Task Manager opens but then closes after 1-2 seconds

ericflowerss · March 21, 2018

Just recently, I noticed that I haven't been able to open task manager at all. I have tried using command prompt to open it up but nothing works. I booted into safe mode and was able to finally get task manager to open but now when I boot up normally it still follows the same pattern of just opening and closing. I did a full system scan with malwarebytes but it comes up that my system is clean. Could I please get help? I have a lot of school work on this laptop and hoping that I can get whatever is on it removed. Thanks!

kevinf80 · March 21, 2018

Hello ericflowerss and welcome to Malwarbytes,

Run the following and post the produced logs:

Open Malwarebytes Anti-Malware.

On the Settings tab > Protection Scroll to and make sure the following are selected:
Scan for Rootkits
Scan within Archives
Scroll further to Potential Threat Protection make sure the following are set as follows:
Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
Click on the Scan make sure Threat Scan is selected,
A Threat Scan will begin.
When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
If asked to restart your computer to complete the removal, please do so
When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open MBAM once more to retrieve the log.

To get the log from Malwarebytes do the following:

Click on the Reports tab > from main interface.
Double click on the Scan log which shows the Date and time of the scan just performed.
Click Export > From export you have two options:
Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
Use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...

Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
Make sure Addition.txt is checkmarked under "Optional scans"
Press Scan button to run the tool....
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Kevin.

ericflowerss · March 21, 2018

Hey Kevin! Nice to meet you and thanks for offering to help me out!

Here is my malwarebytes log

MalwareBytes Log

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/21/18
Scan Time: 3:40 AM
Log File: 41e14c3a-2cf4-11e8-afa9-448a5b6ea401.json
Administrator: Yes

-Software Information-
Version: 3.4.4.2398
Components Version: 1.0.322
Update Package Version: 1.0.4434
License: Trial

-System Information-
OS: Windows 10 (Build 16299.248)
CPU: x64
File System: NTFS
User: MSI-ERICFLORES\Eric

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 386357
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 4 min, 6 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

(end)

