Jump to content

Adware.Elex.ShrtCln keeps returning - Stratdos

Stratdos

By Stratdos
in Resolved Malware Removal Logs

 Share

Recommended Posts

Stratdos

Stratdos

Posted
Posted

Hello. I got a problem with this particular adware. I did all the steps with disabling chrome sync and stuff, but they didn't help. Here are my logs from FRST64

FRST.TXT:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
Ran by Strat (administrator) on DESKTOP-ABB27G3 (12-11-2017 21:08:13)
Running from C:\Users\Strat\Desktop
Loaded Profiles: Strat (Available Profiles: Strat)
Platform: Windows 10 Pro Version 1709 16299.19 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [877056 2014-11-24] (Creative Technology Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{36f5a6c1-a33d-4b48-ac3d-2ce7d5a5386c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-12] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default [2017-11-12]
CHR Extension: (Super Netflix) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aioencjhbaolepcoappllicjebblphoc [2017-11-12]
CHR Extension: (BetterTTV) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-12]
CHR Extension: (Docs) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-12]
CHR Extension: (Google Drive) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-12]
CHR Extension: (FairSteam - Gameplay video for Steam) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnnjbpfiahjcklcecoplaepepppkkad [2017-11-12]
CHR Extension: (YouTube) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-12]
CHR Extension: (uBlock Origin) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-11-12]
CHR Extension: (Search by Image (by Google)) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-11-12]
CHR Extension: (Tampermonkey) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-11-12]
CHR Extension: (imgur Community Extension) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao [2017-11-12]
CHR Extension: (Sheets) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-11-12]
CHR Extension: (Google Docs Offline) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-12]
CHR Extension: (ScriptBlock) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcdjknjpbnhdoabbngpmfekaecnpajba [2017-11-12]
CHR Extension: (Google Keep - notes and lists) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-11-12]
CHR Extension: (Google Theme) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\imoaoigekmpoalkbfohhjgkcocjdapne [2017-11-12]
CHR Extension: (Typing Test - KeyHero) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2017-11-12]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-11-12]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2017-11-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-12]
CHR Extension: (4chan X) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam [2017-11-12]
CHR Extension: (Enhanced Steam) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2017-11-12]
CHR Extension: (Gmail) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Strat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-12]
CHR Profile: C:\Users\Strat\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2017-03-28] (Creative Technology Ltd)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-12] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-01] (Dropbox, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460920 2017-10-27] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4297920 2017-09-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cthda; C:\Windows\system32\drivers\cthda.sys [1074984 2017-03-28] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [42792 2017-03-28] (Creative Technology Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193464 2017-11-12] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [110016 2017-11-12] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [46008 2017-11-12] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-11-12] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [94144 2017-11-12] (Malwarebytes)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [151552 2017-09-29] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-13 04:00 - 2017-11-12 19:01 - 000000000 ____D C:\Windows\Panther
2017-11-12 21:08 - 2017-11-12 21:08 - 000014526 _____ C:\Users\Strat\Desktop\FRST.txt
2017-11-12 20:52 - 2017-11-12 21:08 - 000000000 ____D C:\FRST
2017-11-12 20:51 - 2017-11-12 20:51 - 002392576 _____ (Farbar) C:\Users\Strat\Desktop\FRST64.exe
2017-11-12 20:49 - 2017-11-12 20:49 - 000000000 ____D C:\Users\Strat\AppData\Local\Notepad++
2017-11-12 20:48 - 2017-11-12 20:49 - 000000016 _____ C:\Users\Strat\Desktop\re-start.bat
2017-11-12 20:25 - 2017-11-12 20:25 - 000000000 ____D C:\Users\Public\Creative
2017-11-12 20:24 - 2017-11-12 20:50 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-11-12 20:24 - 2017-11-12 20:49 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-12 20:24 - 2017-11-12 20:49 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-12 20:24 - 2017-11-12 20:49 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-12 20:24 - 2017-11-12 20:24 - 000193464 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2017-11-12 20:24 - 2017-11-12 20:24 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4
2017-11-12 20:24 - 2017-11-12 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-12 20:24 - 2017-11-12 20:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-12 20:24 - 2017-11-12 20:24 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-12 20:24 - 2017-11-12 20:24 - 000000000 ____D C:\Program Files\LibreOffice 5
2017-11-12 20:24 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-11-12 20:23 - 2017-11-12 20:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-12 20:23 - 2017-11-12 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2017-11-12 20:23 - 2017-11-12 20:22 - 000001331 _____ C:\Users\Strat\Desktop\Dropbox.lnk
2017-11-12 20:23 - 2012-11-26 16:52 - 000005783 ____N C:\Windows\system32\CTOPT352.cat
