00:13.820
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-18 13:06:52.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 21:02:14.837
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-15 22:04:15.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-23 17:26:06.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-21 04:08:55.886
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-20 04:36:53.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 04:26:54.937
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 04:01:32.726
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 15:03:41.951
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 11%
Total physical RAM: 32574.06 MB
Available physical RAM: 28985.02 MB
Total Virtual: 65342.06 MB
Available Virtual: 61505.16 MB

==================== Drives ================================

Drive c: (Sarah) (Fixed) (Total:222.9 GB) (Free:119.74 GB) NTFS
Drive f: (Pandora) (Fixed) (Total:1862.88 GB) (Free:644.21 GB) exFAT
Drive g: (Mei) (Fixed) (Total:1863.01 GB) (Free:570.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D347A590)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=42)

========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: DB3EED98)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

 

Link to post
Share on other sites

  • 2 months later...

I am sorry to push this to the top by adding a post, but I found the cause, and furthermore, having had the same issue and finding multiple google results linking me to this forum (and specifically your replies Advanced Setup) I think this very specific symptom is handled a bit non-optimally.

I ended up running the code snippet in the accepted answer here to find the cause in my case

http://stackoverflow.com/questions/20938934/controlling-applications-volume-by-process-id

and it ended up being the ScpToolkit process being the "culprit" which I see you have running as well.

I took the liberty of taking the code snippet and creating a VS project off of it. I attached the project. A binary of the project can be found under "DumpAudioProcesses/bin/Debug/".

I think using this tool may be a superior solution in finding out what is wrong in these specific cases as it precisely reports the process name. Enjoy

DumpAudioProcesses.rar

Link to post
Share on other sites

  • Root Admin

Thank you @InstantMuffin

Normally we probably would not allow but a scan from VT shows 0/55

https://www.virustotal.com/en/file/ebea7f341d8849d5b0e30044750daeb5f6914ad232ff86c3a458aa7440e597fe/analysis/1474871067/

Thank you for sharing and taking the time out to report your findings.

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.