FRST Log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Eric (administrator) on MSI-ERICFLORES (21-03-2018 03:48:13)
Running from C:\Users\Eric\Desktop
Loaded Profiles: Eric (Available Profiles: Eric & Guest User)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(OSBASE) C:\Windows\System32\ddmgr.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\System32\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Impulse Point,LLC) C:\Program Files (x86)\SafeConnect\scManager.sys
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Scarlet.Crush Productions) C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(DEVGURU Co., LTD.) D:\USB Drivers\25_escape\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\Eric\AppData\Local\Discord\app-0.0.300\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Discord Inc.) C:\Users\Eric\AppData\Local\Discord\app-0.0.300\Discord.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Slack Technologies) C:\Users\Eric\AppData\Local\slack\app-3.1.0\slack.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(Discord Inc.) C:\Users\Eric\AppData\Local\Discord\app-0.0.300\Discord.exe
(Impulse Point,LLC) C:\Program Files (x86)\SafeConnect\SafeConnectClient.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Duet, Inc.) D:\DuetDisplay\duet.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Slack Technologies) C:\Users\Eric\AppData\Local\slack\app-3.1.0\slack.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Slack Technologies) C:\Users\Eric\AppData\Local\slack\app-3.1.0\slack.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Slack Technologies) C:\Users\Eric\AppData\Local\slack\app-3.1.0\slack.exe
(Slack Technologies) C:\Users\Eric\AppData\Local\slack\app-3.1.0\slack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Slack Technologies) C:\Users\Eric\AppData\Local\slack\app-3.1.0\slack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Farbar) C:\Users\Eric\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [407720 2014-01-02] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3347680 2015-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2015-11-26] (Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-01-28] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [Duet Display] => D:\DuetDisplay\duet.exe [1862256 2016-12-15] (Duet, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [252928 2014-02-06] (SteelSeries ApS)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [Discord] => C:\Users\Eric\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5345672 2017-12-21] (Nota Inc.)
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Eric\AppData\Local\slack\Update.exe [1584656 2018-03-16] ()
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2014-01-02] (MSI)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-03-25]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{FF3BFE8F-D4B5-428A-9E62-464DCA7EBCFF}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SafeConnect.lnk [2016-09-17]
ShortcutTarget: SafeConnect.lnk -> C:\Program Files (x86)\SafeConnect\SCClient.exe (Impulse Point,LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1171039984-4071150371-2688886814-1001] => 35.168.251.43:25000
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{5122e4e6-de64-4082-b016-0d97a2e33919}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{f38708ca-52a9-4265-9577-cee87878ffad}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com/
HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKU\S-1-5-21-1171039984-4071150371-2688886814-1001 -> DefaultScope {5324C9B5-8F04-4EBE-9CFA-881D0B9DB0E6} URL =
SearchScopes: HKU\S-1-5-21-1171039984-4071150371-2688886814-1001 -> {5324C9B5-8F04-4EBE-9CFA-881D0B9DB0E6} URL =
SearchScopes: HKU\S-1-5-21-1171039984-4071150371-2688886814-1001 -> {E6A5D5EF-7B61-4C40-B412-3B79E3DBE6F6} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-03-16] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-22] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-03-20]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll [2014-08-27] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Active:"chrome-extension://henmfoppjjkcencpbjaigfahdjlgpegn/main.html"
CHR Profile: C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default [2018-03-21]
CHR Extension: (Slides) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-18]
CHR Extension: (HD for YouTube™) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2018-02-24]
CHR Extension: (Docs) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-18]
CHR Extension: (Google Drive) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Ledger Manager) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2018-03-09]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-12-14]
CHR Extension: (YouTube) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (reCAPTCHA Autoclick) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\caahalkghnhbabknipmconmbicpkcopl [2018-03-12]
CHR Extension: (Google Search) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Sheets) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-18]
CHR Extension: (EditThisCookie) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-02-13]
CHR Extension: (HTTPS Everywhere) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-03-06]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2016-07-26]
CHR Extension: (Google Docs Offline) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-09]
CHR Extension: (Dream Afar New Tab) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\henmfoppjjkcencpbjaigfahdjlgpegn [2016-07-06]
CHR Extension: (Disolve) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkemeiifcjekdalelhlepfgcoofioeol [2018-03-12]
CHR Extension: (Pay by Privacy.com) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgpakheknboplhmlicfkkgjipfabmhp [2018-03-20]
CHR Extension: (Ledger Wallet Ethereum) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmlhkialjkaldndjnlcdfdphcgeadkkm [2018-03-09]
CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2018-03-16]
CHR Extension: (Yosemite) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldcmfdcmbmemodgapljjjceihmaljeii [2018-01-12]
CHR Extension: (Kaspersky Protection) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-03-20]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-03-09]
CHR Extension: (Autofill) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2018-01-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-30]
CHR Extension: (Gmail) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-09]
CHR Profile: C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-03-16]
CHR Extension: (Slides) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-12]
CHR Extension: (Docs) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-12]
CHR Extension: (Google Drive) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-12]
CHR Extension: (YouTube) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-12]
CHR Extension: (reCAPTCHA Autoclick) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\caahalkghnhbabknipmconmbicpkcopl [2018-03-16]
CHR Extension: (Sheets) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-12]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2018-03-12]
CHR Extension: (Google Docs Offline) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-12]
CHR Extension: (Disolve) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hkemeiifcjekdalelhlepfgcoofioeol [2018-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-12]
CHR Extension: (Gmail) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-12]
CHR Extension: (Chrome Media Router) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-12]
CHR Profile: C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-03-16]
CHR Extension: (Slides) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-16]
CHR Extension: (Docs) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-16]
CHR Extension: (Google Drive) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-16]
CHR Extension: (YouTube) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-16]
CHR Extension: (reCAPTCHA Autoclick) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\caahalkghnhbabknipmconmbicpkcopl [2018-03-16]
CHR Extension: (Sheets) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-16]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2018-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-16]
CHR Extension: (Disolve) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hkemeiifcjekdalelhlepfgcoofioeol [2018-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-16]
CHR Extension: (Gmail) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-16]
CHR Profile: C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-03-16]
CHR Extension: (Slides) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-16]
CHR Extension: (Docs) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-16]
CHR Extension: (Google Drive) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-16]
CHR Extension: (YouTube) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-16]
CHR Extension: (reCAPTCHA Autoclick) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\caahalkghnhbabknipmconmbicpkcopl [2018-03-16]
CHR Extension: (Sheets) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-16]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gebpdbfmpedcnopofelmhndhincfkhki [2018-03-16]
CHR Extension: (Google Docs Offline) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-16]
CHR Extension: (Disolve) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hkemeiifcjekdalelhlepfgcoofioeol [2018-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-16]
CHR Extension: (Gmail) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-16]