2017-11-12 20:23 - 2012-08-13 14:51 - 000183808 ____N (Creative Technology Ltd) C:\Windows\system32\CTOPT352.dll
2017-11-12 20:23 - 2010-10-04 15:20 - 000088576 ____N (Creative Technology Ltd) C:\Windows\system32\CTOPT399.dll
2017-11-12 20:23 - 2010-10-03 14:54 - 000005594 ____N C:\Windows\system32\CTOPT399.cat
2017-11-12 20:23 - 2008-12-22 20:13 - 000049664 ____N (Creative Technology Ltd) C:\Windows\system32\CTChkAud.dll
2017-11-12 20:23 - 2006-12-05 13:53 - 000042496 ____N (Creative Technology Ltd.) C:\Windows\system32\AddCat.exe
2017-11-12 20:22 - 2017-11-12 20:24 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-12 20:22 - 2017-11-12 20:24 - 000000934 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-12 20:22 - 2017-11-12 20:22 - 000003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-11-12 20:22 - 2017-11-12 20:22 - 000003766 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-11-12 20:22 - 2017-11-12 20:22 - 000001153 _____ C:\Users\Public\Desktop\Backup and Sync from Google.lnk
2017-11-12 20:22 - 2017-11-12 20:22 - 000000078 ___RH C:\Windows\ctfile.rfc
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\Users\Strat\AppData\Roaming\Dropbox
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\Users\Strat\AppData\Local\PeerDistRepub
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\Users\Strat\AppData\Local\Dropbox
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\ProgramData\Dropbox
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-12 20:22 - 2017-11-12 20:22 - 000000000 ____D C:\Program Files (x86)\Creative
2017-11-12 20:22 - 2012-04-02 15:51 - 000004850 _____ C:\Windows\cthdaENG.reg
2017-11-12 20:21 - 2017-11-12 20:21 - 000003232 _____ C:\Windows\System32\Tasks\klcp_update
2017-11-12 20:21 - 2017-11-12 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-11-12 20:21 - 2017-11-12 20:21 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-11-12 20:20 - 2017-11-12 20:49 - 000000000 ____D C:\Users\Strat\AppData\Roaming\Notepad++
2017-11-12 20:20 - 2017-11-12 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2017-11-12 20:20 - 2017-11-12 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-11-12 20:20 - 2017-11-12 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-11-12 20:20 - 2017-11-12 20:20 - 000000000 ____D C:\Program Files\qBittorrent
2017-11-12 20:20 - 2017-11-12 20:20 - 000000000 ____D C:\Program Files\7-Zip
2017-11-12 20:20 - 2017-11-12 20:20 - 000000000 ____D C:\Program Files (x86)\Notepad++
2017-11-12 20:19 - 2017-11-12 20:19 - 000000000 ____D C:\Software
2017-11-12 20:19 - 2017-11-12 20:19 - 000000000 ____D C:\Games
2017-11-12 19:56 - 2017-11-12 20:26 - 000000000 ____D C:\Users\Strat\AppData\Local\NVIDIA Corporation
2017-11-12 19:56 - 2017-11-12 19:56 - 000000000 ____D C:\Users\Strat\AppData\Local\NVIDIA
2017-11-12 19:56 - 2017-11-12 19:56 - 000000000 ____D C:\Users\Strat\AppData\Local\CEF
2017-11-12 19:55 - 2017-11-12 19:55 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-12 19:55 - 2017-11-12 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-12 19:55 - 2017-10-27 18:50 - 001796216 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-11-12 19:55 - 2017-10-27 18:50 - 001578104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-11-12 19:55 - 2017-10-27 18:50 - 000919160 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2017-11-12 19:55 - 2017-10-27 17:06 - 000136312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-11-12 19:55 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-11-12 19:55 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-11-12 19:55 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-11-12 19:55 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-11-12 19:55 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-11-12 19:55 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-11-12 19:54 - 2017-11-12 19:54 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-12 19:54 - 2017-11-12 19:54 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-11-12 19:54 - 2017-10-27 18:50 - 000532088 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-11-12 19:54 - 2017-10-27 18:50 - 000437696 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-11-12 19:54 - 2017-10-27 18:50 - 000186488 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-11-12 19:54 - 2017-10-27 18:50 - 000152696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-11-12 19:54 - 2017-10-27 18:50 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-11-12 19:54 - 2017-10-27 18:50 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-11-12 19:54 - 2017-10-27 17:12 - 005960824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-11-12 19:54 - 2017-10-27 17:12 - 002587768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-11-12 19:54 - 2017-10-27 17:12 - 001766520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-11-12 19:54 - 2017-10-27 17:12 - 000607168 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-11-12 19:54 - 2017-10-27 17:12 - 000449656 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-11-12 19:54 - 2017-10-27 17:12 - 000123000 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-11-12 19:54 - 2017-10-27 17:12 - 000081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-11-12 19:54 - 2017-10-25 11:33 - 007802921 _____ C:\Windows\system32\nvcoproc.bin
2017-11-12 19:54 - 2017-09-14 00:20 - 000798008 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-11-12 19:54 - 2017-09-14 00:20 - 000490296 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-11-12 19:54 - 2017-09-14 00:19 - 000927544 _____ C:\Windows\system32\vulkan-1.dll
2017-11-12 19:54 - 2017-09-14 00:19 - 000591160 _____ C:\Windows\system32\vulkaninfo.exe