CHR Profile: C:\Users\Eric\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-16]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebpdbfmpedcnopofelmhndhincfkhki] - hxxps://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-02-13] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962288 2018-03-12] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-10] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc.)
R2 ddmgr; C:\WINDOWS\system32\ddmgr.exe [1668256 2016-12-14] (OSBASE)
R2 Ds3Service; C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions)
S3 DuetUpdater; D:\DuetDisplay\DuetUpdater.exe [780912 2016-12-15] (Kairos)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2015-11-12] (ELAN Microelectronics Corp.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2016-12-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2018-03-20] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-01-02] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-09-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-02] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) [File not signed]
R2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [2731848 2017-11-17] (Impulse Point,LLC)
R2 ss_conn_service; D:\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-23] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-23] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [80592 2013-11-08] (Qualcomm Atheros, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R4 ddkmd; C:\WINDOWS\system32\drivers\ddkmd.sys [274304 2016-12-14] (OSBASE)
R0 ddkmdldr; C:\WINDOWS\System32\drivers\ddkmdldr.sys [29568 2016-12-14] (OSBASE)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76200 2018-01-18] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\SUPER CHARGER\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-09-29] (Qualcomm Atheros, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
S0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (AO Kaspersky Lab)
S1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [117984 2017-12-24] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207576 2018-03-20] (AO Kaspersky Lab)
R1 KLHK; C:\WINDOWS\System32\drivers\klhk.sys [594144 2018-03-20] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1055424 2018-03-20] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-10-12] (AO Kaspersky Lab)
S3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R4 klkbdflt2; C:\WINDOWS\system32\DRIVERS\klkbdflt2.sys [48352 2016-12-21] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
U0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [231312 2018-03-20] (AO Kaspersky Lab)
U3 klupd_klif_arkmon_5DF80B8E; C:\ProgramData\Kaspersky Lab\AVP18.0.0\temp\5DF80B8ED56F8865D0AD904F3199F08D\klupd_klif_arkmon.sys [231312 2018-03-20] (AO Kaspersky Lab)
U3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-03-20] (AO Kaspersky Lab)
U3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [252600 2018-03-21] (AO Kaspersky Lab)
U0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [107656 2018-03-20] (AO Kaspersky Lab)
U3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [174664 2018-03-20] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93920 2016-12-20] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [135904 2017-12-24] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193248 2018-03-21] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [109800 2018-03-21] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45960 2018-03-21] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-03-21] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [101600 2018-03-21] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R1 MpKslc967ffd2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{72499C07-5619-4C28-9971-94C784420A64}\MpKslc967ffd2.sys [58120 2018-03-21] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2016-09-08] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_d63c476addc6a325\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [32104 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-23] (NVIDIA Corporation)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-09-23] (Realsil Semiconductor Corporation)
S3 SAlphamBth; C:\WINDOWS\System32\drivers\SAlphabt64.sys [31232 2012-10-16] (SteelSeries Corporation) [File not signed]
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R3 SAlphaPS2; C:\WINDOWS\System32\drivers\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-23] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-23] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-23] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-21 03:48 - 2018-03-21 03:48 - 000042852 _____ C:\Users\Eric\Desktop\FRST.txt
2018-03-21 03:47 - 2018-03-21 03:47 - 002403328 _____ (Farbar) C:\Users\Eric\Desktop\FRST64 (1).exe
2018-03-21 02:17 - 2018-03-21 02:17 - 000045960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-03-21 02:16 - 2018-03-21 02:17 - 000193248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-03-21 02:16 - 2018-03-21 02:17 - 000109800 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-03-21 02:16 - 2018-03-21 02:17 - 000101600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-03-21 02:16 - 2018-03-21 02:16 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-03-21 02:16 - 2018-03-21 02:16 - 000000789 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-03-21 02:16 - 2018-03-21 02:16 - 000000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-03-21 02:16 - 2018-03-21 02:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-21 00:02 - 2018-03-21 00:02 - 000252600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2018-03-20 23:52 - 2018-03-20 23:52 - 000231312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2018-03-20 23:52 - 2018-03-20 23:52 - 000174664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-03-20 23:52 - 2018-03-20 23:52 - 000107656 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2018-03-20 23:52 - 2018-03-20 23:52 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2018-03-20 23:52 - 2018-03-20 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-03-20 23:51 - 2018-03-20 23:52 - 000003392 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2018-03-20 23:51 - 2018-03-20 23:51 - 000002218 _____ C:\Users\Public\Desktop\Safe Money.lnk
2018-03-20 23:51 - 2018-03-20 23:51 - 000002194 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2018-03-20 23:51 - 2018-03-20 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2018-03-20 23:51 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2018-03-20 23:50 - 2018-03-20 23:50 - 001055424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2018-03-20 23:50 - 2018-03-20 23:50 - 000594144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2018-03-20 23:50 - 2018-03-20 23:50 - 000207576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2018-03-20 23:50 - 2018-03-20 23:50 - 000149304 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2018-03-20 23:48 - 2018-03-20 23:48 - 002475568 _____ (Kaspersky Lab) C:\Users\Eric\Downloads\kts18.0.0.405aben_es_fr_13118.exe
2018-03-20 23:42 - 2018-03-20 23:43 - 040510072 _____ (Microsoft Corporation) C:\Users\Eric\Downloads\Windows-KB890830-x64-V5.58 (1).exe
2018-03-20 23:42 - 2018-03-20 23:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-03-20 23:41 - 2018-03-20 23:41 - 000000121 _____ C:\Users\Eric\Downloads\fixlist.txt
2018-03-20 23:40 - 2018-03-20 23:40 - 000001759 _____ C:\Users\Eric\Downloads\Fixlog.txt
2018-03-20 23:39 - 2018-03-21 03:48 - 000000000 ____D C:\FRST
2018-03-20 23:38 - 2018-03-20 23:38 - 040510072 _____ (Microsoft Corporation) C:\Users\Eric\Downloads\Windows-KB890830-x64-V5.58.exe
2018-03-20 23:38 - 2018-03-20 23:38 - 002403328 _____ (Farbar) C:\Users\Eric\Downloads\FRST64.exe
2018-03-20 20:41 - 2018-03-20 20:41 - 032260096 _____ C:\Users\Eric\Downloads\EpicInstaller-7.5.0 (1).msi
2018-03-20 20:39 - 2018-03-20 20:39 - 032260096 _____ C:\Users\Eric\Downloads\EpicInstaller-7.5.0.msi
2018-03-20 20:38 - 2018-03-20 20:38 - 000000000 ____D C:\Users\Eric\AppData\Local\CrashReportClient
2018-03-20 03:10 - 2018-03-20 03:10 - 000002683 _____ C:\Users\Eric\Downloads\Ghost Profiles Final - Sheet1.csv
2018-03-20 03:07 - 2018-03-20 03:07 - 000018808 _____ C:\Users\Eric\Desktop\Ghost Profiles Final .xlsx
2018-03-20 03:04 - 2018-03-20 03:10 - 000002683 _____ C:\Users\Eric\Desktop\Ghost Profiles Final - Sheet1.csv
2018-03-17 02:09 - 2018-03-20 20:45 - 000000000 ____D C:\Sole Adi
2018-03-17 02:09 - 2018-03-17 02:09 - 000000703 _____ C:\Users\Public\Desktop\Uninstall Sole Adi.lnk
2018-03-17 02:09 - 2018-03-17 02:09 - 000000653 _____ C:\Users\Public\Desktop\Sole Adidas.lnk
2018-03-17 02:09 - 2018-03-17 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sole Adi
2018-03-17 00:06 - 2018-03-17 00:06 - 024786245 _____ C:\Users\Eric\Desktop\app.asar
2018-03-17 00:06 - 2018-03-17 00:06 - 000002412 _____ C:\Users\Eric\Desktop\Shopify Dashe.lnk
2018-03-17 00:06 - 2018-03-17 00:06 - 000000000 ____D C:\Users\Eric\AppData\Local\shopify-dashe
2018-03-17 00:04 - 2018-03-17 00:05 - 057905664 _____ (DasheIO, LLC) C:\Users\Eric\Downloads\Dashe-Installer.exe
2018-03-16 23:54 - 2018-03-21 00:47 - 000000000 _____ C:\Users\Eric\tasklist
2018-03-16 23:54 - 2018-03-16 23:54 - 000000000 _____ C:\WINDOWS\system32\tasklist
2018-03-16 23:51 - 2018-03-16 23:52 - 133245572 _____ (Sole Sorcerer) C:\Users\Eric\Downloads\Sole Adi Installer (3).exe
2018-03-16 22:43 - 2018-03-16 22:43 - 003079531 _____ C:\Users\Eric\Downloads\Chapter 12 Exercise Solution.pptx
2018-03-16 15:34 - 2018-03-16 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-16 01:58 - 2018-03-16 01:59 - 133211337 _____ (Sole Sorcerer) C:\Users\Eric\Downloads\Sole Adi Installer (2).exe