2017-11-12 19:53 - 2017-10-27 18:50 - 040237688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 036239480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 035156928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 029270976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 023262280 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 019037416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 013864048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 013254520 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 011779328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 010882720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 004485048 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 004201592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 003817584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 003614328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438813.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001673848 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438813.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001615472 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001331200 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001321448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001099712 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001044848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001038680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 001031104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000981112 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000932288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000794392 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000739448 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000634224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000618928 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000615544 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000598464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000505976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000225208 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-11-12 19:53 - 2017-10-27 18:50 - 000057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-11-12 19:53 - 2017-10-27 18:50 - 000050808 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-11-12 19:53 - 2017-10-27 18:50 - 000048442 _____ C:\Windows\system32\nvinfo.pb
2017-11-12 19:53 - 2017-10-27 18:50 - 000045496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-11-12 19:53 - 2017-10-27 18:50 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-11-12 19:53 - 2017-10-27 18:50 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2017-11-12 19:48 - 2017-11-12 19:48 - 000000000 ____D C:\NVIDIA
2017-11-12 19:29 - 2017-11-12 19:29 - 000000000 ____D C:\Users\Strat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2017-11-12 19:29 - 2017-11-12 19:29 - 000000000 ____D C:\Users\Strat\AppData\Roaming\Google
2017-11-12 19:28 - 2017-11-12 19:28 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-12 19:27 - 2017-11-12 20:22 - 000000000 ____D C:\Users\Strat\AppData\Local\Google
2017-11-12 19:27 - 2017-11-12 20:22 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-12 19:27 - 2017-11-12 19:27 - 000003416 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-12 19:27 - 2017-11-12 19:27 - 000003292 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-12 19:24 - 2017-11-12 19:24 - 000000000 ____D C:\Users\Strat\AppData\Local\PlaceholderTileLogoFolder
2017-11-12 19:15 - 2017-11-12 19:15 - 000000000 ____D C:\Windows\containers
2017-11-12 19:14 - 2017-11-12 19:12 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-12 19:13 - 2017-11-12 19:14 - 000000000 ____D C:\Windows\system32\MRT
2017-11-12 19:13 - 2017-11-12 19:13 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-12 19:13 - 2017-11-12 19:13 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-12 19:13 - 2017-10-10 17:33 - 017080832 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2017-11-12 19:13 - 2017-10-10 17:25 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\HolographicRuntimes.dll
2017-11-12 19:13 - 2017-10-10 17:22 - 021752832 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2017-11-12 19:13 - 2017-10-10 17:12 - 000664576 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll
2017-11-12 19:13 - 2017-10-10 08:14 - 000139672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-11-12 19:13 - 2017-10-10 08:11 - 000739696 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-11-12 19:13 - 2017-10-10 08:10 - 001200024 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-11-12 19:13 - 2017-10-10 08:07 - 008592280 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-11-12 19:13 - 2017-10-10 08:02 - 002400664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-12 19:13 - 2017-10-10 08:01 - 005906264 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-11-12 19:13 - 2017-10-10 08:01 - 001633744 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-11-12 19:13 - 2017-10-10 08:00 - 001053592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-11-12 19:13 - 2017-10-10 08:00 - 000373656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-11-12 19:13 - 2017-10-10 07:59 - 001641536 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-11-12 19:13 - 2017-10-10 07:59 - 000778936 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-11-12 19:13 - 2017-10-10 07:54 - 001463856 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-11-12 19:13 - 2017-10-10 07:53 - 000464416 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-11-12 19:13 - 2017-10-10 07:53 - 000232344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-11-12 19:13 - 2017-10-10 07:51 - 000184984 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-11-12 19:13 - 2017-10-10 07:50 - 002573208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-11-12 19:13 - 2017-10-10 07:49 - 001554216 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2017-11-12 19:13 - 2017-10-10 07:49 - 000060824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\urscx01000.sys