2018-03-15 22:10 - 2018-03-15 22:11 - 133204100 _____ (Sole Sorcerer) C:\Users\Eric\Downloads\Sole Adi Installer.exe
2018-03-15 21:29 - 2018-03-15 21:29 - 000001003 _____ C:\Users\Eric\Downloads\1587.txt
2018-03-15 21:29 - 2018-03-15 21:29 - 000001003 _____ C:\Users\Eric\Desktop\GhostAccounts.txt
2018-03-15 21:28 - 2018-03-15 21:29 - 024786487 _____ C:\Users\Eric\Downloads\disolve-win-2.5.1.asar
2018-03-15 04:50 - 2018-03-15 04:50 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-03-15 04:50 - 2018-03-15 04:50 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-03-15 04:50 - 2018-03-15 04:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-03-15 04:50 - 2018-03-15 04:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-03-12 23:01 - 2018-03-12 23:01 - 057895424 _____ (DasheIO, LLC) C:\Users\Eric\Downloads\Dashe-Installer (8).exe
2018-03-12 22:55 - 2018-03-12 22:58 - 000000000 ____D C:\Users\Eric\AppData\Roaming\npm-cache
2018-03-12 22:55 - 2018-03-12 22:55 - 000000000 ____D C:\Users\Eric\.config
2018-03-12 22:21 - 2018-03-12 22:55 - 000000000 ____D C:\Users\Eric\AppData\Roaming\npm
2018-03-12 22:21 - 2018-03-12 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2018-03-12 22:21 - 2018-03-12 22:22 - 000000000 ____D C:\Program Files\nodejs
2018-03-12 22:20 - 2018-03-12 22:21 - 016732160 _____ C:\Users\Eric\Downloads\node-v8.10.0-x64.msi
2018-03-12 22:13 - 2018-03-15 21:31 - 000000000 ____D C:\Users\Eric\Desktop\disolve-helper-develop
2018-03-12 22:13 - 2018-03-12 22:13 - 000011427 _____ C:\Users\Eric\Downloads\disolve-helper-develop.zip
2018-03-12 21:39 - 2018-03-12 21:45 - 000000000 ____D C:\Users\Eric\AppData\Roaming\TeamViewer
2018-03-12 21:36 - 2018-03-12 21:36 - 019315456 _____ (TeamViewer GmbH) C:\Users\Eric\Downloads\TeamViewer_Setup.exe
2018-03-12 01:50 - 2018-03-12 01:50 - 003929495 _____ C:\Users\Eric\Downloads\OBJ Datastream.pdf
2018-03-12 01:50 - 2018-03-12 01:50 - 003929495 _____ C:\Users\Eric\Downloads\OBJ Datastream (1).pdf
2018-03-09 22:20 - 2018-03-09 22:20 - 000000000 ____D C:\Users\Eric\Documents\FeedbackHub
2018-03-09 22:04 - 2018-03-21 02:16 - 000001922 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-09 22:04 - 2018-03-09 22:04 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-09 22:04 - 2018-01-18 08:03 - 000076200 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-03-09 22:00 - 2018-03-16 06:33 - 000000000 ____D C:\Users\Eric\AppData\Local\slack
2018-03-09 21:59 - 2018-03-16 06:33 - 000002260 _____ C:\Users\Eric\Desktop\Slack.lnk
2018-03-09 21:59 - 2018-03-16 06:33 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2018-03-09 21:57 - 2018-03-09 21:57 - 084368400 _____ (Slack Technologies) C:\Users\Eric\Downloads\SlackSetup (1).exe
2018-03-09 21:21 - 2018-03-09 21:22 - 056646144 _____ (Ghost AIO LLC) C:\Users\Eric\Downloads\Ghost.SNKRS.Setup.1.6.1.exe
2018-03-09 17:40 - 2018-03-09 17:41 - 191817185 _____ C:\Users\Eric\Downloads\NoMercyv2.0.0-win (1).zip
2018-03-09 16:11 - 2018-03-09 16:11 - 000000270 _____ C:\Users\Eric\Desktop\discord webhooks.txt
2018-03-09 15:32 - 2018-03-09 15:32 - 000000000 ____D C:\Users\Eric\AppData\Local\NoMercy
2018-03-09 15:27 - 2018-03-09 15:31 - 000000000 ____D C:\Users\Eric\Desktop\NoMercyv2.0.0-win
2018-03-09 15:25 - 2018-03-09 15:25 - 000007166 _____ C:\Users\Eric\Downloads\data.zip
2018-03-07 02:42 - 2018-03-07 02:42 - 000000000 ____D C:\Users\Eric\AppData\Local\Ofi Labs
2018-03-07 02:27 - 2018-03-20 01:58 - 000000000 ____D C:\Users\Eric\AppData\Local\ghost-snkrs
2018-03-07 02:26 - 2018-03-07 02:27 - 060043264 _____ (Ghost AIO LLC) C:\Users\Eric\Downloads\Ghost.SNKRS.Setup.1.4.0.exe
2018-03-07 02:26 - 2018-03-07 02:27 - 000000144 _____ C:\Users\Eric\Desktop\ghostsnkrs.txt
2018-03-07 02:26 - 2018-03-07 02:26 - 000000143 _____ C:\Users\Eric\Downloads\ghostsnkrs.txt
2018-02-24 06:42 - 2018-02-24 06:42 - 060038144 _____ (Ghost AIO LLC) C:\Users\Eric\Downloads\Ghost.SNKRS.Setup.1.3.2.exe
2018-02-23 09:00 - 2018-02-24 22:10 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Electron
2018-02-23 02:35 - 2018-02-23 02:35 - 084231715 _____ C:\Users\Eric\Downloads\NoMercyv1.0.4-win.zip
2018-02-23 01:27 - 2018-03-15 21:45 - 000000923 _____ C:\Users\Eric\Desktop\BoostedProxies.txt
2018-02-23 01:06 - 2018-02-23 01:07 - 084658487 _____ (Sole Sorcerer) C:\Users\Eric\Downloads\Sole Adi Installer (1).exe
2018-02-22 23:59 - 2018-02-22 23:59 - 000001696 _____ C:\Users\Eric\Downloads\NMD.pem
2018-02-22 23:59 - 2018-02-22 23:59 - 000001696 _____ C:\Users\Eric\Desktop\NMD.pem
2018-02-21 23:28 - 2018-03-20 01:58 - 000002368 _____ C:\Users\Eric\Desktop\Ghost SNKRS.lnk
2018-02-21 23:25 - 2018-03-20 01:58 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghost AIO LLC
2018-02-21 22:44 - 2018-02-21 22:44 - 000000525 _____ C:\Users\Eric\Downloads\flores.txt
2018-02-20 02:20 - 2018-02-20 02:20 - 000000875 _____ C:\Users\Eric\Downloads\944.txt
2018-02-20 01:29 - 2018-03-12 05:12 - 000000000 ____D C:\Users\Eric\Desktop\ATC folder
2018-02-19 21:27 - 2018-02-19 21:27 - 000000637 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2018-02-19 21:27 - 2018-02-19 21:27 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Sublime Text 3
2018-02-19 21:27 - 2018-02-19 21:27 - 000000000 ____D C:\Users\Eric\AppData\Local\Sublime Text 3
2018-02-19 21:26 - 2018-02-19 21:26 - 008952928 _____ (Sublime HQ Pty Ltd ) C:\Users\Eric\Downloads\Sublime Text Build 3143 x64 Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-21 02:52 - 2016-09-17 19:19 - 000000000 ____D C:\Program Files (x86)\SafeConnect
2018-03-21 01:28 - 2018-01-22 03:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-21 00:30 - 2014-09-02 17:38 - 000000000 ____D C:\Users\Eric\AppData\Local\CrashDumps
2018-03-21 00:08 - 2014-11-02 13:57 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-03-20 23:52 - 2017-09-29 06:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-20 23:52 - 2017-01-23 00:59 - 000000000 ____D C:\Program Files\Common Files\AV
2018-03-20 23:52 - 2014-11-02 13:57 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-03-20 23:51 - 2017-09-29 06:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-03-20 23:49 - 2016-02-08 00:19 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-03-20 23:48 - 2016-02-08 01:57 - 001256752 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-20 23:44 - 2017-11-29 05:11 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-20 23:44 - 2014-09-02 08:31 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-20 23:43 - 2018-02-13 17:53 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Slack
2018-03-20 23:43 - 2017-01-08 22:55 - 000000000 ____D C:\Users\Eric\AppData\Roaming\duet
2018-03-20 23:42 - 2018-01-22 03:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-20 23:42 - 2016-05-23 23:43 - 000000000 ___RD C:\Users\Eric\iCloudDrive
2018-03-20 23:42 - 2016-02-08 01:55 - 000000000 __SHD C:\Users\Eric\IntelGraphicsProfiles
2018-03-20 23:42 - 2016-02-08 01:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-03-20 23:42 - 2016-02-08 01:44 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-20 23:41 - 2017-09-29 01:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-03-20 23:17 - 2018-01-22 03:17 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FD1FD100-1DF1-464B-A7D9-80145DC3D517}
2018-03-20 23:16 - 2017-09-29 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-20 20:41 - 2018-02-13 18:35 - 000000000 ____D C:\Program Files (x86)\Epic Games
2018-03-20 20:26 - 2014-08-30 00:18 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-20 20:26 - 2014-08-30 00:18 - 000002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-17 00:06 - 2018-01-13 18:23 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DasheIO, LLC
2018-03-17 00:06 - 2018-01-13 18:16 - 000000000 ____D C:\Users\Eric\AppData\Local\SquirrelTemp
2018-03-17 00:03 - 2018-02-13 18:23 - 000000064 _____ C:\Users\Eric\Desktop\SoleAdidasKey.txt
2018-03-17 00:03 - 2018-01-13 18:23 - 000000000 ____D C:\Users\Eric\AppData\Roaming\shopify-dashe
2018-03-16 23:54 - 2018-01-22 03:12 - 000000000 ____D C:\Users\Eric
2018-03-16 23:25 - 2016-05-24 00:09 - 000000000 ____D C:\Users\Eric\AppData\Local\ElevatedDiagnostics
2018-03-16 22:43 - 2014-08-29 23:55 - 000000000 ____D C:\Users\Eric\AppData\Local\Packages
2018-03-16 22:40 - 2017-09-29 06:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-16 22:38 - 2015-09-15 16:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-16 15:35 - 2017-01-10 22:11 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-03-16 08:04 - 2017-06-23 01:22 - 000002304 ____H C:\Users\Eric\Documents\Default.rdp
2018-03-15 21:48 - 2018-02-17 04:10 - 000001168 _____ C:\Users\Eric\Desktop\eric.flores 25 US FebMulti.txt
2018-03-13 00:25 - 2017-06-20 23:33 - 000000000 __SHD C:\Users\Eric\wc
2018-03-09 22:23 - 2016-02-19 09:08 - 000000000 ____D C:\WINDOWS\pss
2018-03-09 22:22 - 2018-02-13 18:13 - 000000000 ____D C:\WINDOWS\Panther
2018-03-09 22:19 - 2016-02-19 09:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-03-09 22:04 - 2014-09-03 23:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-09 16:07 - 2018-02-17 04:11 - 000001098 _____ C:\Users\Eric\Desktop\eproxies.txt
2018-03-08 02:50 - 2016-05-23 23:43 - 000000000 ____D C:\Users\Eric\Documents\Outlook Files
2018-03-08 02:49 - 2016-05-23 23:43 - 000000000 ____D C:\Users\Eric\AppData\Local\FE2FF96A-A08D-4A4F-979A-9666FC891411.aplzod
2018-03-07 02:39 - 2018-01-22 02:02 - 000000000 ____D C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.6
2018-02-24 17:09 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-21 23:25 - 2018-02-15 03:23 - 000000000 ____D C:\Users\Eric\AppData\Roaming\ghost-snkrs
2018-02-19 22:01 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\rescache

==================== Files in the root of some directories =======

2017-05-09 02:41 - 2017-06-21 23:33 - 000000600 _____ () C:\Users\Eric\AppData\Local\PUTTY.RND

Some files in TEMP:
====================
2018-03-15 22:10 - 2018-03-17 02:09 - 000503808 _____ () C:\Users\Eric\AppData\Local\Temp\xuninst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-17 02:18

==================== End of FRST.txt ============================

Addition Log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Eric (21-03-2018 03:49:07)
Running from C:\Users\Eric\Desktop
Windows 10 Home Version 1709 16299.248 (X64) (2018-01-22 10:19:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1171039984-4071150371-2688886814-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1171039984-4071150371-2688886814-503 - Limited - Disabled)
Eric (S-1-5-21-1171039984-4071150371-2688886814-1001 - Administrator - Enabled) => C:\Users\Eric
Guest (S-1-5-21-1171039984-4071150371-2688886814-501 - Limited - Disabled)
Guest User (S-1-5-21-1171039984-4071150371-2688886814-1004 - Limited - Enabled) => C:\Users\Guest User
HomeGroupUser$ (S-1-5-21-1171039984-4071150371-2688886814-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1171039984-4071150371-2688886814-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
AIO Bot Plus version 1.0.14 (HKLM-x32\...\{8F837851-EB27-4218-BC96-4018274AA016}_is1) (Version: 1.0.14 - ANB)
AIO Bot version 1.3.0.10 (HKLM-x32\...\{4A58CA26-B24E-42CE-923B-2D9700AC011C}_is1) (Version: 1.3.0.10 - ANB)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1402.2101 - Micro-Star International Co., Ltd.)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boot Configure (HKLM\...\{5DEFD958-7239-4FA0-8B4E-3B532D7A14BF}) (Version: 10.014.02075 - Application)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1309.301 - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Dragon Gaming Center (HKLM-x32\...\{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Hidden
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duet Display (HKLM\...\{52444E6D-BBB3-4BC1-A4E3-3602B173BB42}) (Version: 1.4.5.4 - Kairos)
ELAN Touchpad 15.13.3.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.3.1 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{D442B219-3EBE-4EE2-88F9-5A31DF331CB1}) (Version: 1.1.144.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Ghost SNKRS (HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\ghost-snkrs) (Version: 1.8.0 - Ghost AIO LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.5.4 (HKLM-x32\...\GoPro Studio) (Version: 2.5.4 - GoPro, Inc.)
Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (HKLM-x32\...\{853F464A-B2B8-404E-BA3E-B98FF6862C41}) (Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{86b86e21-7c9b-4baa-b284-69ce4a918661}) (Version: 16.10.0 - Intel Corporation)
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Kairos Display (HKLM\...\{26FF0635-2319-4DA6-8B7D-D35E9CD40E85}) (Version: 1.00.2870 - Kairos)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)
MAGIX MX Suite (HKLM\...\{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG) Hidden
MAGIX MX Suite (HKLM-x32\...\MAGIX_{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG)
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Movie Maker (HKLM-x32\...\{0A32B8F3-011F-4E2C-A87D-55791BA1470D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{159EA4A9-1F8A-4B12-95B7-47581F5B0F89}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{97E3AE69-8FB1-496A-8CA0-AE491902DCD7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A888DBA2-C45E-4301-9C25-571FC73DCB69}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DEA34BD6-47C4-4505-895D-139327473329}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F7954B53-8522-450D-B262-B362B440FEC0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)
MyFreeCodec (HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\MyFreeCodec) (Version: - )
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.15.07 - NETGEAR Inc.)
Node.js (HKLM\...\{A25EF8A9-BF15-454F-930E-2B03D9D77F3E}) (Version: 8.10.0 - Node.js Foundation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PuTTY release 0.69 (64-bit) (HKLM\...\{5FE84905-DAF1-4319-82B2-D60BCA095BCE}) (Version: 0.69.0.0 - Simon Tatham)
Python 3.6.1 (32-bit) (HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\{1babc3bc-6a32-44f7-bf4d-60eec36c9ad1}) (Version: 3.6.1150.0 - Python Software Foundation)
Python 3.6.1 (64-bit) (HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\{5984d629-979e-4439-b893-accde1a00a68}) (Version: 3.6.1150.0 - Python Software Foundation)
Python 3.6.1 Add to Path (32-bit) (HKLM-x32\...\{ED8BD450-5015-4CB3-95B5-2D93F23E111B}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Add to Path (64-bit) (HKLM\...\{079FEF6F-9E83-4694-897D-69C30389B772}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Core Interpreter (32-bit) (HKLM-x32\...\{E63E60CA-437B-4894-8395-81F2F66483B0}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Core Interpreter (64-bit) (HKLM\...\{27133190-078A-4A46-81B0-FF476EAEBF2A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Development Libraries (32-bit) (HKLM-x32\...\{3029D656-0C32-4AC9-84FB-A15056F356CC}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Development Libraries (64-bit) (HKLM\...\{953B4007-8312-48CA-817E-29B43988EB35}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Documentation (32-bit) (HKLM-x32\...\{D1198C40-C6F5-4FFB-B98C-79BF1FE706C1}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Documentation (64-bit) (HKLM\...\{41626EAD-257F-401F-8531-51C5A7D4CA6C}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Executables (32-bit) (HKLM-x32\...\{A7036382-80F1-4FC1-B244-D31AA50337F4}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Executables (64-bit) (HKLM\...\{9139037B-B991-4022-946F-DAA9A9FDC7EE}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 pip Bootstrap (32-bit) (HKLM-x32\...\{899F7F28-F6D3-4E5B-8FBE-F7929036172A}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 pip Bootstrap (64-bit) (HKLM\...\{5F9A36CA-767E-4922-84AB-73E61264FE5C}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Standard Library (32-bit) (HKLM-x32\...\{3BCCB89B-CD98-4F78-8436-78847FABFD68}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Standard Library (64-bit) (HKLM\...\{B7A716F0-78C1-4CB9-8756-0E51C5DD7622}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Tcl/Tk Support (32-bit) (HKLM-x32\...\{F6ED0771-FE83-4A1C-BE65-A06CB65B46D5}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Tcl/Tk Support (64-bit) (HKLM\...\{AC60D963-1CE4-429B-AB29-F973DC55A918}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Test Suite (32-bit) (HKLM-x32\...\{F44EF183-905E-48BB-998E-53FC99B36FE3}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Test Suite (64-bit) (HKLM\...\{A298B2DB-1F21-476D-9BD7-4ECC23101C90}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Utility Scripts (32-bit) (HKLM-x32\...\{2AA7DAB3-6778-42A7-9F33-22615234540E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python 3.6.1 Utility Scripts (64-bit) (HKLM\...\{7CB8460F-55AD-4C70-8D04-72947C46C85E}) (Version: 3.6.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{9CD6F9C3-1D1A-4A62-880E-74FE7726CF75}) (Version: 1.1.38.1037 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{0B421602-CBC4-4375-B816-9D8CD81DC698}) (Version: 1.1.38.1037 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (HKLM\...\{FF3BFE8F-D4B5-428A-9E62-464DCA7EBCFF}) (Version: 1.1.38.1037 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.38.1037 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
SafeConnect (HKLM-x32\...\SafeConnect) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SCM (HKLM\...\{6692DCAF-A445-4C6B-AF31-3DD85FC06FBA}) (Version: 13.014.01026 - Application)
shopify-dashe (HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\shopify-dashe) (Version: 2.5.1 - DasheIO, LLC)
Slack (HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\slack) (Version: 3.1.0 - Slack Technologies)
Sole Adi (HKLM-x32\...\Sole_Deploy_11) (Version: - Sole Sorcerer)
Sole Adi (HKLM-x32\...\Sole_Deploy_14) (Version: - Sole Sorcerer)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.05 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.427.1242 - SteelSeries)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)
System Requirements Lab CYRI (HKLM-x32\...\{705216C1-BA52-4B16-AFE4-4143B340D62D}) (Version: 6.0.12.6 - Husdawg, LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
フォトギャラリー (HKLM-x32\...\{D6D69EE4-00F6-4DCE-B7AF-E90042BDE39B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
معرض الصور (HKLM-x32\...\{CF15F988-98D4-479F-9750-85A495BF8233}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
사진 갤러리 (HKLM-x32\...\{72CA45B4-0A70-45F5-B447-F6FC0795918D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
影像中心 (HKLM-x32\...\{D3F0882C-4948-4BAA-9720-47CC4D9AEF54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
照片库 (HKLM-x32\...\{E9BAA7A4-4397-4DE7-8C01-5A39B24F17F2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1171039984-4071150371-2688886814-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Eric\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1171039984-4071150371-2688886814-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Eric\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1171039984-4071150371-2688886814-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Eric\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-03-20] (AO Kaspersky Lab)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2013-08-02] (WinZip Computing, S.L.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-03-20] (AO Kaspersky Lab)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-03-20] (AO Kaspersky Lab)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2013-08-02] (WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-03-20] (AO Kaspersky Lab)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2013-08-02] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0606E62F-E42E-4126-999B-8E54B1951512} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {0E7B6913-4913-4F92-9806-016FB70DF434} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {1246AB56-4F2D-4D72-AB76-77327C8CB7A6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {13850425-25CF-4C50-B782-BE5C2B85FA4F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1895FEE4-6E4C-427F-A918-9BE0688E81C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {19CDEDF3-A6C5-4752-810C-D91E036D01E9} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-eric.flores@live.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {1D948229-1587-419F-BE2F-D9127521CE39} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1E73F433-5C44-498A-89D1-276995BC5BDC} - System32\Tasks\{B93024A9-7505-4187-9B89-389955F7DF76} => C:\Windows\system32\pcalua.exe -a "C:\Users\Eric\Downloads\Xbox360_64Eng (1).exe" -d C:\Users\Eric\Downloads
Task: {2941A520-0301-4124-A18D-95A495B3D94D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-16] (Microsoft Corporation)
Task: {29927BF5-DE54-49FB-B3E5-85FCE3BC12E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {2B32AE08-4F8A-4F2D-B223-65C693DD63CB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-10] (Dropbox, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3F553D15-97AD-48C3-98C5-79B5F69F283B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {402E60A9-998A-46C7-AEAE-1408DDE06B46} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {4CA9C46D-72E3-4E86-804E-2986E49B68DD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-16] (Microsoft Corporation)
Task: {4D4B814F-D622-45A1-8FF0-03AF845827EB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {4F1A19F6-4612-48F5-9CE2-EEC4512D0D57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {55C31961-A925-41C7-A496-6C312D9AA9D5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {58E8EFC5-6626-4370-BA25-477D5EFA12F1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-16] (Microsoft Corporation)
Task: {5A77D156-DC9B-4D01-9EE5-489D93F07286} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {60BE14C2-EA6F-49CE-8829-2DFE4BD8A6CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {65BE93C0-2304-4F82-81F6-5AEF77DEAA49} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {6946940D-3F14-482A-8B00-7B2C5EB38A14} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {6B7E6FDC-D56B-452C-AF41-D4D0FB1C5B1B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6BE11760-371D-4542-986B-8C4F333644BF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6BFB5991-4053-4FAF-8DBE-6E0BFA54A343} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-16] (Microsoft Corporation)
Task: {84EED202-9686-4FF1-B298-03CA35E67942} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {871F33C2-502F-433C-B539-B73B3ED4DC2F} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {8F2493F3-FD7A-4451-93EB-A1C2D0D0E13A} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {9151BED3-D450-4B7E-84E3-12DE0D5B8207} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9B5D1FC6-9E8A-403A-8FA1-60FFE9339363} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {A413C0EA-F606-48A6-AAEE-A4751CD1F306} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-01-10] (Dropbox, Inc.)
Task: {AE74D195-C0FF-4ACB-97BC-C14E0F1253F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {AF23F4B1-4831-44C8-9E22-EF3E571A55C6} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {AF267BAD-9C86-42E4-9D20-A9E4A6636D8D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {B245343A-4255-4D8F-8D9E-027CE8ECB165} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B466671A-53B6-4A51-92AD-3206CE047911} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B5D7D900-A15D-4D32-9C00-BFAC2C872E07} - System32\Tasks\DuetUpdater => D:\DuetDisplay\DuetUpdater.exe [2016-12-15] (Kairos)
Task: {B8A14540-595A-4D55-BF44-3F9F6405B0E5} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2018-03-20] (AO Kaspersky Lab)
Task: {C67E73B8-95EF-405E-9712-DCC84CCF5DDD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {D84A131E-F285-4073-B49D-3EBC20AFCB7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {D93C296F-2E69-4EA3-8E81-4CFEF0794B12} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DBD1CD4D-5A17-4EDF-A772-915355CD3FE0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DC0B9AE8-9355-454F-8981-CBFC1823577C} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {DC34DC01-A497-4078-A606-09BD1994C852} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {E0B1F1E0-00EA-4E62-AB04-20E8056AB7BF} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {EDA3A738-C0BB-4524-BE53-56516861EBB2} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {F19B9D7D-420D-4ECE-8284-4ADE0CFB5FC7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F643FD47-AA28-484E-9F05-74E48558AD8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-23] (Microsoft Corporation)
Task: {F6B69A35-FD73-42FD-9E1D-4416D7D409DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-16] (Microsoft Corporation)
Task: {FC3532AC-C98B-42AD-8117-B16393C35ED9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FE92884D-E5E9-457C-B8C7-0D1582B05553} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ledger Manager.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=beimhnaefocolcplfimocfiaiefpkgbf
ShortcutWithArgument: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ledger Wallet Bitcoin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=kkdpmhnladdopljabkgpacgpliggeeaf
ShortcutWithArgument: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ledger Wallet Ethereum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmlhkialjkaldndjnlcdfdphcgeadkkm
ShortcutWithArgument: C:\Users\Eric\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4501b0d403e6b92d\NoMercy.lnk -> C:\Users\Eric\Desktop\NoMercyv2.0.0-win\app.exe (The NWJS Community) -> --user-data-dir="C:\Users\Eric\AppData\Local\NoMercy\User Data" --profile-directory=Default --app-id=gglfnompnlgdoclllebabipbhekefnci