2017-11-12 19:13 - 2017-10-10 07:48 - 000677280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-11-12 19:13 - 2017-10-10 07:44 - 000246168 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-11-12 19:13 - 2017-10-10 07:43 - 000559000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-11-12 19:13 - 2017-10-10 07:43 - 000418712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-11-12 19:13 - 2017-10-10 07:43 - 000045976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2017-11-12 19:13 - 2017-10-10 07:36 - 001436432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-11-12 19:13 - 2017-10-10 07:31 - 001528912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-11-12 19:13 - 2017-10-10 07:31 - 001323840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-11-12 19:13 - 2017-10-10 07:30 - 000123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-11-12 19:13 - 2017-10-10 07:26 - 000649304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-11-12 19:13 - 2017-10-10 07:11 - 000597160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-11-12 19:13 - 2017-10-10 07:07 - 001261864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2017-11-12 19:13 - 2017-10-10 07:06 - 000353688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-11-12 19:13 - 2017-10-10 06:53 - 025246208 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-11-12 19:13 - 2017-10-10 06:47 - 002905600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-11-12 19:13 - 2017-10-10 06:46 - 001470976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-11-12 19:13 - 2017-10-10 06:46 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-12 19:13 - 2017-10-10 06:44 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-11-12 19:13 - 2017-10-10 06:43 - 018913792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-11-12 19:13 - 2017-10-10 06:43 - 000566272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-11-12 19:13 - 2017-10-10 06:43 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll
2017-11-12 19:13 - 2017-10-10 06:42 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2017-11-12 19:13 - 2017-10-10 06:42 - 000326144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-11-12 19:13 - 2017-10-10 06:41 - 019343360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-12 19:13 - 2017-10-10 06:41 - 000591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2017-11-12 19:13 - 2017-10-10 06:39 - 006032896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-11-12 19:13 - 2017-10-10 06:39 - 003681280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-12 19:13 - 2017-10-10 06:39 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-12 19:13 - 2017-10-10 06:37 - 003672064 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-11-12 19:13 - 2017-10-10 06:37 - 002869248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-12 19:13 - 2017-10-10 06:37 - 001587200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-11-12 19:13 - 2017-10-10 06:37 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-12 19:13 - 2017-10-10 06:36 - 001664000 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-11-12 19:13 - 2017-10-10 06:36 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-12 19:13 - 2017-10-10 06:34 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-11-12 19:13 - 2017-10-10 06:34 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2017-11-12 19:13 - 2017-10-10 06:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-11-12 19:13 - 2017-10-10 06:34 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-11-12 19:13 - 2017-10-10 06:33 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthTokenBrokerExt.dll
2017-11-12 19:13 - 2017-10-10 06:33 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-11-12 19:13 - 2017-10-10 06:32 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2017-11-12 19:13 - 2017-10-10 06:32 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-11-12 19:13 - 2017-10-10 06:32 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-11-12 19:13 - 2017-10-10 06:31 - 023664128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-12 19:13 - 2017-10-10 06:31 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-11-12 19:13 - 2017-10-10 06:31 - 000478208 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-11-12 19:13 - 2017-10-10 06:30 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-12 19:13 - 2017-10-10 06:30 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2017-11-12 19:13 - 2017-10-10 06:30 - 000442880 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-11-12 19:13 - 2017-10-10 06:29 - 008097792 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-11-12 19:13 - 2017-10-10 06:29 - 000769024 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2017-11-12 19:13 - 2017-10-10 06:28 - 004744192 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-12 19:13 - 2017-10-10 06:27 - 001547264 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-11-12 19:13 - 2017-10-10 06:27 - 001165824 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2017-11-12 19:13 - 2017-10-10 06:26 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-12 19:13 - 2017-10-10 06:26 - 002106880 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-11-12 19:13 - 2017-10-10 06:26 - 001856000 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-11-12 19:13 - 2017-10-10 06:26 - 000812032 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-12 19:13 - 2017-10-10 06:25 - 001822208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-12 19:13 - 2017-10-10 06:25 - 000925184 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2017-11-12 19:13 - 2017-10-10 06:24 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-11-12 19:13 - 2017-10-10 06:24 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-11-12 19:13 - 2017-10-04 16:21 - 002474080 _____ C:\Windows\SysWOW64\Windows.Mirage.dll
2017-11-12 19:13 - 2017-10-04 15:37 - 003312432 _____ C:\Windows\system32\Windows.Mirage.dll