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 06:41 - 2017-09-29 06:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-24 13:39 - 2012-08-31 15:03 - 000288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2016-10-24 13:39 - 2012-08-31 15:02 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2018-02-14 00:56 - 2018-01-10 07:05 - 001269096 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-02-14 01:15 - 2018-01-23 17:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2014-09-02 21:33 - 2014-09-02 21:33 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 001337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-25 14:17 - 2018-03-06 23:10 - 008933552 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2018-02-13 19:15 - 2018-02-09 21:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-13 19:15 - 2018-02-09 21:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-13 17:40 - 2018-02-13 17:40 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-02-13 17:40 - 2018-02-13 17:40 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-02-13 17:40 - 2018-02-13 17:40 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-02-13 17:40 - 2018-02-13 17:40 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-13 17:40 - 2018-02-13 17:40 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2014-03-25 14:27 - 2014-01-27 10:51 - 000089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-03-25 14:27 - 2014-01-27 10:49 - 000364032 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-07-28 11:29 - 2014-07-28 11:29 - 000866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-28 11:32 - 2014-07-28 11:32 - 001050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-28 11:29 - 2014-07-28 11:29 - 000059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-28 11:31 - 2014-07-28 11:31 - 000242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-01-22 10:44 - 2014-01-22 10:44 - 000075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll
2018-03-20 20:26 - 2018-03-19 23:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-20 20:26 - 2018-03-19 23:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 001951800 _____ () C:\Users\Eric\AppData\Local\slack\app-3.1.0\ffmpeg.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 000117304 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-03-16 06:33 - 2018-03-16 06:33 - 000766008 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@nodert-win10\windows.data.xml.dom\build\Release\binding.node
2018-03-16 06:33 - 2018-03-16 06:33 - 000405560 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@nodert-win10\windows.ui.notifications\build\Release\binding.node
2018-03-16 06:33 - 2018-03-16 06:33 - 000096312 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@paulcbetts\system-idle-time\build\Release\system_idle_time.node
2013-12-09 15:12 - 2013-12-09 15:12 - 000300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-01-07 01:17 - 2015-01-07 01:17 - 000503808 _____ () C:\WINDOWS\SYSTEM32\turbojpeg.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 003430968 _____ () C:\Users\Eric\AppData\Local\slack\app-3.1.0\libglesv2.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 000024632 _____ () C:\Users\Eric\AppData\Local\slack\app-3.1.0\libegl.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 000408632 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\slack-calls.node
2018-03-16 06:33 - 2018-03-16 06:33 - 007595576 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\CallsCore.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 001491512 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\boringssl.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 000230968 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\protobuf_lite.dll
2018-03-16 06:33 - 2018-03-16 06:33 - 000164408 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-03-16 06:33 - 2018-03-16 06:33 - 000490040 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-03-16 06:33 - 2018-03-16 06:33 - 000093752 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\windows-quiet-hours\build\Release\quiethours.node
2018-03-16 06:33 - 2018-03-16 06:33 - 000093752 _____ () \\?\C:\Users\Eric\AppData\Local\slack\app-3.1.0\resources\app.asar.unpacked\node_modules\windows-notification-state\build\Release\notificationstate.node
2018-02-13 17:39 - 2018-02-13 17:39 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-13 17:39 - 2018-02-13 17:40 - 001231536 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-03-09 22:04 - 2018-02-05 14:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-09 22:04 - 2018-03-01 10:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-12-13 18:33 - 2017-12-13 18:33 - 000975872 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2017-12-13 18:33 - 2017-12-13 18:33 - 000269696 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2017-09-29 06:41 - 2017-09-29 06:41 - 001357464 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
2018-02-14 00:56 - 2018-01-10 07:05 - 001042280 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 001047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-13 18:16 - 2018-01-08 18:52 - 001891832 _____ () C:\Users\Eric\AppData\Local\Discord\app-0.0.300\ffmpeg.dll
2018-01-13 18:16 - 2018-02-13 18:25 - 001780216 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_overlay2\discord_overlay2.node
2018-01-13 18:16 - 2018-01-08 18:52 - 001937912 _____ () C:\Users\Eric\AppData\Local\Discord\app-0.0.300\libglesv2.dll
2018-01-13 18:16 - 2018-01-08 18:52 - 000095736 _____ () C:\Users\Eric\AppData\Local\Discord\app-0.0.300\libegl.dll
2018-02-15 20:25 - 2018-02-15 20:25 - 001910264 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-02-15 20:25 - 2018-02-15 20:25 - 000422392 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-02-15 20:25 - 2018-02-15 20:25 - 000145400 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-01-13 18:16 - 2018-03-20 20:47 - 009623896 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_voice\discord_voice.node
2018-01-13 18:16 - 2018-02-13 18:25 - 001508344 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_utils\discord_utils.node
2018-01-13 18:16 - 2018-01-13 18:16 - 000513016 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_erlpack\discord_erlpack.node
2018-01-13 18:16 - 2018-03-16 03:17 - 001517560 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_game_utils\discord_game_utils.node
2018-01-13 18:16 - 2018-01-13 18:16 - 002662904 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_rpc\discord_rpc.node
2018-01-13 18:17 - 2018-03-09 21:53 - 002749944 _____ () \\?\C:\Users\Eric\AppData\Roaming\discord\0.0.300\modules\discord_contact_import\discord_contact_import.node
2018-03-16 15:34 - 2018-03-15 04:50 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-16 15:34 - 2018-03-15 04:50 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-01-10 22:11 - 2018-03-15 04:50 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-01-10 22:11 - 2018-03-15 04:53 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-03-16 15:34 - 2018-03-15 04:50 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-16 15:34 - 2018-03-15 04:50 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-01-10 22:11 - 2018-03-15 04:50 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-01-10 22:11 - 2018-03-15 04:53 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-16 15:34 - 2018-03-15 04:50 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-03-16 15:34 - 2018-03-15 04:50 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-10 22:11 - 2018-03-15 04:53 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-01-10 22:11 - 2018-03-15 04:53 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-25 23:00 - 2018-03-15 04:50 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-25 23:00 - 2018-03-15 04:53 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-18 01:09 - 2018-03-15 04:53 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-10 22:11 - 2018-03-15 04:53 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-25 22:17 - 2018-03-15 04:53 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-31 18:59 - 2018-03-15 04:53 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-10 22:11 - 2018-03-15 04:53 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-01-31 18:59 - 2018-03-15 04:53 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-31 18:59 - 2018-03-15 04:53 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-31 18:59 - 2018-03-15 04:53 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-01-10 22:11 - 2018-03-15 04:50 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-01-10 22:11 - 2018-03-15 04:53 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-03-16 15:34 - 2018-03-15 04:50 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-03-16 15:34 - 2018-03-15 04:52 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-03-16 15:34 - 2018-03-15 04:50 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-01-12 13:15 - 2018-03-15 04:53 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-01-10 22:11 - 2018-03-15 04:53 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-16 15:34 - 2018-03-15 04:52 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-01-10 22:11 - 2018-03-15 04:53 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-16 15:34 - 2018-03-15 04:52 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2014-03-25 14:12 - 2013-12-09 15:26 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-03-20 23:52 - 2018-03-20 23:52 - 001105704 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\KasperskyLab.Ksde.NativeInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:054203E4 [149]
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 06:25 - 2018-03-12 22:48 - 000001803 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 sole.adidas.com
127.0.0.1 anb.adidas.com
165.227.218.40 2captcha.com
127.0.0.1 anb.sneakersnstuff.com
127.0.0.1 anb.ruvilla.com
127.0.0.1 anb.bodega.com
127.0.0.1 anb.shop.kithnyc.com
127.0.0.1 anb.supremenewyork.com
127.0.0.1 anb.shop.exclucitylife.com
127.0.0.1 anb.yzysply.com
127.0.0.1 anb.palacesb.com
127.0.0.1 anb.Consortium.co.uk
127.0.0.1 anb.doverstreetmarket.com
127.0.0.1 nomercy.adidas.com
127.0.0.1 nomercy.adidas.co.uk
127.0.0.1 nomercy.adidas.ca
127.0.0.1 nomercy.adidas.se
127.0.0.1 nomercy.adidas.com.au