2017-11-12 19:13 - 2017-10-03 23:42 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-11-12 19:13 - 2017-10-03 23:42 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-12 19:13 - 2017-10-03 23:42 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-11-12 19:12 - 2017-11-12 19:12 - 000000000 ____D C:\Users\Strat\AppData\Local\PackageStaging
2017-11-12 19:12 - 2017-11-12 19:12 - 000000000 ____D C:\Users\Strat\AppData\Local\Comms
2017-11-12 19:07 - 2017-11-12 20:08 - 000000000 ___RD C:\Users\Strat\OneDrive
2017-11-12 19:07 - 2017-11-12 19:07 - 000000000 ____D C:\Users\Strat\AppData\Local\DBG
2017-11-12 19:06 - 2017-11-12 20:56 - 000982918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-12 19:06 - 2017-11-12 19:06 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-12 19:05 - 2017-11-12 20:49 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-12 19:05 - 2017-11-12 20:08 - 000000000 ____D C:\Users\Strat\AppData\Local\Packages
2017-11-12 19:05 - 2017-11-12 19:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-12 19:05 - 2017-11-12 19:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-12 19:05 - 2017-11-12 19:55 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-12 19:05 - 2017-11-12 19:06 - 000000000 ____D C:\Users\Strat\AppData\Local\ConnectedDevicesPlatform
2017-11-12 19:05 - 2017-11-12 19:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-12 19:05 - 2017-11-12 19:05 - 000000000 ___RD C:\Users\Strat\3D Objects
2017-11-12 19:05 - 2017-11-12 19:05 - 000000000 ___HD C:\Users\Strat\MicrosoftEdgeBackups
2017-11-12 19:05 - 2017-11-12 19:05 - 000000000 ____D C:\Users\Strat\AppData\Roaming\Adobe
2017-11-12 19:05 - 2017-11-12 19:05 - 000000000 ____D C:\Users\Strat\AppData\Local\VirtualStore
2017-11-12 19:05 - 2017-11-12 19:05 - 000000000 ____D C:\Users\Strat\AppData\Local\Publishers
2017-11-12 19:05 - 2017-11-12 19:05 - 000000000 ____D C:\Users\Strat\AppData\Local\MicrosoftEdge
2017-11-12 19:05 - 2017-09-28 19:06 - 007850496 _____ (Microsoft Corporation) C:\Windows\system32\prm0015.dll
2017-11-12 19:05 - 2017-09-28 19:05 - 007702016 _____ (Microsoft Corporation) C:\Windows\system32\NL7Models0011.dll
2017-11-12 19:05 - 2017-09-28 19:05 - 002454528 _____ (Microsoft Corporation) C:\Windows\system32\NL7Lexicons0011.dll
2017-11-12 19:05 - 2017-09-28 19:02 - 007407616 _____ (Microsoft Corporation) C:\Windows\system32\NL7Data0011.dll
2017-11-12 19:05 - 2017-09-28 19:02 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\MSWB70011.dll
2017-11-12 19:05 - 2017-09-28 18:42 - 000517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB70011.dll
2017-11-12 19:05 - 2017-09-28 18:41 - 007246336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data0011.dll
2017-11-12 19:05 - 2017-09-28 15:50 - 000002060 _____ C:\Windows\system32\noise.jpn
2017-11-12 19:04 - 2017-11-12 19:07 - 000000000 ____D C:\Users\Strat
2017-11-12 19:04 - 2017-11-12 19:04 - 000000020 ___SH C:\Users\Strat\ntuser.ini
2017-11-12 19:04 - 2017-11-12 19:04 - 000000000 ____D C:\ProgramData\USOShared
2017-11-12 19:02 - 2017-11-12 19:02 - 000000000 _SHDL C:\Documents and Settings
2017-11-12 19:02 - 2017-11-12 19:02 - 000000000 ____D C:\Windows\CSC
2017-11-12 19:02 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-11-12 19:01 - 2017-11-12 20:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-12 19:01 - 2017-11-12 20:24 - 000348904 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-12 19:01 - 2017-11-12 19:01 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-11-12 19:01 - 2017-11-12 19:01 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-11-12 19:01 - 2017-11-12 19:01 - 000000000 ____D C:\Windows\ServiceProfiles
2017-11-03 22:24 - 2017-11-03 22:24 - 000633144 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2017-11-03 22:24 - 2017-11-03 22:24 - 000395592 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2017-11-03 22:24 - 2017-11-03 22:24 - 000333632 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2017-11-03 22:24 - 2017-11-03 22:24 - 000087880 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2017-11-01 12:58 - 2017-11-01 12:58 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-01 12:58 - 2017-11-01 12:58 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-01 12:58 - 2017-11-01 12:58 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-13 04:00 - 2017-09-29 14:46 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2017-11-12 20:49 - 2017-09-29 09:45 - 000524288 _____ C:\Windows\system32\config\BBI
2017-11-12 20:23 - 2017-09-29 14:44 - 000000000 ____D C:\Windows\INF
2017-11-12 20:09 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-12 20:09 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\AppReadiness
2017-11-12 19:54 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\Help
2017-11-12 19:38 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2017-11-12 19:31 - 2017-09-29 14:37 - 000000000 ____D C:\Windows\CbsTemp
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\zu-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\yo-NG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\xh-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\wo-SN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\uz-Latn-UZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\tn-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\tk-TM
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ti-ET
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\tg-Cyrl-TJ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\sw-KE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-RS
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-BA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\si-LK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\sd-Arab-PK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\rw-RW
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\quc-Latn-GT
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\prs-AF
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\pa-Arab-PK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\nso-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\mn-MN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ky-KG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ku-Arab-IQ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ig-NG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ha-Latn-NG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\chr-CHER-US
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\ca-ES-valencia
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\bs-Latn-BA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\bn-BD
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\az-Latn-AZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\zu-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\yo-NG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\xh-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\wo-SN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\vi-VN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\uz-Latn-UZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ur-PK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ug-CN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\tt-RU
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\tn-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\tk-TM
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ti-ET
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\tg-Cyrl-TJ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\te-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ta-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\sw-KE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\sr-Cyrl-RS
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\sr-Cyrl-BA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\sq-AL
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\si-LK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\sd-Arab-PK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\rw-RW
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\quz-PE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\quc-Latn-GT
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\prs-AF
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\pa-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\pa-Arab-PK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\or-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\nso-ZA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\nn-NO
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ne-NP
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\mt-MT
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\mr-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\mn-MN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ml-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\mk-MK
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\mi-NZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\lo-LA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\lb-LU
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ky-KG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ku-Arab-IQ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\kok-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\kn-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\km-KH
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\kk-KZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ka-GE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\is-IS
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ig-NG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\id-ID
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\hy-AM
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ha-Latn-NG
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\gu-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\gd-GB
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ga-IE
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\fil-PH
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\fa-IR
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\cy-GB
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\chr-CHER-US
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\ca-ES-valencia
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\bs-Latn-BA
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\bn-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\bn-BD
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\be-BY
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\az-Latn-AZ
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\as-IN
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\am-ET
2017-11-12 19:15 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\system32\af-ZA
2017-11-12 19:15 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-12 19:05 - 2017-09-29 15:41 - 000000000 ____D C:\Windows\OCR
2017-11-12 19:04 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2017-11-12 19:02 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\spool
2017-11-12 19:02 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-11-12 19:02 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-11-12 19:01 - 2017-09-29 14:46 - 000000000 ___RD C:\Windows\PrintDialog
2017-11-12 19:01 - 2017-09-29 14:46 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-11-12 19:01 - 2017-09-29 09:45 - 000032768 _____ C:\Windows\system32\config\ELAM
2017-11-12 19:01 - 2017-09-29 09:45 - 000000000 ____D C:\Windows\system32\Sysprep
2017-10-26 20:54 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-26 20:54 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some files in TEMP:
====================
2017-11-12 19:06 - 2017-09-16 18:17 - 000873320 _____ (NVIDIA Corporation) C:\Users\Strat\AppData\Local\Temp\nvSCPAPI64.dll
2017-11-12 19:53 - 2017-09-16 18:17 - 000368760 _____ (NVIDIA Corporation) C:\Users\Strat\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-12 19:01