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eric\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\got.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-1171039984-4071150371-2688886814-1001\...\StartupApproved\Run: => "f.lux"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8CF4E082-3CEF-4085-B701-DF633D7F30A7}C:\users\eric\appdata\local\programs\python\python36-32\python.exe] => (Allow) C:\users\eric\appdata\local\programs\python\python36-32\python.exe
FirewallRules: [TCP Query User{F56F7907-3A80-4631-A6D1-E8B06E7798B1}C:\users\eric\appdata\local\programs\python\python36-32\python.exe] => (Allow) C:\users\eric\appdata\local\programs\python\python36-32\python.exe
FirewallRules: [UDP Query User{E4DE6E7F-16BA-4845-BD84-306A5A53DA1B}C:\users\eric\desktop\nomercy-win\nomercy.exe] => (Allow) C:\users\eric\desktop\nomercy-win\nomercy.exe
FirewallRules: [TCP Query User{C52E43AA-44CC-4129-B6A5-51D7F59AA382}C:\users\eric\desktop\nomercy-win\nomercy.exe] => (Allow) C:\users\eric\desktop\nomercy-win\nomercy.exe
FirewallRules: [UDP Query User{79C93162-2654-4822-9890-8D9BCE752100}D:\processing\processing-3.2.3\java\bin\java.exe] => (Block) D:\processing\processing-3.2.3\java\bin\java.exe
FirewallRules: [TCP Query User{5981730E-1926-4AC7-AD57-A79F4CF164EA}D:\processing\processing-3.2.3\java\bin\java.exe] => (Block) D:\processing\processing-3.2.3\java\bin\java.exe
FirewallRules: [{6329502A-8EB3-440A-996B-AC276AB4D9E9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B8546B3A-1772-484A-BD8A-D1DFA11FDBED}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{78B489A1-D876-4865-8FF1-AD4903176DA9}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{35C88561-8C70-4F5F-BC77-155203540861}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{719544AE-785B-4F4E-9DDD-64D7B7C4CB49}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{16B9EB3D-281C-4497-9A1D-878C21A6ECB8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{ACC7DFD7-A986-4C67-8DD6-E2FE9FD5473E}] => (Allow) C:\Users\Eric\AppData\Local\Temp\7zS2596\HPDiagnosticCoreUI.exe
FirewallRules: [{1904EB01-D023-436F-898F-DE5722303CFF}] => (Allow) C:\Users\Eric\AppData\Local\Temp\7zS2596\HPDiagnosticCoreUI.exe
FirewallRules: [{6DDBE66A-B4B4-48A2-9D57-1F4518E7D754}] => (Allow) LPort=161
FirewallRules: [{087EF3BD-3482-4D1C-A352-347E19D4C80F}] => (Allow) LPort=427
FirewallRules: [{08398B71-901E-4D65-A9D4-0E8A4EF87D9E}] => (Allow) LPort=9100
FirewallRules: [{2F6A3A90-D815-49CF-A2B1-6193991BBDBE}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe
FirewallRules: [{A709D270-AFC9-49B8-A18D-1853A560552E}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe
FirewallRules: [{52D7CF26-A33E-4AAC-BCFD-8AFC0091888F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BC3D013D-6A63-494E-A23B-779A140CDBD3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B78FC287-4990-43D5-BDF0-E510B402AF1D}] => (Allow) LPort=8888
FirewallRules: [{1498F6CA-7B1E-423E-937E-CF4922E1DAF5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C7CA928F-6ED2-41DC-B891-1C14D27DD663}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F18D53BE-3F02-45CD-BCA5-2FFC6CE936B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F2D1DF6F-9C48-484F-B408-C6FA5859620F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3CC3A257-30AF-4296-91EE-4405E3DE7897}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4B52D365-3617-48C3-B14D-04FA346CA822}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1A673B79-0F68-48D1-B6B2-DAB5F598A02E}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F75011FE-3A97-403D-95C8-8109A6C0BC84}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B82BEE8A-6D49-43EE-BCA8-56B24097747E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B09CDCFF-9F55-42F2-B117-A2E8B75084F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB9DFCA3-2F7C-4CE0-8A91-FF44E9C917B3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DB4425DA-09C2-4035-A8D9-5E28D668B82A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{97B049D6-7B22-467C-9C0D-65D4C2F2D533}] => (Allow) D:\New folder\Battlefield 4\bf4_x86.exe
FirewallRules: [{26249AD2-BDED-4F87-B31B-16FEDA85A4BC}] => (Allow) D:\New folder\Battlefield 4\bf4_x86.exe
FirewallRules: [{5676C5E1-7B82-4FDA-9F83-F76D361D909B}] => (Allow) D:\New folder\Battlefield 4\bf4.exe
FirewallRules: [{EF557C83-5349-4D93-950F-6D368F69F236}] => (Allow) D:\New folder\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{72AD76A2-1DB3-4429-BA48-F3416A9DDA65}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\eric\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ACD2E615-714E-47C2-8CEF-438D61899F40}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\eric\appdata\roaming\spotify\spotify.exe
FirewallRules: [{55B0D98C-8A2C-4AF1-9FBC-C4CA0824D9C3}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{137D07BB-F6C1-4E31-A953-4008012BD5C6}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{553E8C35-B5F9-429A-BB06-890AC47567A1}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [UDP Query User{DB087BCA-B39D-4B38-8986-EACD38F407FD}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{EE68B5FE-D6FE-47F7-B72F-A866E5FBD7C6}] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{92932DC9-C4A8-4AF5-B7C5-8BBC5CCF3D10}] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
FirewallRules: [{FBFAF2C8-9643-496D-9274-264404E25A0B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9C6E76B0-FB4D-45B0-AEDC-C85FC280BB9C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7CB65F5D-C910-403F-8806-BFE535870AA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{397F91F8-3505-4052-AA8D-3660D5CDF2E7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{6ABE0DA8-E977-4246-95F4-AF36CCDF5E39}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eric\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2DAE9D70-C787-4B59-82A2-1FC88C92DF77}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eric\appdata\roaming\spotify\spotify.exe
FirewallRules: [{98261117-75D9-429D-A219-871D766C9BBF}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{9DA83C69-37AD-48F2-B740-1096E8889366}] => (Allow) D:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{9D581E68-8BBC-4044-A502-ED17434F1E77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5842648F-5598-4D04-B830-7E3801A793F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6EC4CFB9-44A6-4376-8C8B-09255E7BB51E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{293AEDBE-B60A-405F-AE86-DA4A586D75E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{52F787D1-2CAD-43FE-8E37-1C4A65962676}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{91FC1555-C3DB-4C65-9E99-BB9F1EC4E1A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F2B3B3BF-2D57-4381-BA49-8712A4DE9DC9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46FF8AF8-5B33-4FCC-9293-33FAD7158D49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D2AF3BD2-A8EF-4C82-9562-C9DD0E695F0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6A19EEA2-3FF2-4CB9-AF62-8AFC8E3A7C92}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{0B78416E-E3A0-43BA-8BED-8AF7D2927545}] => (Allow) D:\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{2395A52E-3E78-4DDA-B78E-DCE81389A7DA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{75F84596-B9AA-435D-B98D-E655FD626D7B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E25F6BF0-897B-4449-B9BF-6A386D170E41}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3AECC634-34C2-49B6-A029-0B5E7D32C030}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3411FDFF-F1BD-4ABC-91F9-E47CDCB18B20}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{65760300-27C4-408F-88D4-3DDEAF4C29EB}] => (Allow) LPort=2869
FirewallRules: [{0A069D5E-57AA-4D5E-8FAE-8B06F99ED67D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{0983D007-A8A4-4163-9F42-4AA185FB292C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{D87D3F12-46C3-45A9-B046-BB97CE1303FF}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{029E7E4C-ACE6-4DBE-8150-8E4210E47536}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{C6948CF3-E7E1-4B2E-9922-FEFEC00EE6F6}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{FFA970FC-BD24-4DBE-B807-97088B395413}C:\users\eric\appdata\local\shopify-dashe\app-2.3.4\shopify-dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.3.4\shopify-dashe.exe
FirewallRules: [UDP Query User{D3F1218A-5F63-4AB6-9D1D-0CB13D2725B4}C:\users\eric\appdata\local\shopify-dashe\app-2.3.4\shopify-dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.3.4\shopify-dashe.exe
FirewallRules: [{091EFCCC-F76E-4958-8D97-786CE696AF40}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{A3098956-0283-4E47-8581-92D863DA4AD4}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{B89C749D-F892-45A7-9635-E71EAC7B43A1}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{CADE4131-50C7-4686-B13C-55AF29B628F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{02EDAF60-171F-431F-9A4D-5317E051C893}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{412CBECA-2A72-40F2-9A18-78C132BA6581}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A548AB8F-9E33-49AC-8179-A851DDB1A2DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{93BF3F85-C28D-4D56-A300-791242774703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{455EA25C-EB7F-40B9-9A6E-167DF9C8F539}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{84554E4D-F600-4092-B3A5-0E63C46D5EF6}C:\users\eric\appdata\local\shopify-dashe\app-2.4.1\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.1\shopify dashe.exe
FirewallRules: [UDP Query User{73C0793B-578E-4773-9DB2-451EA9130A53}C:\users\eric\appdata\local\shopify-dashe\app-2.4.1\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.1\shopify dashe.exe
FirewallRules: [TCP Query User{FB25C7AF-A29C-42BB-A9AA-D3D986AA00AE}C:\users\eric\appdata\local\shopify-dashe\app-2.4.2\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.2\shopify dashe.exe
FirewallRules: [UDP Query User{EE395D09-B56B-458F-B474-586DE5894E02}C:\users\eric\appdata\local\shopify-dashe\app-2.4.2\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.2\shopify dashe.exe
FirewallRules: [TCP Query User{73D6E4F6-407A-4A1A-B125-ABE0F0860B1F}C:\users\eric\desktop\nomercyv1.0.4-win\nomercy.exe] => (Allow) C:\users\eric\desktop\nomercyv1.0.4-win\nomercy.exe
FirewallRules: [UDP Query User{F338C7D4-82CD-4C95-878E-236305733B64}C:\users\eric\desktop\nomercyv1.0.4-win\nomercy.exe] => (Allow) C:\users\eric\desktop\nomercyv1.0.4-win\nomercy.exe
FirewallRules: [TCP Query User{47694EBE-8D58-44C1-98E4-8EC061A1BA43}C:\users\eric\appdata\local\shopify-dashe\app-2.4.3\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.3\shopify dashe.exe
FirewallRules: [UDP Query User{3C79374C-C717-44BD-94E2-168A6A00294A}C:\users\eric\appdata\local\shopify-dashe\app-2.4.3\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.3\shopify dashe.exe
FirewallRules: [TCP Query User{46089ABD-6054-43A2-9D0E-6639EA960DAB}C:\users\eric\appdata\local\shopify-dashe\app-2.4.4\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.4\shopify dashe.exe
FirewallRules: [UDP Query User{7388BF9A-1C0F-4856-8A84-184A6FE44EF9}C:\users\eric\appdata\local\shopify-dashe\app-2.4.4\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.4\shopify dashe.exe
FirewallRules: [TCP Query User{B24AA4BC-481A-4346-B170-1AEBDD23910C}C:\sole adi\sole adi\phantomjs.exe] => (Allow) C:\sole adi\sole adi\phantomjs.exe
FirewallRules: [UDP Query User{8440173A-55AA-4B51-9F36-4FD9FAA7D4BE}C:\sole adi\sole adi\phantomjs.exe] => (Allow) C:\sole adi\sole adi\phantomjs.exe
FirewallRules: [TCP Query User{01E17726-CF00-47E7-BA59-565C248D06C6}C:\users\eric\appdata\local\shopify-dashe\app-2.4.5\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.5\shopify dashe.exe
FirewallRules: [UDP Query User{70EB4405-311C-4EB1-AD5B-8442E8492011}C:\users\eric\appdata\local\shopify-dashe\app-2.4.5\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.5\shopify dashe.exe
FirewallRules: [TCP Query User{987C8BF1-42B9-4DDC-8978-3B9FFB63F757}C:\users\eric\desktop\nomercyv2.0.0-win\nomercy.exe] => (Allow) C:\users\eric\desktop\nomercyv2.0.0-win\nomercy.exe
FirewallRules: [UDP Query User{D2E8A3D5-0254-48FA-80AB-70871E24BF58}C:\users\eric\desktop\nomercyv2.0.0-win\nomercy.exe] => (Allow) C:\users\eric\desktop\nomercyv2.0.0-win\nomercy.exe
FirewallRules: [TCP Query User{80E57852-ED2C-488C-ABCC-B60359C01C57}C:\users\eric\appdata\local\shopify-dashe\app-2.4.6\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.6\shopify dashe.exe
FirewallRules: [UDP Query User{7F43CB86-FC5A-4AC7-9E62-154B5354A36F}C:\users\eric\appdata\local\shopify-dashe\app-2.4.6\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.4.6\shopify dashe.exe
FirewallRules: [TCP Query User{7A4D9F29-A43A-4867-AABE-AA51125494E4}C:\users\eric\appdata\local\shopify-dashe\app-2.5.1\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.5.1\shopify dashe.exe
FirewallRules: [UDP Query User{659BABFA-8E75-4643-8910-A526E48DAC96}C:\users\eric\appdata\local\shopify-dashe\app-2.5.1\shopify dashe.exe] => (Allow) C:\users\eric\appdata\local\shopify-dashe\app-2.5.1\shopify dashe.exe
FirewallRules: [{48FC3CDC-42CB-4158-B474-08E940D0452F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8FC03420-89A8-4F1C-A299-CF1207CA24A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/21/2018 03:48:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 10.0.16299.15, time stamp: 0x9c786b9a
Faulting module name: D3D12.dll, version: 10.0.16299.248, time stamp: 0x6bf4e6fb
Exception code: 0xc00000fd
Fault offset: 0x0000000000033eaa
Faulting process id: 0x39b8
Faulting application start time: 0x01d3c1022cb5ea4a
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\D3D12.dll
Report Id: 5fa5fed9-2efb-4b73-98d1-286b43aec7c1
Faulting package full name:
Faulting package-relative application ID:

Error: (03/21/2018 03:22:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 10.0.16299.15, time stamp: 0x9c786b9a
Faulting module name: nvwgf2umx_cfg.dll, version: 23.21.13.9077, time stamp: 0x5a67b98f
Exception code: 0xc00000fd
Fault offset: 0x000000000096e0b4
Faulting process id: 0x12c8
Faulting application start time: 0x01d3c0fe7a8b0c42
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_d63c476addc6a325\nvwgf2umx_cfg.dll
Report Id: 0c8ae7bc-f71a-40b9-83c0-0a36fc6da377
Faulting package full name:
Faulting package-relative application ID:

Error: (03/21/2018 02:56:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1078

Error: (03/21/2018 02:56:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1078

Error: (03/21/2018 02:56:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/21/2018 02:52:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1698875

Error: (03/21/2018 02:52:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1698875

Error: (03/21/2018 02:52:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (03/21/2018 03:48:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 7 time(s).

Error: (03/21/2018 03:22:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 6 time(s).

Error: (03/21/2018 03:22:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Update Orchestrator Service service terminated unexpectedly. It has done this 5 time(s).

Error: (03/21/2018 02:56:52 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (03/21/2018 02:52:01 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (03/21/2018 02:14:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 5 time(s).

Error: (03/21/2018 02:14:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Update Orchestrator Service service terminated unexpectedly. It has done this 4 time(s).

Error: (03/21/2018 02:13:50 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Windows Defender:
===================================
Date: 2018-03-12 02:07:43.050
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1E3EA003-27C7-46D3-BAED-3BC9A94C4DBE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-03-12 01:57:53.885
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3341B085-D6DD-45AF-B0F2-0CE097A7F8EA}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-03-12 01:41:27.417
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F29B6E6B-A7B7-44F3-9E69-9067DFD824DC}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-03-11 23:35:28.956
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6D5B0DB1-1F26-4A0A-9995-1BDFF5D34DEE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-28 02:10:37.153
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A2E90961-E911-4E3B-AB60-2A24A017A8E7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-03-15 21:39:02.736
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.509.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80240004
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-03-09 21:19:42.524
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2018-03-09 21:17:00.913
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2018-03-09 14:39:34.113
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.242.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80240004
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-02-18 23:57:24.092
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.1303.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80080005
Error description: Server execution failed

CodeIntegrity:
===================================

Date: 2018-03-21 03:48:43.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-21 03:48:43.064
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-21 03:37:00.547
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-21 03:37:00.546
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-21 03:27:10.592
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-21 03:27:10.590
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-21 03:22:17.384
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-21 03:22:17.382
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 16303.02 MB
Available physical RAM: 8219.39 MB
Total Virtual: 18735.02 MB
Available Virtual: 7560 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:117 GB) (Free:11.15 GB) NTFS
Drive d: (Data) (Fixed) (Total:917.05 GB) (Free:558.73 GB) NTFS

\\?\Volume{911e77ec-ac4b-4950-aded-bfda25e495c6}\ (WinRE tools) (Fixed) (Total:0.59 GB) (Free:0.34 GB) NTFS
\\?\Volume{2d4e4c12-a34a-4fcd-9bd8-2967d80e73e7}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
\\?\Volume{172ce5f8-a82a-45e2-be51-2a4e9a2101b3}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS
\\?\Volume{78a91517-8e03-4afc-80c4-3142fd3d18d4}\ (BIOS_RVY) (Fixed) (Total:14.46 GB) (Free:0.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 744CA893)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 744CA8BF)

Partition: GPT.

==================== End of Addition.txt ============================

kevinf80 · March 21, 2018

Do you know of and trust this proxy server: ProxyServer: [S-1-5-21-1171039984-4071150371-2688886814-1001] => 35.168.251.43:25000

ericflowerss · March 21, 2018

Yes! I may have forgotten to turn it off but it's a proxy server that I trust.

kevinf80 · March 22, 2018

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

fixlist.txt

ericflowerss · March 22, 2018

Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Eric (22-03-2018 01:14:43) Run:2
Running from C:\Users\Eric\Desktop
Loaded Profiles: Eric (Available Profiles: Eric & Guest User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
File: C:\Windows\system32\drivers\pcw.sys
REG: REG QUERY "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcw" /s
end
*****************

========================= File: C:\Windows\system32\drivers\pcw.sys ========================

C:\Windows\system32\drivers\pcw.sys
File is digitally signed
MD5: ACD510CF2B631A2D36B2CFB7D31E22FD
Creation and modification date: 2017-09-29 06:41 - 2017-09-29 06:41
Size: 000053144
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: pcw.sys
Original Name: pcw.sys
Product: Microsoft® Windows® Operating System
Description: Performance Counters for Windows Driver
File Version: 10.0.16299.15 (WinBuild.160101.0800)
Product Version: 10.0.16299.15
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/c46363b543cadc560004eb01d62b277bfe63974c34382576a0c62a8a0bed31a4/analysis/1521174559/

====== End of File: ======

========= REG QUERY "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcw" /s =========

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcw
DisplayName REG_SZ Performance Counters for Windows Driver
ErrorControl REG_DWORD 0x1
Group REG_SZ System Reserved
ImagePath REG_EXPAND_SZ System32\drivers\pcw.sys
Start REG_DWORD 0x0
Type REG_DWORD 0x1

========= End of Reg: =========

==== End of Fixlog 01:14:43 ====

kevinf80 · March 22, 2018

Does Task manager still open and close or stay open..

ericflowerss · March 22, 2018

@kevinf80 Hey! Sorry i forgot to update you if it did or did not but Yes, Task manager still closes and freezes right after i open it. No matter what I do, If I open it, it opens for a second, kind of loads, then it just crashes immediately. So i'm unable to monitor my cpu usage or unable to force close applications unless I use the command line.

kevinf80 · March 22, 2018

Set windows up for "Clean Boot" mode, full instructions here: https://support.microsoft.com/en-gb/kb/929135

Basically all none MS services are disabled, see how your system runs in that mode, also if Task manager stays open. Obviously 3rd party services that affect security or internet connection can be left active.

If clean boot fixes the Task Manager issue it is now a process of elimination to find which non MS service(s) was affecting your system... If not let me know...

Go through the process again, this time with all MS services hidden again enable the top half of non MS services, re-boot and see how your system responds, if still ok the top half can be left enabled.

Repeat again, enable so many of the bottom half then re-boot. Continue until you locate the problem service(s). A process of elimination, a bit long winded but worth the effort. Let me know the outcome...

ericflowerss · March 23, 2018

8 hours ago, kevinf80 said:

Set windows up for "Clean Boot" mode, full instructions here: https://support.microsoft.com/en-gb/kb/929135

Basically all none MS services are disabled, see how your system runs in that mode, also if Task manager stays open. Obviously 3rd party services that affect security or internet connection can be left active.

If clean boot fixes the Task Manager issue it is now a process of elimination to find which non MS service(s) was affecting your system... If not let me know...

Go through the process again, this time with all MS services hidden again enable the top half of non MS services, re-boot and see how your system responds, if still ok the top half can be left enabled.

Repeat again, enable so many of the bottom half then re-boot. Continue until you locate the problem service(s). A process of elimination, a bit long winded but worth the effort. Let me know the outcome...

On step 3 of doing a clean boot it tells me to open the task manager and "On the Startup tab in Task Manager, for each startup item, select the item and then click Disable."

How can i get around this? Since i can't open task manager at all to disable them.

kevinf80 · March 23, 2018

Apologies, my mistake...

Select the Windows key and X key together, from the winx menu select "Command Prompt (Admin)"

At the prompt type or copy/paste :- DISM /Online /Cleanup-Image /RestoreHealth then hit the enter key. What results do you get..?

Next,

Select the Windows key and X Key together. From the produced list select::

Command Promt (Admin)

At the Command prompt, type

SFC /SCANNOW

hit the Enter key

Wait for the scan to finish - make a note of any error messages - and then reboot.

Copy the CBS.log file created (C:\Windows\Logs\CBS\CBS.log) to your desktop (you can't manipulate it directly) and then compress the copy and upload the zip file to your reply.

Next,

Try task manager again...

kevinf80 · March 31, 2018

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

kevinf80 · April 2, 2018

Topic has been reopened per request.

Thanks

ericflowerss · April 3, 2018

Didn't get any error messages when running that command, and here is the zip file thanks! Task manager still did not stay open ):

CBS.zip

kevinf80 · April 3, 2018

Download Portable Windows Repair (all in one) from one of the following:

www.tweaking.com/files/setups/tweaking.com_windows_repair_aio.zip

http://www.majorgeeks.com/mg/getmirror/tweaking_com_windows_repair_portable,1.html

https://www.bleepingcomputer.com/download/windows-repair-all-in-one/

Unzip the contents into a newly created folder on your desktop.

Boot your system to Safe mode, instructions here: https://support.microsoft.com/en-gb/help/12376/windows-10-start-your-pc-in-safe-mode

Open the Tweaking.com folder, run the tool by right click on Repair_Windows (icon with red briefcase) select "Run as Administrator"

From the main GUI do the following:

Select Tab 5 to make Registry backup, use the recommended option...

When complete select "Repairs" tab, from there select "Open Repairs" tab..

From that window select the default option and checkmarck "Select All" box. When ready select "Start Repairs" tab....

When complete re-boot your system to Normal mode, see if there is any improvement with Task Manager...

Logs are saved to the Tweaking.com folder on your Desktop, the one to post is _Windows_Repair_Log.txt

Thanks,

Kevin

kevinf80 · April 10, 2018

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

Task Manager opens but then closes after 1-2 seconds

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information