==================== End of FRST.txt ============================

 

And Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
Ran by Strat (12-11-2017 21:08:30)
Running from C:\Users\Strat\Desktop
Windows 10 Pro Version 1709 16299.19 (X64) (2017-11-12 18:02:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-251556389-2389510660-2561409723-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-251556389-2389510660-2561409723-503 - Limited - Disabled)
Guest (S-1-5-21-251556389-2389510660-2561409723-501 - Limited - Disabled)
Strat (S-1-5-21-251556389-2389510660-2561409723-1001 - Administrator - Enabled) => C:\Users\Strat
WDAGUtilityAccount (S-1-5-21-251556389-2389510660-2561409723-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Backup and Sync from Google (HKLM-x32\...\{35943B6E-FA28-4261-B1C6-7BC128CBEB7B}) (Version: 3.37.7121.2026 - Google, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 38.4.27 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
K-Lite Codec Pack 13.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.6.5 - KLCP)
LibreOffice 5.4.3.2 (HKLM\...\{5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9}) (Version: 5.4.3.2 - The Document Foundation)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Sound Blaster Z-Series (HKLM-x32\...\{DAB64FB1-0BBB-486E-9C57-A3E34F463AEB}) (Version: 1.01.10 - Creative Technology Limited)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-05] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-05] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-05] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-05] (Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-05] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FB072B5-D01C-4BA0-9C7F-261036A24B7C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-27] (NVIDIA Corporation)
Task: {27045040-897C-4B77-9288-E05525E7CEB7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-11-09] ()
Task: {2A9336EB-4D9F-40DD-8039-BFB746701A9E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-12] (Dropbox, Inc.)
Task: {40FE6AC3-2473-49EA-B3EE-63C434E01362} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.)
Task: {66442503-4850-4A21-8139-EA3FAFCEDE4B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {7F484ADB-5D8D-410A-A17C-309124FB718E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-27] (NVIDIA Corporation)
Task: {8B34935E-60CB-4FBA-B3F1-DBF5C423F88B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-27] (NVIDIA Corporation)
Task: {941DE3EE-46A0-4849-AB78-931F1283B591} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-12] (Dropbox, Inc.)
Task: {BAB1C318-861C-483C-9F7B-84040A21575D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {EEAD8874-C9DD-44EE-8F7F-78DCC63C4700} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {FAB731CA-EE9D-4902-A465-75D48F183967} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.)
Task: {FB011D67-B857-4200-8B46-6A2071BA7D2E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {FF6513A5-01CD-4251-AFF2-96ACE3A76519} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-27] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-11-12 19:55 - 2017-10-27 18:50 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-11-12 20:24 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-12 20:24 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-08-29 01:43 - 2017-08-29 01:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-09-29 14:42 - 2017-09-29 15:42 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-29 15:42 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000030208 _____ () C:\Windows\system32\Windows.WARP.JITService.exe
2017-11-12 19:28 - 2017-11-05 10:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libglesv2.dll
2017-11-12 19:28 - 2017-11-05 10:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libegl.dll
2017-11-12 19:55 - 2017-10-27 18:50 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-11-12 19:55 - 2017-10-27 18:50 - 070806136 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-11-12 20:22 - 2017-11-01 12:58 - 000724288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-11-12 20:22 - 2017-11-01 12:58 - 002002752 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-11-12 20:22 - 2017-11-01 12:57 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-11-12 20:22 - 2017-11-01 12:58 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-11-12 20:22 - 2017-11-01 12:57 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-11-12 20:22 - 2017-11-01 12:58 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-11-12 20:22 - 2017-11-01 13:01 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000154440 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-11-12 20:22 - 2017-11-01 12:57 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-11-12 20:22 - 2017-11-01 12:58 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-11-12 20:22 - 2017-11-01 13:01 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-11-12 20:22 - 2017-11-01 12:58 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-11-12 20:22 - 2017-11-01 13:01 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-11-12 20:22 - 2017-11-01 13:01 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-11-12 20:22 - 2017-11-01 13:01 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2017-11-12 20:22 - 2017-11-01 13:01 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-11-12 20:22 - 2017-11-01 13:01 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-251556389-2389510660-2561409723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Strat\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\background 1080p.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B2F42255-8480-42E0-8952-E012F09E649A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98C5141A-CC53-4697-9787-56A19876BC74}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{F5196B4C-7B9C-4941-85AE-8F889F1F9CCF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{D55E249D-49F4-45BE-A566-0D9829861311}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2017 07:26:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-ABB27G3)
Description: Package Microsoft.WindowsStore_11706.1002.9.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (11/12/2017 07:07:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.16299.15 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1830

Start Time: 01d35be0d0ddb9ca

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Report Id: c2519ce6-6e40-482c-9f6a-4813be852032

Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Error: (11/12/2017 07:07:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-ABB27G3)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.

Error: (11/12/2017 07:05:34 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.

Error: (11/12/2017 07:05:34 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.

Error: (11/12/2017 07:05:26 PM) (Source: ESENT) (EventID: 522) (User: )
Description: ShellExperienceHost (6192,P,0) TILEREPOSITORYS-1-5-21-251556389-2389510660-2561409723-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).

Error: (11/12/2017 07:05:26 PM) (Source: ESENT) (EventID: 522) (User: )
Description: ShellExperienceHost (6192,P,0) TILEREPOSITORYS-1-5-21-251556389-2389510660-2561409723-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).

Error: (11/12/2017 07:05:26 PM) (Source: ESENT) (EventID: 522) (User: )
Description: ShellExperienceHost (6192,P,0) TILEREPOSITORYS-1-5-21-251556389-2389510660-2561409723-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).

Error: (11/12/2017 07:05:26 PM) (Source: ESENT) (EventID: 522) (User: )
Description: ShellExperienceHost (6192,P,0) TILEREPOSITORYS-1-5-21-251556389-2389510660-2561409723-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).

Error: (11/12/2017 07:05:26 PM) (Source: ESENT) (EventID: 522) (User: )
Description: ShellExperienceHost (6192,P,0) TILEREPOSITORYS-1-5-21-251556389-2389510660-2561409723-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (11/12/2017 09:01:24 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ABB27G3)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ABB27G3\Strat SID (S-1-5-21-251556389-2389510660-2561409723-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/12/2017 09:00:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ABB27G3)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ABB27G3\Strat SID (S-1-5-21-251556389-2389510660-2561409723-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/12/2017 08:57:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ABB27G3)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ABB27G3\Strat SID (S-1-5-21-251556389-2389510660-2561409723-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/12/2017 08:56:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ABB27G3)
Description: The server Microsoft.MicrosoftEdge_41.16299.15.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.

Error: (11/12/2017 08:54:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ABB27G3)
Description: The server Microsoft.MicrosoftEdge_41.16299.15.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.

Error: (11/12/2017 08:49:42 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12

Error: (11/12/2017 08:49:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ABB27G3)
Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (11/12/2017 08:49:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ABB27G3)
Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.

Error: (11/12/2017 08:44:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ABB27G3)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-ABB27G3\Strat SID (S-1-5-21-251556389-2389510660-2561409723-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/12/2017 08:42:59 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x12


CodeIntegrity:
===================================
  Date: 2017-11-12 21:02:27.786
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 21:02:27.148
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 21:02:10.904
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 21:02:10.273
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 21:01:38.649
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 20:57:29.565
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 20:57:28.934
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 20:56:58.427
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 20:56:58.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-11-12 20:55:12.333
  Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 22%
Total physical RAM: 16335.8 MB
Available physical RAM: 12715.89 MB
Total Virtual: 19279.8 MB
Available Virtual: 15062.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.28 GB) (Free:200.69 GB) NTFS
Drive d: () (Fixed) (Total:200.18 GB) (Free:200.06 GB) NTFS
Drive e: () (Fixed) (Total:731.32 GB) (Free:731.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00FFA705)

Partition: GPT.

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

 

 

Link to post
Share on other sites
Aura

Aura

Posted
Posted

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept