Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Russian Trojan, I am in need of some assistance for removal

clickbait trojan help

  • Please log in to reply

#1
archiep

archiep

    Member

  • Member
  • PipPip
  • 53 posts

Hello My antivirus has picked up a nasty trojan and is blocking it form opening some pages, I do not know how much damage has been done so I am posting my logs here, maybe someone with the knowledge can help me out

 


FRST
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016
Ran by Arc (administrator) on MASTACHIE (06-12-2016 11:06:30)
Running from C:\Users\Arc\Desktop
Loaded Profiles: Arc (Available Profiles: Arc & Test)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Thrustmaster®) C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
() C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Arc\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Application soft company ) C:\Users\Arc\Downloads\SmoothVideo Project _SVP_ 4.0.0.exe
(Young people) C:\Users\Arc\AppData\Roaming\InterStat\interstat.exe
() C:\Program Files (x86)\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\UnwittilyR.exe
(Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs.exe
(Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs_.exe
(Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs_.exe
(Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-17] (Logitech Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4047888 2016-06-29] (Steganos Software GmbH)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11344848 2016-08-26] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2016-07-27] (MSI)
HKLM-x32\...\Run: [BCSSync] => D:\Games\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Spotify Web Helper] => C:\Users\Arc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1433712 2016-11-30] (Spotify Ltd)
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Spotify] => C:\Users\Arc\AppData\Roaming\Spotify\Spotify.exe [7071344 2016-11-30] (Spotify Ltd)
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-11-23] ()
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-12] (Disc Soft Ltd)
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [OKAYFREEDOM_Update] => C:\Program Files (x86)\OkayFreedom\Updater.exe [4111376 2016-06-29] (Steganos Software GmbH)
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [InterStat] => C:\Users\Arc\AppData\Roaming\InterStat\interstat.exe [3014592 2016-12-06] (Young people)
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\MountPoints2: {f04b7303-8025-11e6-ac6e-d8cb8adfa151} - "F:\setup.exe" 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-10-27]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{031efed1-9581-4e56-839e-602c12c6de17}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9b56c684-2f5f-40fa-b92b-a2cd4851dbcf}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{cefec579-e514-4c81-be28-8af53a325fff}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{e0235e45-98aa-4c4e-b471-55ffddd04546}: [DhcpNameServer] 192.168.42.129
 
Internet Explorer:
==================
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2015-11-23] ()
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Games\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Games\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Games\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-21] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default [2016-12-06]
CHR Extension: (Honey) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-11-29]
CHR Extension: (Remove Google Redirection) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhjklgpiifbofihffldllbcopkinlod [2016-03-15]
CHR Extension: (Kaspersky Protection) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-10-27]
CHR Extension: (AdBlock) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-21] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-09-23] (BitRaider, LLC)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-09-29] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [45008 2016-08-25] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2016-09-29] (Microsoft Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LMS; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [415520 2015-07-10] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-17] (Logitech Inc.)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2204768 2016-09-29] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4162656 2016-09-29] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2015328 2016-09-29] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2327648 2016-09-29] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-09-29] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [607160 2016-09-29] (MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [58296 2016-08-12] (Micro-Star INT'L CO., LTD.)
R2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2266280 2015-03-27] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-08-17] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2016-08-01] (MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-21] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [341024 2016-06-29] (Steganos Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2118664 2016-12-03] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180112 2016-12-03] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-11-06] (Visicom Media Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-26] (Microsoft Corporation)
R2 TheScreenshotProService; C:\Program Files (x86)\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe [147568 2016-10-21] () <==== ATTENTION
R2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [61600 2016-04-21] (Thrustmaster®)
R2 UnwittilyR; C:\Program Files (x86)\Unwittilyagsubs\UnwittilyR.exe [131584 2016-12-02] (Etiwanda Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-09-23] (BitRaider)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-05-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-05-27] (Disc Soft Ltd)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows ® Win 7 DDK provider)
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w7x64.sys [125488 2015-03-18] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e22w10x64.sys [156744 2015-10-07] (Qualcomm Atheros, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-09-12] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-11-25] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-06] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-11-30] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-11-30] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-11-30] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-11-30] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-06] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_49b226e6441043f1\nvlddmkm.sys [14145592 2016-10-22] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tmhidusb; C:\WINDOWS\system32\DRIVERS\tmhidusb.sys [172192 2016-04-21] (Thrustmaster)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-06 11:06 - 2016-12-06 11:06 - 00032981 _____ C:\Users\Arc\Desktop\FRST.txt
2016-12-06 11:06 - 2016-12-06 11:06 - 00000000 ____D C:\Users\Arc\Desktop\FRST-OlderVersion
2016-12-06 11:01 - 2016-12-06 11:01 - 00000000 ____D C:\Program Files (x86)\Unwittilyagsubs
2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Screenshot Pro
2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Program Files (x86)\ScreenshotPro
2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InterStat
2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Roaming\InterStat
2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Roaming\ASPackage
2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Local\CrashRpt
2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Program Files (x86)\00000000-1481050800-0000-0000-D8CB8ADFA151
2016-12-06 10:57 - 2016-12-06 10:57 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Arc\Downloads\libeay32.dll
2016-12-06 10:57 - 2016-12-06 10:57 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Arc\Downloads\ssleay32.dll
2016-12-06 10:56 - 2016-12-06 10:56 - 03541672 _____ (Application soft company ) C:\Users\Arc\Downloads\SmoothVideo Project _SVP_ 4.0.0.exe
2016-12-06 10:56 - 2016-12-06 10:56 - 00000768 ____N C:\Users\Public\Desktop\Download SmoothVideo Pr...lnk
2016-12-06 02:31 - 2016-12-06 02:31 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Steganos Updates
2016-12-04 21:52 - 2016-12-04 21:52 - 00000000 ___HD C:\OneDriveTemp
2016-12-04 14:33 - 2016-12-04 14:33 - 00002289 ____N C:\Users\Arc\Desktop\HP Deskjet 2540 series.lnk
2016-12-04 13:13 - 2016-12-04 22:07 - 00003240 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-12-04 12:57 - 2016-12-04 12:57 - 00000000 ____D C:\WINDOWS\Panther
2016-12-04 12:24 - 2016-12-04 12:24 - 00101152 _____ C:\Users\Arc\Downloads\strobelight-beta4.zip
2016-12-04 11:08 - 2016-12-04 11:08 - 00883778 _____ C:\Users\Arc\Downloads\Custom_Desktop_Logo_V2.1_with_crosshairs.zip
2016-12-04 11:08 - 2016-12-04 11:08 - 00000000 ____D C:\Users\Arc\Desktop\Custom_Desktop_Logo_V2.1
2016-12-04 07:53 - 2016-12-04 07:53 - 00060428 _____ C:\Users\Arc\Downloads\GAFZWO.pdf
2016-12-03 21:09 - 2016-12-03 21:09 - 01963374 _____ C:\Users\Arc\Downloads\LVN-KIM-main.pdf
2016-12-03 20:57 - 2016-12-03 20:57 - 00954564 _____ C:\Users\Arc\Downloads\Request_for_Academic_Records-Transcripts_-_CES_Nurse-Kim.pdf
2016-12-03 20:57 - 2016-12-03 20:57 - 00536764 _____ C:\Users\Arc\Downloads\Request_for_Validation_of_License-Registration-Diploma_-_CES-KIm.pdf
2016-12-03 20:57 - 2016-12-03 20:57 - 00132777 _____ C:\Users\Arc\Downloads\AUTHORIZATION-letter-KIm.pdf
2016-12-03 20:36 - 2016-12-03 20:36 - 05918961 _____ C:\Users\Arc\Documents\DCert.pdf
2016-12-03 08:12 - 2016-12-06 10:58 - 00000947 ____R C:\Users\Arc\Desktop\Gnоmоriа.lnk
2016-12-03 06:32 - 2016-12-03 06:38 - 176556407 _____ C:\Users\Arc\Downloads\Gnomoria_v1.0.rar
2016-12-03 03:43 - 2016-12-03 03:43 - 00000000 ____D C:\Users\Arc\Documents\Battlefield 1
2016-12-03 03:42 - 2016-12-03 03:42 - 00001247 ____N C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-03 03:42 - 2016-12-03 03:42 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-12-03 03:42 - 2016-12-03 03:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2016-12-01 06:45 - 2016-12-01 06:45 - 00000017 _____ C:\WINDOWS\PrecisionX_x64.INI
2016-11-30 03:06 - 2016-11-30 03:06 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2016-11-30 03:05 - 2016-11-30 03:05 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2016-11-30 03:05 - 2016-11-30 03:05 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2016-11-30 03:05 - 2016-11-30 03:05 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2016-11-26 16:42 - 2016-11-26 16:42 - 00001429 ____N C:\Users\Public\Desktop\Transport Fever.lnk
2016-11-26 16:42 - 2016-11-26 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Urban Games
2016-11-26 16:34 - 2016-11-26 16:34 - 00000000 ____D C:\Program Files (x86)\Urban Games
2016-11-25 16:17 - 2016-12-03 03:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-24 17:54 - 2016-11-24 17:55 - 00000000 ____D C:\kiosk
2016-11-24 17:54 - 2016-11-24 17:54 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Worksimaging
2016-11-24 17:54 - 2016-11-24 17:54 - 00000000 ____D C:\temp2
2016-11-24 16:46 - 2016-12-01 17:05 - 00000000 ____D C:\Users\Arc\AppData\Roaming\HpUpdate
2016-11-24 16:46 - 2016-11-24 16:46 - 00002289 ____N C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
2016-11-24 16:46 - 2016-11-24 16:46 - 00002064 ____N C:\Users\Public\Desktop\HP Photo Creations.lnk
2016-11-24 16:46 - 2016-11-24 16:46 - 00001236 ____N C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\Visan
2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\HP Photo Creations
2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files\HP
2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\HP
2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-11-24 16:46 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC211.dll
2016-11-24 16:45 - 2016-11-24 16:46 - 00000000 ____D C:\Users\Arc\AppData\Local\HP
2016-11-24 16:45 - 2016-11-24 16:45 - 00000057 _____ C:\ProgramData\Ament.ini
2016-11-24 16:42 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\HP
2016-11-24 14:58 - 2016-11-24 14:58 - 00269699 _____ C:\Users\Arc\Desktop\KimDisney.pdf
2016-11-24 14:37 - 2016-11-24 14:37 - 00000697 ____N C:\Users\Public\Desktop\The Sims 4 x64.lnk
2016-11-24 14:37 - 2016-11-24 14:37 - 00000677 ____N C:\Users\Public\Desktop\The Sims 4.lnk
2016-11-24 10:57 - 2016-11-25 08:06 - 00000000 ____D C:\Users\Arc\Documents\Electronic Arts
2016-11-24 03:17 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2016-11-24 01:11 - 2016-11-24 01:11 - 00000000 ____D C:\Users\Arc\AppData\LocalLow\Fenix Fire Entertainment
2016-11-24 00:49 - 2016-11-24 00:49 - 00000751 ____N C:\Users\Arc\Desktop\Clockwork Empires.lnk
2016-11-24 00:49 - 2016-11-24 00:49 - 00000000 ____D C:\Users\Public\Documents\Steam
2016-11-24 00:49 - 2016-11-24 00:49 - 00000000 ____D C:\Users\Arc\Documents\Gaslamp Games
2016-11-24 00:49 - 2016-11-24 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clockwork Empires
2016-11-23 23:09 - 2016-11-23 23:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-11-23 17:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2016-11-23 17:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2016-11-23 17:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2016-11-23 17:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2016-11-23 17:14 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2016-11-23 17:14 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2016-11-23 17:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2016-11-23 17:14 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-11-23 10:17 - 2016-11-24 16:46 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-11-23 10:17 - 2016-11-17 05:45 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-11-23 10:17 - 2016-11-17 05:45 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-11-22 14:03 - 2016-11-22 14:03 - 00045320 _____ C:\Users\Arc\Documents\November.pdf
2016-11-22 14:03 - 2016-11-22 14:03 - 00043257 _____ C:\Users\Arc\Documents\October.pdf
2016-11-21 20:59 - 2016-11-21 20:59 - 00000000 ____D C:\Users\Arc\Documents\BioWare
2016-11-20 19:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2016-11-20 19:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2016-11-20 19:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2016-11-20 19:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2016-11-20 19:18 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2016-11-20 19:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2016-11-20 19:18 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2016-11-20 19:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2016-11-20 19:16 - 2016-11-20 19:18 - 00002182 ____N C:\Users\Public\Desktop\Play Heroes & Generals.lnk
2016-11-20 19:16 - 2016-11-20 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes & Generals
2016-11-20 19:16 - 2016-11-20 19:16 - 00000000 ____D C:\Program Files (x86)\Heroes & Generals
2016-11-17 21:44 - 2016-11-17 21:44 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-11-17 21:43 - 2016-11-17 21:56 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-11-17 21:43 - 2016-11-17 21:44 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-11-17 21:43 - 2016-11-17 21:43 - 00001159 ____N C:\Users\Arc\Desktop\MSI Afterburner.lnk
2016-11-17 21:43 - 2016-11-17 21:43 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-11-15 08:55 - 2016-11-15 08:55 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Wargaming.net
2016-11-08 12:42 - 2016-11-02 04:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-08 12:42 - 2016-11-02 04:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-08 12:42 - 2016-11-02 03:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-08 12:42 - 2016-11-02 03:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-08 12:42 - 2016-11-02 03:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-08 12:42 - 2016-11-02 03:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-08 12:42 - 2016-11-02 03:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-08 12:42 - 2016-11-02 03:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-08 12:42 - 2016-11-02 03:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-08 12:42 - 2016-11-02 03:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-08 12:42 - 2016-11-02 03:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-08 12:42 - 2016-11-02 03:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-08 12:42 - 2016-11-02 03:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-08 12:42 - 2016-11-02 03:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-08 12:42 - 2016-11-02 03:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-08 12:42 - 2016-11-02 03:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-08 12:42 - 2016-11-02 03:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-08 12:42 - 2016-11-02 03:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-08 12:42 - 2016-11-02 02:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-08 12:42 - 2016-11-02 02:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-08 12:42 - 2016-11-02 02:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-08 12:42 - 2016-11-02 02:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-08 12:42 - 2016-11-02 02:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-08 12:42 - 2016-11-02 02:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-08 12:42 - 2016-11-02 02:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-08 12:42 - 2016-11-02 02:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-08 12:42 - 2016-11-02 02:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-08 12:42 - 2016-11-02 02:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-08 12:42 - 2016-11-02 02:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-08 12:42 - 2016-11-02 02:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-08 12:42 - 2016-11-02 02:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-08 12:42 - 2016-11-02 02:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-08 12:42 - 2016-11-02 02:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-08 12:42 - 2016-11-02 02:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-08 12:42 - 2016-11-02 02:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-08 12:42 - 2016-11-02 02:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-08 12:42 - 2016-11-02 02:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-08 12:42 - 2016-11-02 02:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-08 12:42 - 2016-11-02 02:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-08 12:42 - 2016-11-02 02:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-08 12:42 - 2016-11-02 02:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-08 12:42 - 2016-11-02 02:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-08 12:42 - 2016-11-02 02:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-08 12:42 - 2016-11-02 02:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-08 12:42 - 2016-11-02 02:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-08 12:42 - 2016-11-02 02:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-08 12:42 - 2016-11-02 02:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-08 12:42 - 2016-11-02 02:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-08 12:42 - 2016-11-02 02:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-08 12:42 - 2016-11-02 02:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-08 12:42 - 2016-11-02 02:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-08 12:42 - 2016-11-02 00:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-08 12:41 - 2016-11-02 03:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-08 12:41 - 2016-11-02 03:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-08 12:41 - 2016-11-02 03:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-08 12:41 - 2016-11-02 03:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-08 12:41 - 2016-11-02 03:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-08 12:41 - 2016-11-02 03:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-08 12:41 - 2016-11-02 03:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-08 12:41 - 2016-11-02 03:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-08 12:41 - 2016-11-02 03:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-08 12:41 - 2016-11-02 03:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-08 12:41 - 2016-11-02 03:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-08 12:41 - 2016-11-02 03:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-08 12:41 - 2016-11-02 03:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-08 12:41 - 2016-11-02 03:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-08 12:41 - 2016-11-02 03:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-08 12:41 - 2016-11-02 03:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-08 12:41 - 2016-11-02 03:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-08 12:41 - 2016-11-02 03:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-08 12:41 - 2016-11-02 03:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-08 12:41 - 2016-11-02 03:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-08 12:41 - 2016-11-02 03:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-08 12:41 - 2016-11-02 03:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-08 12:41 - 2016-11-02 03:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-08 12:41 - 2016-11-02 03:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-08 12:41 - 2016-11-02 03:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-08 12:41 - 2016-11-02 03:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-08 12:41 - 2016-11-02 03:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-08 12:41 - 2016-11-02 03:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-08 12:41 - 2016-11-02 03:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-08 12:41 - 2016-11-02 03:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-08 12:41 - 2016-11-02 03:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-08 12:41 - 2016-11-02 03:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-08 12:41 - 2016-11-02 02:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-08 12:41 - 2016-11-02 02:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-08 12:41 - 2016-11-02 02:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-08 12:41 - 2016-11-02 02:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-08 12:41 - 2016-11-02 02:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-08 12:41 - 2016-11-02 02:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-08 12:41 - 2016-11-02 02:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-08 12:41 - 2016-11-02 02:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-08 12:41 - 2016-11-02 02:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-08 12:41 - 2016-11-02 02:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-08 12:41 - 2016-11-02 02:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-08 12:41 - 2016-11-02 02:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-08 12:41 - 2016-11-02 02:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-08 12:41 - 2016-11-02 02:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-08 12:41 - 2016-11-02 02:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-08 12:41 - 2016-11-02 02:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-08 12:41 - 2016-11-02 02:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-08 12:41 - 2016-11-02 02:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-08 12:41 - 2016-11-02 02:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-08 12:41 - 2016-11-02 02:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-08 12:41 - 2016-11-02 02:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-08 12:41 - 2016-11-02 02:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-08 12:41 - 2016-11-02 02:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-08 12:41 - 2016-11-02 02:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-08 12:41 - 2016-11-02 02:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-08 12:41 - 2016-11-02 02:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-08 12:41 - 2016-11-02 02:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-08 12:41 - 2016-11-02 02:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-08 12:41 - 2016-11-02 02:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-08 12:41 - 2016-11-02 02:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-08 12:41 - 2016-11-02 02:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-08 12:41 - 2016-11-02 02:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-08 12:41 - 2016-11-02 02:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 12:41 - 2016-11-02 02:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-08 12:41 - 2016-11-02 02:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-08 12:41 - 2016-11-02 02:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-08 12:41 - 2016-11-02 02:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-08 12:41 - 2016-11-02 02:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-08 12:41 - 2016-11-02 02:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-08 12:41 - 2016-11-02 02:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-08 12:41 - 2016-11-02 02:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-08 12:41 - 2016-11-02 02:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-08 12:41 - 2016-11-02 02:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-08 12:41 - 2016-11-02 02:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-08 12:41 - 2016-11-02 02:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-08 12:41 - 2016-11-02 02:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-08 12:41 - 2016-11-02 02:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-08 12:41 - 2016-11-02 02:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-08 12:41 - 2016-11-02 02:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-08 12:41 - 2016-11-02 02:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-08 12:41 - 2016-11-02 02:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-08 12:41 - 2016-11-02 02:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-08 12:41 - 2016-11-02 02:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-08 12:41 - 2016-11-02 02:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-08 12:41 - 2016-11-02 02:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-08 12:41 - 2016-11-02 02:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-08 12:41 - 2016-11-02 02:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-08 12:41 - 2016-11-02 02:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-08 12:41 - 2016-11-02 02:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-08 12:41 - 2016-11-02 02:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-08 12:41 - 2016-11-02 02:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-08 12:41 - 2016-11-02 02:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-08 12:41 - 2016-11-02 02:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-08 12:41 - 2016-11-02 02:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-08 12:41 - 2016-11-02 02:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-08 12:41 - 2016-11-02 02:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-08 12:41 - 2016-11-02 02:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-08 12:41 - 2016-11-02 02:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-08 12:41 - 2016-11-02 02:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-08 12:41 - 2016-11-02 02:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-08 12:41 - 2016-11-02 02:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-08 12:41 - 2016-11-02 02:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-08 12:41 - 2016-11-02 02:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-08 12:41 - 2016-11-02 02:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-08 12:41 - 2016-11-02 02:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-08 12:41 - 2016-11-02 02:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-08 12:41 - 2016-11-02 02:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-08 12:41 - 2016-11-02 02:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-08 12:41 - 2016-11-02 02:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-08 12:41 - 2016-11-02 02:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-08 12:41 - 2016-11-02 02:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-08 12:41 - 2016-11-02 02:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-08 12:41 - 2016-11-02 02:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-08 12:41 - 2016-11-02 02:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-08 12:41 - 2016-11-02 02:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-08 12:41 - 2016-11-02 02:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-08 12:41 - 2016-11-02 02:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-08 12:41 - 2016-11-02 02:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-08 12:41 - 2016-11-02 02:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-08 12:41 - 2016-11-02 02:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-08 12:41 - 2016-11-02 02:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-08 12:41 - 2016-11-02 02:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-08 12:41 - 2016-11-02 02:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-08 12:41 - 2016-11-02 02:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-08 12:41 - 2016-11-02 02:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-08 12:41 - 2016-11-02 02:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-08 12:41 - 2016-11-02 02:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-08 12:41 - 2016-11-02 02:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-08 12:41 - 2016-11-02 02:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-08 12:41 - 2016-11-02 02:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-08 12:41 - 2016-11-02 02:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-08 12:41 - 2016-11-02 02:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-08 12:41 - 2016-11-02 02:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-08 12:41 - 2016-11-02 02:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-08 12:41 - 2016-11-02 02:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-08 12:41 - 2016-11-02 02:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-08 12:41 - 2016-11-02 02:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-08 12:41 - 2016-11-02 02:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-08 12:41 - 2016-11-02 02:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-08 12:41 - 2016-11-02 02:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-08 12:41 - 2016-11-02 02:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-08 12:41 - 2016-11-02 02:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-08 12:41 - 2016-11-02 02:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-08 12:41 - 2016-11-02 02:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-08 12:41 - 2016-11-02 01:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-08 12:41 - 2016-11-02 01:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-08 12:41 - 2016-08-01 20:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-07 08:16 - 2016-11-07 08:16 - 00000000 ____D C:\Users\Arc\Documents\SkidRow
2016-11-06 21:06 - 2016-11-06 21:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-11-06 21:06 - 2016-11-06 21:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-11-06 21:04 - 2016-11-06 22:03 - 00000000 ____D C:\Users\Arc\Documents\CMCC
2016-11-06 20:38 - 2016-11-06 20:38 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-11-06 20:38 - 2016-11-06 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-11-06 20:38 - 2016-11-06 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-11-06 20:37 - 2016-11-06 20:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-11-06 20:37 - 2016-11-06 20:37 - 00000000 ____D C:\Users\Arc\AppData\Local\Microsoft Help
2016-11-06 20:37 - 2016-11-06 20:37 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-06 20:37 - 2016-11-06 20:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-11-06 08:25 - 2016-11-24 15:15 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-11-06 08:09 - 2016-12-06 02:15 - 00540408 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-06 11:06 - 2016-06-01 22:18 - 02419712 _____ (Farbar) C:\Users\Arc\Desktop\FRST64.exe
2016-12-06 11:06 - 2016-06-01 22:18 - 00000000 ____D C:\FRST
2016-12-06 11:00 - 2016-10-27 15:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-06 10:58 - 2016-08-01 12:38 - 00000000 ____D C:\Users\Arc\AppData\Local\Battle.net
2016-12-06 10:58 - 2016-03-15 03:10 - 00002295 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-12-06 10:57 - 2016-03-15 03:10 - 00002283 ____R C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-12-06 08:28 - 2016-10-26 18:59 - 00000000 ____D C:\Users\Arc
2016-12-06 08:00 - 2016-03-15 03:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-06 07:41 - 2016-10-26 18:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-06 07:09 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-06 07:09 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-06 02:50 - 2016-08-01 12:38 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-12-06 02:50 - 2016-08-01 12:14 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-06 02:49 - 2016-10-27 15:34 - 00001447 ____N C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-12-06 02:49 - 2016-10-27 15:33 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-12-06 02:49 - 2016-09-12 22:03 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-12-06 02:49 - 2016-09-12 22:03 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-12-06 02:49 - 2016-07-15 22:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-06 02:32 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Arc\AppData\Roaming\StardewValley
2016-12-06 02:30 - 2016-03-15 03:50 - 00000000 ____D C:\Users\Arc\AppData\Local\CrashDumps
2016-12-06 02:20 - 2016-08-31 01:43 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Origin
2016-12-06 02:20 - 2016-08-31 01:41 - 00000000 ____D C:\ProgramData\Origin
2016-12-05 21:35 - 2016-11-01 00:32 - 00000000 ____D C:\Users\Arc\AppData\LocalLow\Heroes and Generals
2016-12-05 21:07 - 2016-06-01 22:02 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-12-04 22:28 - 2016-05-22 08:25 - 00000000 ____D C:\Users\Arc\AppData\Roaming\vlc
2016-12-04 21:57 - 2016-10-26 18:58 - 01301158 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-04 21:52 - 2016-10-26 19:10 - 00000000 ___RD C:\Users\Arc\OneDrive
2016-12-04 21:52 - 2016-10-26 18:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-04 21:52 - 2016-03-26 09:31 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Spotify
2016-12-04 21:52 - 2016-03-26 09:31 - 00000000 ____D C:\Users\Arc\AppData\Local\Spotify
2016-12-04 21:51 - 2016-10-26 19:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-04 21:51 - 2016-07-15 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-04 13:13 - 2016-10-27 15:34 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-03 19:14 - 2016-04-18 02:27 - 00000000 ____D C:\Users\Arc\AppData\Roaming\tixati
2016-12-03 08:12 - 2016-06-14 07:31 - 00000000 ____D C:\Users\Arc\AppData\Roaming\SmartSteamEmu
2016-12-03 08:12 - 2016-04-22 21:18 - 00000000 ____D C:\Users\Arc\Documents\My Games
2016-12-03 03:42 - 2016-03-15 03:09 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-03 03:22 - 2016-10-26 20:14 - 00000000 ____D C:\Users\Arc\AppData\Local\MicrosoftEdge
2016-12-03 03:16 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-03 03:13 - 2016-08-31 01:55 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-12-03 03:11 - 2016-05-19 03:58 - 00000000 ____D C:\Games
2016-12-03 03:08 - 2016-08-31 01:41 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-02 13:25 - 2016-10-26 19:08 - 00000000 ____D C:\Users\Arc\AppData\Local\Packages
2016-11-29 06:59 - 2016-08-01 12:39 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-11-28 08:45 - 2016-03-28 20:45 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-28 02:45 - 2016-06-27 02:45 - 00000002 _____ C:\END
2016-11-26 21:27 - 2016-08-21 23:17 - 00000000 ____D C:\Users\Arc\AppData\Local\ElevatedDiagnostics
2016-11-25 16:16 - 2016-10-26 18:57 - 00303368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-24 17:54 - 2016-03-15 03:06 - 00000000 ____D C:\Users\Arc\AppData\Local\VirtualStore
2016-11-24 16:48 - 2016-07-16 03:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-23 10:18 - 2016-10-26 18:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-23 10:18 - 2016-10-13 09:05 - 00001489 ____N C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-23 10:17 - 2016-10-26 19:01 - 00003986 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 10:17 - 2016-10-26 19:01 - 00003958 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 10:17 - 2016-10-26 19:01 - 00003922 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 10:17 - 2016-10-26 19:01 - 00003896 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 10:17 - 2016-10-26 19:01 - 00003734 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 10:17 - 2016-10-26 19:01 - 00003692 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-23 10:17 - 2016-10-26 18:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-23 10:17 - 2016-10-26 18:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-22 22:51 - 2016-03-15 03:10 - 00002115 ____N C:\Users\Public\Desktop\Google Slides.lnk
2016-11-22 22:51 - 2016-03-15 03:10 - 00002113 ____N C:\Users\Public\Desktop\Google Sheets.lnk
2016-11-22 22:51 - 2016-03-15 03:10 - 00002103 ____N C:\Users\Public\Desktop\Google Docs.lnk
2016-11-22 22:51 - 2016-03-15 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-22 08:23 - 2016-10-26 18:57 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-11-21 20:57 - 2016-08-31 01:41 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-11-21 15:16 - 2016-03-28 20:44 - 00000000 ____D C:\Users\Arc\AppData\Roaming\TS3Client
2016-11-20 17:47 - 2016-03-15 03:58 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-11-17 05:45 - 2016-10-13 09:05 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-11-17 05:45 - 2016-10-13 09:05 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-11-17 05:45 - 2016-10-13 09:05 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-11-17 05:45 - 2016-10-13 09:05 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-11-17 05:45 - 2016-10-13 09:05 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-11-17 05:45 - 2016-10-13 09:05 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-11-16 09:21 - 2016-06-29 13:13 - 00000000 ____D C:\Users\Arc\AppData\Local\Adobe
2016-11-16 08:42 - 2016-10-13 09:05 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-11-15 15:54 - 2016-07-01 00:54 - 00000000 ____D C:\Users\Arc\Documents\Kingdoms
2016-11-15 08:16 - 2016-10-26 19:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-15 08:12 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-09 18:15 - 2016-07-16 03:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-09 18:13 - 2016-03-15 03:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 18:10 - 2016-03-15 03:56 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-07 08:44 - 2016-10-26 19:01 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 08:19 - 2016-10-30 03:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive
2016-11-06 20:37 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-06 20:37 - 2009-07-13 23:46 - 00000000 ____D C:\WINDOWS\ShellNew
 
==================== Files in the root of some directories =======
 
2016-06-17 01:47 - 2016-06-16 08:49 - 0012879 _____ () C:\Users\Arc\AppData\Roaming\alsoft.ini
2016-03-18 07:10 - 2016-03-18 07:10 - 0000017 _____ () C:\Users\Arc\AppData\Local\resmon.resmoncfg
2016-11-24 16:45 - 2016-11-24 16:45 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
C:\Users\Arc\AppData\Local\Temp\eZZBQ6Kw-prog.exe
C:\Users\Arc\AppData\Local\Temp\InstallHelper.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-11-29 21:06
 
==================== End of FRST.txt ============================
 
 
 
Addition.TXT
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2016
Ran by Arc (06-12-2016 11:06:58)
Running from C:\Users\Arc\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-27 03:08:17)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1267418245-3742697258-4214093646-500 - Administrator - Disabled)
Arc (S-1-5-21-1267418245-3742697258-4214093646-1000 - Administrator - Enabled) => C:\Users\Arc
DefaultAccount (S-1-5-21-1267418245-3742697258-4214093646-503 - Limited - Disabled)
Guest (S-1-5-21-1267418245-3742697258-4214093646-501 - Limited - Disabled)
Test (S-1-5-21-1267418245-3742697258-4214093646-1002 - Limited - Enabled) => C:\Users\Test
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
American Truck Simulator (HKLM\...\Steam App 270880) (Version:  - SCS Software)
Anno 1404 - Dawn of Discovery version 1.3 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 1.3 - )
Ansel (Version: 375.63 - NVIDIA Corporation) Hidden
AnySend (HKLM-x32\...\ASPackage) (Version:  - CMI Limited) <==== ATTENTION
Aslain's WoT Modpack version 9.16.42 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 9.16.42 - Aslain)
Aslain's XVM WoT Modpack version 9.15.23 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 9.15.23 - Aslain)
AutoHotkey 1.1.23.05 (HKLM\...\AutoHotkey) (Version: 1.1.23.05 - Lexikos)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.3.0.7 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.10.265 - Electronic Arts)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
Bridge! 2 (HKLM\...\YnJpZGdlMg_is1) (Version: 1 - )
BtwMfcMM (HKLM\...\{D5B46D30-F054-4C64-9C0F-97C8451E7D04}) (Version: 6.00.0000 - Broadcom Corporation)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
Cities XXL (HKLM-x32\...\Cities XXL_is1) (Version: v1.2 - Focus Home Interactive)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
City Car Driving Home Edition (HKLM\...\Q2l0eUNhckRyaXZpbmc=_is1) (Version: 1 - )
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0156 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
EVGA PrecisionX 16 (HKLM\...\Steam App 268850) (Version:  - EVGA)
Factorio (HKLM-x32\...\1238653230_is1) (Version: 2.0.0.2 - GOG.com)
FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 2.TTRS.2016 - Thrustmaster)
Fractured Space (HKLM\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Drive (HKLM-x32\...\{8696116E-F4C2-4C64-AD7E-FF365E244FA4}) (Version: 1.32.3889.0961 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HAWKEN (HKLM\...\Steam App 271290) (Version:  - Reloaded Games)
Helpics Modpack version V.1.8 (HKLM-x32\...\{A38A8F05-489C-47B9-8EF1-8170F78B5C45}_is1) (Version: V.1.8 - Helpics)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.1.0.0 - Reto-Moto)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
InterStat (HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\InterStat) (Version: 1.0 - InterStat)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kerbal Space Program (HKLM\...\Steam App 220200) (Version:  - Squad)
Killer Bandwidth Control Filter Driver (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
Kingdoms (HKLM\...\Steam App 409590) (Version:  - Max Peskov)
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
Macro Recorder 5.6.5 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
Medieval II: Total War (HKLM\...\Steam App 4700) (Version:  - The Creative Assembly)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mini Metro (HKLM-x32\...\1434554947_is1) (Version: 2.0.0.3 - GOG.com)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.16 - MSI)
MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.35 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.0.0.23 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.023 - MSI)
MSI Smart Utilities (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.11 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.07 - MSI)
MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)
MSI® Intel® Extreme Tuning Utility (x32 Version: 6.0.2.102 - Intel Corporation) Hidden
NBA 2K16 (HKLM-x32\...\NBA 2K16_is1) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.63 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.7.3 - Steganos Software GmbH)
OMC ModPack Client version 1.5.1.9 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.1.9 - Odem Mortis)
One Troll Army (HKLM\...\Steam App 438680) (Version:  - FlyAnvil)
Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64936 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.100.9.0 - Overwolf Ltd.)
Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.15 - Panda Security and Visicom Media Inc.)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
Police Tactics Imperio (HKLM-x32\...\Police Tactics Imperio_is1) (Version:  - )
Project CARS Game Of The Year Edition (HKLM\...\cHJvamVjdGNhcnM_is1) (Version: 1 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Rebel Galaxy (HKLM-x32\...\1435582019_is1) (Version: 2.0.0.1 - GOG.com)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Screenshot Pro 1.0.0.6000056 (HKLM\...\{F772C08D-9F61-45c6-982F-ADDEEE0D92C6}) (Version: 1.0.0.6000056 - ShenZhen Enode Techology co,.Ltd) <==== ATTENTION
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.08 - Creative Technology Limited)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
Spotify (HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Spotify) (Version: 1.0.43.123.g80176796 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.26 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.2.0.4 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellaris (HKLM-x32\...\Stellaris_is1) (Version:  - )
Stonehearth (HKLM\...\Steam App 253250) (Version:  - Radiant Entertainment)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V: Skyrim - Legendary Edition_is1) (Version:  - )
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version:  - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Transport Fever (HKLM-x32\...\Transport Fever_is1) (Version:  - )
Unwittily Ragstone Subsales (HKLM-x32\...\Unwittily Ragstone Subsales) (Version: 1.95 - Etiwanda Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 19.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Workplace Backgrounds (HKLM-x32\...\{13304708-E115-4044-82DA-88A6F5424359}) (Version: 1.0.0 - Screaming Bee)
XSplit Gamecaster (HKLM-x32\...\{D7BEC6E9-5E86-44FF-AA21-23DA71ED676B}) (Version: 2.4.1506.1243 - SplitmediaLabs)
XVM version 6.4.0 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.4.0 - XVM team)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1267418245-3742697258-4214093646-1000_Classes\CLSID\{58d0e2b1-e998-4e65-9933-805c2921aaf2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C996F31-F3F3-42A8-9E0E-332B8F087BB4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1FADFA6D-2ABA-43DC-8511-A7E675AEB976} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)
Task: {242F7C19-74F8-49A7-8F8A-0A3056469D0A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {290340AF-B9BF-4162-9B58-DD3BF3E5F8A8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2AE470FE-0DEE-4CB4-B581-A7E6317E3931} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42D805F6-348D-41A6-9725-2D59690F2FA7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4AD7333C-C532-4AF9-91FA-378793CCEDEF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {526A1F25-192E-4920-9A6E-B1737004A2C8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5A978438-8FE0-42B8-9B08-82723263DAE4} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)
Task: {5D120BC2-8B84-4C58-A50F-09D58E5F661C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F0175AA-EDB1-4B7C-A55A-025B338A1F3B} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {61E028B4-DFD3-44A3-9E17-0851CEBE35CC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {6ABBBFB5-1C92-4B78-AAD3-0C558E2B11FE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6B87E203-E717-4F1D-8F4C-9980F1CD035A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7220BC0F-1E2C-448A-897B-26097DF373F7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {735F7E8A-4A7D-402C-B7F1-40EE94C57828} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {805673AD-3BA3-48C5-BF50-B8F759B2DE95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)
Task: {856C30CB-E623-4393-996B-433588C0508E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {981DC40A-2229-4C0D-B90C-E96B443F8111} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {A6903129-3930-4CA8-9C81-06E434BDDF33} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AA2E67F3-5F36-4A8C-9510-A0BDEE289956} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B5679E3E-9239-4362-9E3F-1D4C0CF0C3E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B82885D1-7D6C-4863-A880-BE56F603F824} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC77BEA3-5910-4F76-8029-842FE36B46CD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {BD126F5C-8B68-478A-A911-35CED6BBA3E3} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {C2407C5C-1C9B-4AFE-9A07-B33675C0069F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {C2B97F26-7847-48C3-A440-0A8E3484BD7C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {C8E1A3E9-D50C-4DD9-B7F4-C83472857A1B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D5E0CF6C-5F8A-4478-922B-6067A88F75C4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {D83D0E57-3D8F-49B4-98F5-F715A5759B1E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {DF304282-7262-4DC9-868C-DBE69C633480} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-23] (Overwolf LTD)
Task: {ED662C0F-FD84-43C3-9627-FFFCB605878A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F44DDBB1-D875-4063-BC38-18AEFB857649} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {F787F8B2-4DE2-4109-8EAD-1E34B1DEBF7A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FC18AE39-6B4F-4103-B397-F4001967AFD0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FEB6BB38-4088-474D-A1E1-9C87AD911646} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWoW64\muachost.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Arc\Desktop\Gnоmоriа.lnk -> D:\Games\Gnomoria v1.0\Launcher_SGi.bat ()
Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 03:42 - 2016-07-16 03:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-26 19:50 - 2016-10-26 19:50 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-13 09:05 - 2016-11-17 05:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-13 09:05 - 2016-11-17 05:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-13 09:05 - 2016-11-17 05:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-10-26 18:58 - 2016-10-21 22:04 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-27 13:41 - 2016-06-14 15:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2016-10-26 19:50 - 2016-10-26 19:50 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-27 19:10 - 2016-10-27 19:10 - 01864384 _____ () C:\Users\Arc\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-02-21 13:38 - 2016-02-21 13:38 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-10-26 19:50 - 2016-10-26 19:50 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-08 12:41 - 2016-11-02 02:30 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-11-17 08:17 - 2016-11-17 08:17 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-11-17 08:17 - 2016-11-17 08:17 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-11-17 08:17 - 2016-11-17 08:17 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-03-15 03:30 - 2015-05-29 16:57 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2016-03-15 03:30 - 2015-05-29 16:56 - 00366080 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2015-03-06 16:07 - 2015-03-06 16:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-02-17 15:01 - 2016-02-17 15:01 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 16:07 - 2015-03-06 16:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-02-17 15:01 - 2016-02-17 15:01 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-03-22 20:11 - 2012-03-22 20:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
2016-11-17 08:16 - 2016-11-17 08:16 - 03766272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-11-08 12:41 - 2016-11-02 02:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 12:41 - 2016-11-02 02:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 12:41 - 2016-11-02 02:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 12:41 - 2016-11-02 02:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-08 12:41 - 2016-11-02 02:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 12:41 - 2016-11-02 02:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-21 14:32 - 2016-10-21 14:32 - 00147568 _____ () C:\Program Files (x86)\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-10-27 13:35 - 2005-07-18 12:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-09-11 07:04 - 2016-12-03 03:08 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-03-15 03:38 - 2016-11-17 05:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-13 09:05 - 2016-11-17 05:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-13 09:05 - 2016-11-17 05:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-27 13:41 - 2016-06-14 15:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2016-10-13 09:05 - 2016-11-17 02:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-13 09:05 - 2016-11-17 02:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-13 09:05 - 2016-11-17 02:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-13 09:05 - 2016-11-17 02:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-13 09:05 - 2016-11-17 02:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-13 09:05 - 2016-11-17 02:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-13 09:05 - 2016-11-17 02:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-10-13 09:05 - 2016-11-17 05:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-03-15 03:38 - 2016-09-07 19:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-03-15 03:38 - 2016-08-31 17:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-03-15 03:38 - 2016-10-12 17:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-03-15 03:38 - 2016-01-26 23:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-03-15 03:38 - 2016-01-26 23:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-03-15 03:38 - 2016-01-26 23:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-03-15 03:38 - 2016-01-26 23:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-03-15 03:38 - 2016-01-26 23:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-03-15 03:38 - 2016-08-31 17:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-03-15 03:38 - 2016-08-31 17:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-03-15 03:38 - 2016-10-12 17:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-15 03:38 - 2016-07-04 14:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-14 07:16 - 2016-08-04 12:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-10-27 19:10 - 2016-10-27 19:10 - 01383616 _____ () C:\Users\Arc\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-10-27 19:10 - 2016-10-27 19:10 - 00118976 _____ () C:\Users\Arc\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-03-15 03:38 - 2015-09-24 15:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-10-21 14:32 - 2016-10-21 14:32 - 00575088 _____ () C:\Program Files (x86)\ScreenshotPro\1.0.0.6000056\Updata.dll
2016-10-30 01:00 - 2016-10-20 00:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-30 01:00 - 2016-10-20 00:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-11-08 14:10 - 2016-11-08 14:10 - 17772736 _____ () C:\Users\Arc\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll
2016-06-19 22:37 - 2016-06-19 22:37 - 52043776 _____ () C:\Program Files (x86)\Unwittilyagsubs\libcef.dll
2016-06-19 22:37 - 2016-06-19 22:37 - 01734656 _____ () C:\Program Files (x86)\Unwittilyagsubs\libglesv2.dll
2016-06-19 22:37 - 2016-06-19 22:37 - 00080384 _____ () C:\Program Files (x86)\Unwittilyagsubs\libegl.dll
2016-10-26 19:50 - 2016-10-26 19:50 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Arc:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [214]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Arc\AppData\Local\Microsoft\Windows\INetCache\IE\E5EZKBV2\MSI[1].jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{0CC5CD62-C891-4E31-9EAD-2079CE9BFB72}C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe] => C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe
FirewallRules: [TCP Query User{5855DD9B-B492-4145-8448-9E58FD36FF72}C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe] => C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe
FirewallRules: [{788B49AF-03D2-45A8-AE12-F18C2D66EF7C}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{B283F19A-9E0F-4248-908A-9D42A5F7DBE6}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [UDP Query User{D8004B09-0194-4CA4-B7DE-C5F8B5E09C18}C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [TCP Query User{8870DE43-FE48-46E4-9556-5B100FFAD661}C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
FirewallRules: [UDP Query User{DB768BC9-9F28-4617-BEFC-7289CE0B003D}C:\program files\city car driving\bin\win32\starter.exe] => C:\program files\city car driving\bin\win32\starter.exe
FirewallRules: [TCP Query User{9D5D624A-56A5-4247-8E8D-4196636F8BD6}C:\program files\city car driving\bin\win32\starter.exe] => C:\program files\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{43716CBE-B3E7-46E5-AC0A-4C24932CA0D7}C:\program files\guillemot\tools\giwebupdater.exe] => C:\program files\guillemot\tools\giwebupdater.exe
FirewallRules: [TCP Query User{A824BD5E-35C6-4124-8A98-FE673E6F7BA2}C:\program files\guillemot\tools\giwebupdater.exe] => C:\program files\guillemot\tools\giwebupdater.exe
FirewallRules: [{81CD8610-D4BD-43F3-9C32-06D4F000AF81}] => D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{60F6B292-8134-49F9-BCF1-195FB8C958C7}] => D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{536E5F11-A0D1-43CE-9F40-C764525D0C12}] => D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{B79863EC-1BC4-4AC6-B11E-782030B500EA}] => D:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{75B51B17-CE6B-45EF-9070-B0514DAE0DC9}] => C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{758C6E8E-0BE4-40F4-A879-040197F40167}] => C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{055E7A77-5B61-493A-813E-A97D2CDF2E4E}] => C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{76AFF123-0D6D-4EA6-B69B-F024AE500900}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{7ACC00E9-8683-43A5-BE7A-5C6A85924B24}] => C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{B6CF547D-3DC8-48BB-A376-C93E8D5142E4}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{78E33DDA-93F9-42DB-8BA8-0361C5B0371A}] => C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [UDP Query User{A7F32F0A-08B3-42BF-8010-3B905BE0E9F7}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{11814690-709F-495E-B11F-B1E181A4F1BD}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{552B0FF8-4C1D-4BA8-AE80-B4D10065740A}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{73B02EE5-A638-43F1-9FB9-D8FA6C32BA74}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{63B2F2A3-4C03-4315-B6E4-00ECEC70A99F}C:\program files\tixati\tixati.exe] => C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{F65AE2AF-99A3-4D3E-B494-8748EDE42D35}C:\program files\tixati\tixati.exe] => C:\program files\tixati\tixati.exe
FirewallRules: [{D0FB3FA5-E60E-4A2C-BFAE-04638B602EA6}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{245C56CD-BEF1-4F13-B9AB-66316AB0158A}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{CDEA253B-D517-4F97-9D60-29CEB90942F1}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{BCF42FED-456F-4C02-B1F3-2C1D34FDC90F}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{C54BA3A5-1693-4899-80F9-EDCE5A049131}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{797EC5AD-107A-4849-86B7-B3B0CCA0D276}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{20A8D965-4FD1-468E-B953-228BE1C61DC9}] => C:\Program Files (x86)\Steam\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{9219C253-E5E3-478B-A558-137D92E0AFC7}] => C:\Program Files (x86)\Steam\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{816B4734-E3DA-4462-8EF5-6B1A46DC91C5}] => C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
FirewallRules: [{A20C2052-E8BC-4E96-BF22-86E7BC8FD8F8}] => C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
FirewallRules: [{D5611193-72B0-4186-905B-4B627FEE06FF}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [{4DBBB84D-8450-42D9-AC2A-9C8112C92CB6}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{C1A0B289-D146-406D-84F9-63B60D3F5B56}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{A3947EBE-C134-4020-8739-7C54998B32E9}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{76455814-AA29-4E95-A5F1-B72431079E8C}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{FD4F8236-02DB-43F8-9454-F206D28A6A6D}] => C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{C76B6381-AB71-4E34-8D9E-0EB364336530}] => C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{8D830137-2146-49C7-A71E-AF6B9CCB289E}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{C0C1453F-B852-4C63-B352-D990F825367F}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{0345794C-DFF5-4922-BA70-A9D420F11AFA}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{3042210A-6EEC-4600-BFD7-0C2860DD43E0}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [UDP Query User{BCDC9D51-4AE5-4F1D-B6AD-46E9E270F4C2}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
FirewallRules: [TCP Query User{2A62E163-5488-48DD-8E83-0AAFDB5F0C0B}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
FirewallRules: [{FF0AA9D3-F94B-4466-8358-D9E399EB8737}] => C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{EAE4890F-D4AA-42C7-A719-87FC4BE79C62}] => C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [UDP Query User{969BBA19-CB75-49ED-B715-6E28471A7630}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{37910C61-2775-4A9D-857F-909077FA8578}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CB97E01F-2673-44FE-B541-C5C646CA316C}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{DED341C8-6FEF-4813-9266-9D3663309F63}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{046E13F3-894F-43D9-A381-41E453A697DC}C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe] => C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe
FirewallRules: [TCP Query User{795DE68D-A9AC-46E1-BB85-736C83241085}C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe] => C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe
FirewallRules: [UDP Query User{DA006301-262A-4FB1-9458-2672B7EE365F}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{03BA674D-0199-40A6-8D1F-510303A6D3A0}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{D4816D2B-4205-40B0-B4FF-A893397D5CCF}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe
FirewallRules: [{005E3195-15F2-4061-B475-A8244BCCA4A4}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe
FirewallRules: [{C9739606-D9E2-4B97-AE0E-B525FF4A6B06}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe
FirewallRules: [{D8593815-1A56-40CF-A9A2-325D7CD4E5A6}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe
FirewallRules: [UDP Query User{6800A260-83FF-4027-957F-1B5A8253AA8D}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{9F9A748D-6483-4F8F-87E9-808B86DC3103}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B1F30188-D7D3-43B8-ABFA-11B27C181F98}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
FirewallRules: [TCP Query User{0FF54AC1-5DEB-4E2C-9E30-AED5056284B3}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
FirewallRules: [UDP Query User{C3141228-2A6F-4BF1-840C-68922A1A60D9}F:\world_of_tanks9.14\worldoftanks.exe] => F:\world_of_tanks9.14\worldoftanks.exe
FirewallRules: [TCP Query User{25740937-DDA9-4B04-B5C7-B0006035A2FF}F:\world_of_tanks9.14\worldoftanks.exe] => F:\world_of_tanks9.14\worldoftanks.exe
FirewallRules: [{53006F1A-7172-47CB-9CD0-5943395EF31A}] => C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9940A988-2A95-4B0D-BC2A-2E6046D8692D}] => C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{C05AFB7E-2F21-47B2-8C19-850326E7A306}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8B2BBA81-548C-4230-9E2C-73BFD0139374}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6D6481AF-CEC6-4B84-BC2E-10357E960BB2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{274F9AA5-F481-49B1-AF2B-D220D32F71B6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AE11D8C5-2249-49E3-B9EE-DF28AB51ADAA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{CD7AB6DE-EDEF-42B8-BA25-E23E1BE988DE}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{02F1CFE1-8290-45F3-B370-EC87937D861E}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A7F85393-4B7F-4280-A6F2-4644DF64D8FB}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D6BED798-FFF9-44C8-86E2-24002D7595E6}] => D:\Steam D\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{B1997FB8-020C-44FD-916D-F05185180DAA}] => D:\Steam D\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [TCP Query User{2983A911-EEF2-47BD-9CD0-8BA5D00E34B0}D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe] => D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{DCE7F637-8882-45A2-81A7-23DB23E5E5E0}D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe] => D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{46B263B8-CC8A-4812-8C36-6ABC28DC444D}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{1FAC9E39-0457-4DC1-AE22-25C0500F3D90}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{AE86A8D2-6FFB-4BF5-AC04-CFA405049F99}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{26B03AE9-9410-4989-8DF3-021E2B51FCC4}] => C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{204F0BA2-5860-4B81-8AB8-D1AF922DB383}] => C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{9AF8838B-F46E-4466-AA4E-207108E67936}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9A2CD5D8-D17D-4F6B-A3B3-5254A39A6971}] => D:\Steam D\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{700AD4FE-A4DF-4EDE-84E3-F68A14AB3431}] => D:\Steam D\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{10629B9B-E897-4756-AD6F-D0DD08405713}] => D:\Steam D\steamapps\common\Kingdoms\Kingdoms.exe
FirewallRules: [{A6DC472C-BF5E-4C7D-A504-1B9E32A5B333}] => D:\Steam D\steamapps\common\Kingdoms\Kingdoms.exe
FirewallRules: [{5495A2DF-1E1B-4B81-A886-EBF6053A5326}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{23D8ACF2-63A5-4A04-BED2-A66547428F75}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
FirewallRules: [{42DC1856-CAA5-483C-B637-CDEDEDB6C373}] => C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{7E013171-55AC-497F-B74B-B84E69449E3F}] => C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{D898032E-1076-4B83-BE85-E6DE7BE208C4}] => C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{C5E3E15C-E3D2-4FCE-8462-AD4436FE5FE1}] => C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{BE44E150-9C62-448B-99FE-2C3B03AFC9C7}] => D:\Steam D\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{AACA2506-4167-45A3-BB58-D92191A910CB}] => D:\Steam D\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{520452B1-5C23-407B-AB38-C1F0048D9E12}] => C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{2C456EA4-6984-4AB8-9E77-0A1F545E9733}] => C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
FirewallRules: [{CE14CCC9-75FF-49C0-91CC-18D08FE2751A}] => D:\Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{DA73AF93-954A-4767-BF3B-5630FDB3F89A}] => D:\Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{D4717FD0-05BB-4681-A008-EA2F17833BBF}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{64FA3BB6-6C85-485A-8A6C-2D841546DDEB}] => LPort=5357
FirewallRules: [{8311B0EF-6D16-4EFE-9E51-9511A52968DA}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{420145C4-121C-41B3-902E-AB6A7BA06C76}] => C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{0E9AE795-B0F9-4AE7-A242-CC21E196EBE8}] => C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
FirewallRules: [{20A37FAA-CDB7-4A2A-9FC2-1DFD33741D7B}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{00C1C67F-3BC4-446D-86E3-ADA48F2DF4BD}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{3C9FB0EB-B288-4F42-B713-7E1413FCC3D8}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{8BE6643C-85EF-4B1F-BEDD-FA2F56A0353F}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{17FEFD7C-811A-4B9A-BABF-773AEFDD7E23}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{65016E45-8C07-40E4-800C-EA2CF1F49D44}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{EB769853-2B21-4F05-9039-BC36600602AB}] => 㩃停潲牧浡䘠汩獥⠠㡸⤶啜睮瑩楴祬条畳獢啜睮瑩楴祬条畳獢攮數
FirewallRules: [{347FC498-2C2B-4823-8318-239FF317F8FB}] => 㩃停潲牧浡䘠汩獥⠠㡸⤶啜睮瑩楴祬条畳獢啜睮瑩楴祬条畳獢⹟硥e
 
==================== Restore Points =========================
 
20-11-2016 19:18:39 Installed DirectX
23-11-2016 17:14:33 Installed DirectX
30-11-2016 19:09:11 Scheduled Checkpoint
03-12-2016 03:42:36 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
03-12-2016 03:42:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
 
==================== Faulty Device Manager Devices =============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/06/2016 11:02:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\screenshotpro\1.0.0.6000056\ScreenshotPro.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (12/06/2016 11:02:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\screenshotpro\1.0.0.6000056\ScreenshotPro.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (12/06/2016 02:30:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TS4_x64.exe, version: 1.20.60.1020, time stamp: 0x576082d1
Faulting module name: TS4_x64.exe, version: 1.20.60.1020, time stamp: 0x576082d1
Exception code: 0xc0000005
Fault offset: 0x0000000000c9e1d1
Faulting process id: 0x34fc
Faulting application start time: 0x01d24faa7f901192
Faulting application path: D:\Games\The Sims 4\Game\Bin\TS4_x64.exe
Faulting module path: D:\Games\The Sims 4\Game\Bin\TS4_x64.exe
Report Id: 20c63c0f-2548-4bd5-8744-005fe0e5ada9
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/06/2016 02:21:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program TS4_x64.exe version 1.20.60.1020 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 3310
 
Start Time: 01d24faa690d3f87
 
Termination Time: 5
 
Application Path: D:\Games\The Sims 4\Game\Bin\TS4_x64.exe
 
Report Id: b4b7c575-bb9d-11e6-9f9c-d8cb8adfa151
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/06/2016 01:55:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program HeroesAndGeneralsDesktop.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 3600
 
Start Time: 01d24f824fb2a191
 
Termination Time: 2
 
Application Path: C:\Program Files (x86)\Heroes & Generals\live\HeroesAndGeneralsDesktop.exe
 
Report Id: 233be741-bb9a-11e6-9f9c-d8cb8adfa151
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/04/2016 09:54:07 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: MASTACHIE)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
 
Error: (12/04/2016 09:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Exception code: 0xc0000005
Fault offset: 0x0000000000006f58
Faulting process id: 0x9bc
Faulting application start time: 0x01d24eb76cda61ea
Faulting application path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Faulting module path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Report Id: 6f6d9f7f-4950-4aa2-a219-c72b93f2f6ee
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/04/2016 09:23:39 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: MASTACHIE)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
 
Error: (12/04/2016 09:21:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
Exception code: 0xc0000005
Fault offset: 0x0000000000006f58
Faulting process id: 0x8d4
Faulting application start time: 0x01d24e71048c0785
Faulting application path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Faulting module path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
Report Id: dbb1f57f-322f-4d23-a99d-69115354b6c3
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/04/2016 12:59:38 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: MASTACHIE)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
 
 
System errors:
=============
Error: (12/06/2016 02:49:39 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
Incorrect function.
 
Error: (12/06/2016 02:49:38 AM) (Source: KLIF) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (12/06/2016 02:49:37 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
Access is denied.
 
Error: (12/06/2016 02:49:37 AM) (Source: KLIF) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (12/04/2016 09:52:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/04/2016 09:51:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (12/04/2016 09:51:51 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 7 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
 
Error: (12/04/2016 09:51:51 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 5 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
 
Error: (12/04/2016 09:51:51 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
 
Error: (12/04/2016 09:51:51 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
Description: Performance power management features on Hyper-V logical processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
 
 
CodeIntegrity:
===================================
  Date: 2016-12-03 20:37:01.621
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-12-03 03:22:11.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-12-03 03:21:59.422
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-11-26 16:46:17.997
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-11-24 14:59:19.066
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-11-21 15:41:42.112
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-15 08:51:46.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-11-15 08:11:56.350
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-15 08:11:56.342
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2016-11-15 08:11:56.331
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 31%
Total physical RAM: 16329.45 MB
Available physical RAM: 11262.08 MB
Total Virtual: 32713.45 MB
Available Virtual: 26211.04 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:446.69 GB) (Free:61.79 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:912.7 GB) (Free:480.02 GB) NTFS
Drive f: (Transport Fever) (CDROM) (Total:4.96 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 8E648704)
Partition 1: (Active) - (Size=446.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: ED8A50F5)
Partition 1: (Not Active) - (Size=912.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
 
 
This is my AV log



06.12.2016 11.01.59 Dangerous URL blocked http://lolv.drin.hem...13/4f1cbc1b.exe Object: http://lolv.drin.hem...13/4f1cbc1b.exe Object type: URL Reason: KSN Application: Applications downloader Time: 12/6/2016 11:01 AM
06.12.2016 11.01.48 Dangerous URL blocked http://lolv.drin.hem...13/4f1cbc1b.exe Object: http://lolv.drin.hem...13/4f1cbc1b.exe Object type: URL Reason: KSN Application: Applications downloader Time: 12/6/2016 11:01 AM
06.12.2016 11.01.38 Dangerous URL blocked http://lolv.drin.hem...13/4f1cbc1b.exe Object: http://lolv.drin.hem...13/4f1cbc1b.exe Object type: URL Reason: KSN Application: Applications downloader Time: 12/6/2016 11:01 AM
06.12.2016 11.00.33 Download blocked http://cloudfront.8e...stCleaner16.exe Object name: HEUR:Trojan-Downloader.Win32.Generic Object: http://cloudfront.8e...stCleaner16.exe Application: Applications downloader Object type: Trojan program Time: 12/6/2016 11:00 AM
06.12.2016 11.00.33 Object (file) detected http://cloudfront.8e...stCleaner16.exe Object name: HEUR:Trojan-Downloader.Win32.Generic Object: http://cloudfront.8e...stCleaner16.exe Application: Applications downloader Object type: Trojan program Time: 12/6/2016 11:00 AM
06.12.2016 11.00.23 Download blocked http://cloudfront.8e...stCleaner16.exe Object name: HEUR:Trojan-Downloader.Win32.Generic Object: http://cloudfront.8e...stCleaner16.exe Application: Applications downloader Object type: Trojan program Time: 12/6/2016 11:00 AM
06.12.2016 11.00.23 Object (file) detected http://cloudfront.8e...stCleaner16.exe Object name: HEUR:Trojan-Downloader.Win32.Generic Object: http://cloudfront.8e...stCleaner16.exe Application: Applications downloader Object type: Trojan program Time: 12/6/2016 11:00 AM
06.12.2016 11.00.12 Download blocked http://cloudfront.8e...stCleaner16.exe Object name: HEUR:Trojan-Downloader.Win32.Generic Object: http://cloudfront.8e...stCleaner16.exe Application: Applications downloader Object type: Trojan program Time: 12/6/2016 11:00 AM
06.12.2016 11.00.12 Object (file) detected http://cloudfront.8e...stCleaner16.exe Object name: HEUR:Trojan-Downloader.Win32.Generic Object: http://cloudfront.8e...stCleaner16.exe Application: Applications downloader Object type: Trojan program Time: 12/6/2016 11:00 AM
06.12.2016 10.58.34 Dangerous URL blocked http://lolv.drin.hem...22/47d7dd08.exe Object: http://lolv.drin.hem...22/47d7dd08.exe Object type: URL Reason: KSN Application: Applications downloader Time: 12/6/2016 10:58 AM
06.12.2016 10.58.23 Dangerous URL blocked http://lolv.drin.hem...22/47d7dd08.exe Object: http://lolv.drin.hem...22/47d7dd08.exe Object type: URL Reason: KSN Application: Applications downloader Time: 12/6/2016 10:58 AM
06.12.2016 10.58.13 Dangerous URL blocked http://lolv.drin.hem...22/47d7dd08.exe Object: http://lolv.drin.hem...22/47d7dd08.exe Object type: URL Reason: KSN Application: Applications downloader Time: 12/6/2016 10:58 AM

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
Uninstall:
 
AnySend
InterStat 
Screenshot Pro 1.0.0.6000056
Unwittily Ragstone Subsales 

 
Download the attached fixlist.txt to the same location as FRST
 
 
Run FRST (right click and Run As Admin) and press Fix
A fix log will be generated please post that 
 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.  Is Kaspersky still complaining?
     

     


    • 0

    #3
    archiep

    archiep

      Member

    • Topic Starter
    • Member
    • PipPip
    • 53 posts

    Hello Rkinner, thank you for the reply here are the logs you requested

     

     

    Fix result of Farbar Recovery Scan Tool (x64) Version: 05-12-2016
    Ran by Arc (07-12-2016 01:47:11) Run:1
    Running from C:\Users\Arc\Desktop
    Loaded Profiles: Arc (Available Profiles: Arc & Test)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    (Young people) C:\Users\Arc\AppData\Roaming\InterStat\interstat.exe
    () C:\Program Files (x86)\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe(Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\UnwittilyR.exe
    (Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs.exe
    (Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs_.exe
    (Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs_.exe
    (Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs.exe
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [InterStat] => C:\Users\Arc\AppData\Roaming\InterStat\interstat.exe [3014592 2016-12-06] (Young people)
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\MountPoints2: {f04b7303-8025-11e6-ac6e-d8cb8adfa151} - "F:\setup.exe" 
    R2 UnwittilyR; C:\Program Files (x86)\Unwittilyagsubs\UnwittilyR.exe [131584 2016-12-02] (Etiwanda Inc.) [File not signed]
    U3 idsvc; no ImagePath
    U3 wpcsvc; no ImagePath
    2016-12-06 11:01 - 2016-12-06 11:01 - 00000000 ____D C:\Program Files (x86)\Unwittilyagsubs
    2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Users\Public\Documents\Tools
    2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Users\Public\Documents\Guid
    2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Screenshot Pro
    2016-12-06 11:00 - 2016-12-06 11:00 - 00000000 ____D C:\Program Files (x86)\ScreenshotPro
    2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InterStat
    2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Roaming\InterStat
    2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Roaming\ASPackage
    2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Users\Arc\AppData\Local\CrashRpt
    2016-12-06 10:59 - 2016-12-06 10:59 - 00000000 ____D C:\Program Files (x86)\00000000-1481050800-0000-0000-D8CB8ADFA151
    2016-12-06 10:57 - 2016-12-06 10:57 - 00594944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Arc\Downloads\libeay32.dll
    2016-12-06 10:57 - 2016-12-06 10:57 - 00152576 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Arc\Downloads\ssleay32.dll
    2016-12-06 10:56 - 2016-12-06 10:56 - 03541672 _____ (Application soft company ) C:\Users\Arc\Downloads\SmoothVideo Project _SVP_ 4.0.0.exe
    2016-12-06 10:56 - 2016-12-06 10:56 - 00000768 ____N C:\Users\Public\Desktop\Download SmoothVideo Pr...lnk
    CMD: Type "C:\Program Files (x86)\Google\Chrome\Application\chrome.bat"
    C:\Program Files (x86)\Google\Chrome\Application\chrome.bat
    C:\Users\Arc\AppData\Local\Temp\eZZBQ6Kw-prog.exe
    C:\Users\Arc\AppData\Local\Temp\InstallHelper.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWoW64\muachost.exe
    Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
    Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
    Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
    Shortcut: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
    Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat ()
    AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [214]
    FirewallRules: [{EB769853-2B21-4F05-9039-BC36600602AB}] => 㩃停潲牧浡䘠汩獥⠠㡸⤶啜睮瑩楴祬条畳獢啜睮瑩楴祬条畳獢攮數
    FirewallRules: [{347FC498-2C2B-4823-8318-239FF317F8FB}] => 㩃停潲牧浡䘠汩獥⠠㡸⤶啜睮瑩楴祬条畳獢啜睮瑩楴祬条畳獢⹟硥e
    C:\Users\Arc\AppData\Roaming\InterStat
    C:\Program Files (x86)\ScreenshotPro
    C:\Program Files (x86)\Unwittilyagsubs
     
    *****************
     
    C:\Users\Arc\AppData\Roaming\InterStat\interstat.exe => No running process found
    C:\Program Files (x86)\ScreenshotPro\1.0.0.6000056\ScreenshotProServ.exe(Etiwanda Inc.) C:\Program Files (x86)\Unwittilyagsubs\UnwittilyR.exe => No running process found
    C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs.exe => No running process found
    C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs_.exe => No running process found
    C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs_.exe => No running process found
    C:\Program Files (x86)\Unwittilyagsubs\Unwittilyagsubs.exe => No running process found
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\Software\Microsoft\Windows\CurrentVersion\Run\\InterStat => value not found.
    "HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f04b7303-8025-11e6-ac6e-d8cb8adfa151}" => key removed successfully
    HKCR\CLSID\{f04b7303-8025-11e6-ac6e-d8cb8adfa151} => key not found. 
    UnwittilyR => service not found.
    idsvc => service removed successfully
    wpcsvc => service removed successfully
    "C:\Program Files (x86)\Unwittilyagsubs" => not found.
    C:\Users\Public\Documents\Tools => moved successfully
    C:\Users\Public\Documents\Guid => moved successfully
    C:\Users\Arc\AppData\Roaming\Screenshot Pro => moved successfully
    "C:\Program Files (x86)\ScreenshotPro" => not found.
    "C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InterStat" => not found.
    "C:\Users\Arc\AppData\Roaming\InterStat" => not found.
    "C:\Users\Arc\AppData\Roaming\ASPackage" => not found.
    C:\Users\Arc\AppData\Local\CrashRpt => moved successfully
    "C:\Program Files (x86)\00000000-1481050800-0000-0000-D8CB8ADFA151" => not found.
    C:\Users\Arc\Downloads\libeay32.dll => moved successfully
    C:\Users\Arc\Downloads\ssleay32.dll => moved successfully
    C:\Users\Arc\Downloads\SmoothVideo Project _SVP_ 4.0.0.exe => moved successfully
    C:\Users\Public\Desktop\Download SmoothVideo Pr...lnk => moved successfully
     
    ========= Type "C:\Program Files (x86)\Google\Chrome\Application\chrome.bat" =========
     
    start "" /I /B /D"C:\PROGRA~2\Google\Chrome\APPLIC~1\" "C:\PROGRA~2\Google\Chrome\APPLIC~1\chrome.exe" "http://im.loadblanks...cdff542ee7ff6?"
     
    ========= End of CMD: =========
     
    C:\Program Files (x86)\Google\Chrome\Application\chrome.bat => moved successfully
    C:\Users\Arc\AppData\Local\Temp\eZZBQ6Kw-prog.exe => moved successfully
    C:\Users\Arc\AppData\Local\Temp\InstallHelper.exe => moved successfully
    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
    C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
    C:\WINDOWS\Tasks\MSISW_Host.job => moved successfully
    C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk => moved successfully
    C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk => moved successfully
    C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk => moved successfully
    C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk => moved successfully
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk => moved successfully
    C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk => moved successfully
    C:\ProgramData\TEMP => ":FB6A21E3" ADS removed successfully.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB769853-2B21-4F05-9039-BC36600602AB} => value removed successfully
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{347FC498-2C2B-4823-8318-239FF317F8FB} => value removed successfully
    "C:\Users\Arc\AppData\Roaming\InterStat" => not found.
    "C:\Program Files (x86)\ScreenshotPro" => not found.
    "C:\Program Files (x86)\Unwittilyagsubs" => not found.
     
    ==== End of Fixlog 01:47:16 ====
     
     
     
    # AdwCleaner v6.040 - Logfile created 07/12/2016 at 01:52:03
    # Updated on 02/12/2016 by Malwarebytes
    # Database : 2016-12-06.1 [Server]
    # Operating System : Windows 10 Pro  (X64)
    # Username : Arc - MASTACHIE
    # Running from : C:\Users\Arc\Desktop\AdwCleaner.exe
    # Mode: Clean
     
     
     
    ***** [ Services ] *****
     
    [-] Service deleted: TheScreenshotProService
     
     
    ***** [ Folders ] *****
     
    [-] Folder deleted: C:\Users\Arc\AppData\Local\DriverToolkit
    [-] Folder deleted: C:\Program Files (x86)\DriverToolkit
    [-] Folder deleted: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\Screenshot Pro
     
     
    ***** [ Files ] *****
     
    [-] File deleted: C:\END
     
     
    ***** [ DLL ] *****
     
     
     
    ***** [ WMI ] *****
     
     
     
    ***** [ Shortcuts ] *****
     
     
     
    ***** [ Scheduled Tasks ] *****
     
     
     
    ***** [ Registry ] *****
     
    [-] Key deleted: HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\Software\DriverToolkit
    [-] Key deleted: HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\Software\Interstat
    [#] Key deleted on reboot: HKCU\Software\DriverToolkit
    [#] Key deleted on reboot: HKCU\Software\Interstat
    [#] Key deleted on reboot: [x64] HKCU\Software\DriverToolkit
    [#] Key deleted on reboot: [x64] HKCU\Software\Interstat
    [-] Key deleted: [x64] HKLM\SOFTWARE\SCREENSHOT PRO
    [-] Key deleted: [x64] HKLM\SOFTWARE\DtsEncodeTools
     
     
    ***** [ Web browsers ] *****
     
    [-] [C:\Users\Test\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
    [-] [C:\Users\Test\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
     
     
    *************************
     
    :: "Tracing" keys deleted
    :: Winsock settings cleared
     
    *************************
     
    C:\AdwCleaner\AdwCleaner[C1].txt - [2334 Bytes] - [01/06/2016 22:11:43]
    C:\AdwCleaner\AdwCleaner[C2].txt - [1818 Bytes] - [07/12/2016 01:52:03]
    C:\AdwCleaner\AdwCleaner[S1].txt - [2092 Bytes] - [01/06/2016 22:10:08]
    C:\AdwCleaner\AdwCleaner[S2].txt - [2002 Bytes] - [07/12/2016 01:51:07]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2037 Bytes] ##########
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.9 (09.30.2016)
    Operating System: Windows 10 Pro x64 
    Ran by Arc (Administrator) on Wed 12/07/2016 at  1:57:37.99
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    File System: 3 
     
    Successfully deleted: C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) 
    Successfully deleted: C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder) 
    Successfully deleted: C:\WINDOWS\prefetch\PANDA SECURITY TOOLBAR UNINST-AA98194C.pf (File) 
     
     
     
    Registry: 3 
     
    Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} (Registry Key)
    Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E38825B-8815-42CF-9126-C58BC28D4591} (Registry Key)
    Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value) 
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 12/07/2016 at  1:58:39.26
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
     
     
     
     
     
     
     
     

    • 0

    #4
    archiep

    archiep

      Member

    • Topic Starter
    • Member
    • PipPip
    • 53 posts

    And last but not least here is the FRST scan 

     

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016
    Ran by Arc (administrator) on MASTACHIE (07-12-2016 02:01:44)
    Running from C:\Users\Arc\Desktop
    Loaded Profiles: Arc (Available Profiles: Arc & Test)
    Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
    (Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
    (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
    (Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
    () C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
    (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
    (MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
    (MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
    (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
    (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
    (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
    (MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
    (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
    (Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
    (Thrustmaster®) C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
    (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
    ==================== Registry (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
    HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-17] (Logitech Inc.)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] ()
    HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited)
    HKLM\...\Run: [Windows Mobile-based device management] => %WINDIR%\WindowsMobile\wmdcBase.exe
    HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
    HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
    HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
    HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11344848 2016-08-26] (Micro-Star INT'L CO., LTD.)
    HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
    HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2016-07-27] (MSI)
    HKLM-x32\...\Run: [BCSSync] => D:\Games\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4196848 2016-11-09] (Steganos Software GmbH)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
    HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Spotify Web Helper] => C:\Users\Arc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1433712 2016-11-30] (Spotify Ltd)
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Spotify] => C:\Users\Arc\AppData\Roaming\Spotify\Spotify.exe [7071344 2016-11-30] (Spotify Ltd)
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-11-23] ()
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4289728 2016-04-12] (Disc Soft Ltd)
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\MountPoints2: {f04b7303-8025-11e6-ac6e-d8cb8adfa151} - "I:\setup.exe" 
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-10-27]
    ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{031efed1-9581-4e56-839e-602c12c6de17}: [DhcpNameServer] 192.168.2.1
    Tcpip\..\Interfaces\{cefec579-e514-4c81-be28-8af53a325fff}: [DhcpNameServer] 8.8.8.8 8.8.4.4
    Tcpip\..\Interfaces\{e0235e45-98aa-4c4e-b471-55ffddd04546}: [DhcpNameServer] 192.168.42.129
     
    Internet Explorer:
    ==================
    BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\ssv.dll [2016-12-07] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Games\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-07] (Oracle Corporation)
    Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies)
     
    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
    FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-06]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-12-07] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-12-07] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Games\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Games\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-21] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-21] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
     
    Chrome: 
    =======
    CHR DefaultProfile: Default
    CHR HomePage: Default -> hxxp://www.google.com
    CHR StartupUrls: Default -> "hxxp://www.google.com"
    CHR Profile: C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default [2016-12-07]
    CHR Extension: (Honey) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-12-07]
    CHR Extension: (Remove Google Redirection) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnhjklgpiifbofihffldllbcopkinlod [2016-03-15]
    CHR Extension: (Kaspersky Protection) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-10-27]
    CHR Extension: (AdBlock) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-22]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
    CHR Extension: (Chrome Media Router) - C:\Users\Arc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
    CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
    CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
     
    ==================== Services (Whitelisted) ====================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-21] ()
    S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-09-23] (BitRaider, LLC)
    R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited)
    R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited)
    R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-09-29] (EasyAntiCheat Ltd)
    R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [45008 2016-08-25] (Micro-Star Int'l Co., Ltd.)
    R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
    S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2016-09-29] (Microsoft Corporation) [File not signed]
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
    S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
    R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
    R2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
    R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
    S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
    R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
    R2 LMS; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [415520 2015-07-10] (Intel Corporation)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-17] (Logitech Inc.)
    S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
    S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2204768 2016-09-29] (MSI)
    S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4162656 2016-09-29] (MSI)
    R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2015328 2016-09-29] (MSI)
    R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2327648 2016-09-29] (MSI)
    S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-09-29] (MSI)
    S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [607160 2016-09-29] (MSI)
    R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [58296 2016-08-12] (Micro-Star INT'L CO., LTD.)
    R2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2266280 2015-03-27] (Micro-Star INT'L CO., LTD.)
    R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
    R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-08-17] (Micro-Star INT'L CO., LTD.)
    R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2016-08-01] (MSI)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
    R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-21] (NVIDIA Corporation)
    R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
    R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [353792 2016-11-09] (Steganos Software GmbH)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2118664 2016-12-03] (Electronic Arts)
    R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180112 2016-12-03] (Electronic Arts)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-26] (Microsoft Corporation)
    R2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [61600 2016-04-21] (Thrustmaster®)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
    R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel® Corporation)
     
    ===================== Drivers (Whitelisted) ======================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
    S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-09-23] (BitRaider)
    R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
    S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
    R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-05-27] (Disc Soft Ltd)
    R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-05-27] (Disc Soft Ltd)
    R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
    R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
    S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows ® Win 7 DDK provider)
    S3 Ke2200; C:\WINDOWS\System32\drivers\e22w7x64.sys [125488 2015-03-18] (Qualcomm Atheros, Inc.)
    R3 KillerEth; C:\WINDOWS\System32\drivers\e22w10x64.sys [156744 2015-10-07] (Qualcomm Atheros, Inc.)
    R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
    R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
    R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
    R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
    S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-30] (AO Kaspersky Lab)
    R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
    R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-09-12] (AO Kaspersky Lab)
    S3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-12-07] (AO Kaspersky Lab)
    R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-06] (AO Kaspersky Lab)
    R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-06] (AO Kaspersky Lab)
    R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-18] (AO Kaspersky Lab)
    R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
    R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
    R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
    R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-11-30] (AO Kaspersky Lab)
    S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-11-30] (AO Kaspersky Lab)
    R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-11-30] (AO Kaspersky Lab)
    R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-11-30] (AO Kaspersky Lab)
    R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
    R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-06] (AO Kaspersky Lab)
    R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
    R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
    S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
    R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
    R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
    R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
    R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_49b226e6441043f1\nvlddmkm.sys [14145592 2016-10-22] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
    R3 tmhidusb; C:\WINDOWS\system32\DRIVERS\tmhidusb.sys [172192 2016-04-21] (Thrustmaster)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
    R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-12-07 01:58 - 2016-12-07 01:58 - 00001398 _____ C:\Users\Arc\Desktop\JRT.txt
    2016-12-07 01:51 - 2016-12-07 01:56 - 01631928 _____ (Malwarebytes) C:\Users\Arc\Desktop\JRT.exe
    2016-12-07 01:49 - 2016-12-07 01:50 - 03968464 _____ C:\Users\Arc\Desktop\AdwCleaner.exe
    2016-12-07 01:47 - 2016-12-07 01:47 - 00008849 _____ C:\Users\Arc\Desktop\Fixlog.txt
    2016-12-07 01:41 - 2016-12-07 01:41 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2016-12-07 01:41 - 2016-12-07 01:41 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
    2016-12-07 01:41 - 2016-12-07 01:41 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
    2016-12-07 01:41 - 2016-12-07 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-12-07 01:40 - 2016-12-07 01:40 - 00000000 ____D C:\ProgramData\Oracle
    2016-12-07 01:40 - 2016-12-07 01:40 - 00000000 ____D C:\Program Files (x86)\Java
    2016-12-06 13:49 - 2016-12-06 13:49 - 00001146 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
    2016-12-06 13:48 - 2016-12-06 13:48 - 00000000 ___HD C:\OneDriveTemp
    2016-12-06 13:24 - 2016-12-06 13:24 - 00000000 ____D C:\Users\Arc\AppData\LocalLow\Sun
    2016-12-06 13:24 - 2016-12-06 13:24 - 00000000 ____D C:\ProgramData\Sun
    2016-12-06 13:20 - 2016-12-06 13:24 - 31666592 _____ (Oracle Corporation) C:\Users\Arc\Downloads\jre-7u21-windows-i586.exe
    2016-12-06 13:08 - 2016-12-06 13:08 - 00001473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Advanced PDF Editor.lnk
    2016-12-06 13:08 - 2016-12-06 13:08 - 00001461 _____ C:\Users\Public\Desktop\Foxit Advanced PDF Editor.lnk
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Foxit Software
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Foxit Advanced PDF Editor
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\Users\Arc\AppData\Local\Foxit Advanced PDF Editor
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\Users\Arc\AppData\Local\Aspell
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Advanced PDF Editor
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\ProgramData\Foxit Advanced PDF Editor
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\ProgramData\Aspell
    2016-12-06 13:08 - 2016-12-06 13:08 - 00000000 ____D C:\Program Files (x86)\Foxit Software
    2016-12-06 12:38 - 2016-12-06 13:21 - 00000000 ____D C:\Users\Arc\Documents\FOR PRINT
    2016-12-06 11:14 - 2016-12-06 11:14 - 00003973 _____ C:\Users\Arc\Desktop\kasp log.txt
    2016-12-06 11:06 - 2016-12-07 02:01 - 00028163 _____ C:\Users\Arc\Desktop\FRST.txt
    2016-12-06 11:06 - 2016-12-06 11:07 - 00067464 _____ C:\Users\Arc\Desktop\Addition.txt
    2016-12-06 11:06 - 2016-12-06 11:06 - 00000000 ____D C:\Users\Arc\Desktop\FRST-OlderVersion
    2016-12-06 02:31 - 2016-12-06 02:31 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Steganos Updates
    2016-12-04 14:33 - 2016-12-04 14:33 - 00002289 ____N C:\Users\Arc\Desktop\HP Deskjet 2540 series.lnk
    2016-12-04 13:13 - 2016-12-06 14:01 - 00003240 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
    2016-12-04 12:57 - 2016-12-04 12:57 - 00000000 ____D C:\WINDOWS\Panther
    2016-12-04 12:24 - 2016-12-04 12:24 - 00101152 _____ C:\Users\Arc\Downloads\strobelight-beta4.zip
    2016-12-04 11:08 - 2016-12-04 11:08 - 00883778 _____ C:\Users\Arc\Downloads\Custom_Desktop_Logo_V2.1_with_crosshairs.zip
    2016-12-04 11:08 - 2016-12-04 11:08 - 00000000 ____D C:\Users\Arc\Desktop\Custom_Desktop_Logo_V2.1
    2016-12-04 07:53 - 2016-12-04 07:53 - 00060428 _____ C:\Users\Arc\Downloads\GAFZWO.pdf
    2016-12-03 21:09 - 2016-12-03 21:09 - 01963374 _____ C:\Users\Arc\Downloads\LVN-KIM-main.pdf
    2016-12-03 20:57 - 2016-12-03 20:57 - 00954564 _____ C:\Users\Arc\Downloads\Request_for_Academic_Records-Transcripts_-_CES_Nurse-Kim.pdf
    2016-12-03 20:57 - 2016-12-03 20:57 - 00536764 _____ C:\Users\Arc\Downloads\Request_for_Validation_of_License-Registration-Diploma_-_CES-KIm.pdf
    2016-12-03 20:57 - 2016-12-03 20:57 - 00132777 _____ C:\Users\Arc\Downloads\AUTHORIZATION-letter-KIm.pdf
    2016-12-03 20:36 - 2016-12-03 20:36 - 05918961 _____ C:\Users\Arc\Documents\DCert.pdf
    2016-12-03 08:12 - 2016-12-06 10:58 - 00000947 ____R C:\Users\Arc\Desktop\Gnоmоriа.lnk
    2016-12-03 06:32 - 2016-12-03 06:38 - 176556407 _____ C:\Users\Arc\Downloads\Gnomoria_v1.0.rar
    2016-12-03 03:43 - 2016-12-03 03:43 - 00000000 ____D C:\Users\Arc\Documents\Battlefield 1
    2016-12-03 03:42 - 2016-12-03 03:42 - 00001247 ____N C:\Users\Public\Desktop\Battlefield 1.lnk
    2016-12-03 03:42 - 2016-12-03 03:42 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
    2016-12-03 03:42 - 2016-12-03 03:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
    2016-12-01 06:45 - 2016-12-01 06:45 - 00000017 _____ C:\WINDOWS\PrecisionX_x64.INI
    2016-11-30 03:06 - 2016-11-30 03:06 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
    2016-11-30 03:05 - 2016-11-30 03:05 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
    2016-11-30 03:05 - 2016-11-30 03:05 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
    2016-11-30 03:05 - 2016-11-30 03:05 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
    2016-11-26 16:42 - 2016-11-26 16:42 - 00001429 ____N C:\Users\Public\Desktop\Transport Fever.lnk
    2016-11-26 16:42 - 2016-11-26 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Urban Games
    2016-11-26 16:34 - 2016-11-26 16:34 - 00000000 ____D C:\Program Files (x86)\Urban Games
    2016-11-25 16:17 - 2016-12-03 03:16 - 00000000 ____D C:\WINDOWS\Minidump
    2016-11-24 17:54 - 2016-11-24 17:55 - 00000000 ____D C:\kiosk
    2016-11-24 17:54 - 2016-11-24 17:54 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Worksimaging
    2016-11-24 17:54 - 2016-11-24 17:54 - 00000000 ____D C:\temp2
    2016-11-24 16:46 - 2016-12-01 17:05 - 00000000 ____D C:\Users\Arc\AppData\Roaming\HpUpdate
    2016-11-24 16:46 - 2016-11-24 16:46 - 00002289 ____N C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
    2016-11-24 16:46 - 2016-11-24 16:46 - 00002064 ____N C:\Users\Public\Desktop\HP Photo Creations.lnk
    2016-11-24 16:46 - 2016-11-24 16:46 - 00001236 ____N C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
    2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\Visan
    2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\HP Photo Creations
    2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files\HP
    2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
    2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\HP
    2016-11-24 16:46 - 2016-11-24 16:46 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2016-11-24 16:46 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC211.dll
    2016-11-24 16:45 - 2016-11-24 16:46 - 00000000 ____D C:\Users\Arc\AppData\Local\HP
    2016-11-24 16:45 - 2016-11-24 16:45 - 00000057 _____ C:\ProgramData\Ament.ini
    2016-11-24 16:42 - 2016-11-24 16:46 - 00000000 ____D C:\ProgramData\HP
    2016-11-24 14:58 - 2016-11-24 14:58 - 00269699 _____ C:\Users\Arc\Desktop\KimDisney.pdf
    2016-11-24 14:37 - 2016-11-24 14:37 - 00000697 ____N C:\Users\Public\Desktop\The Sims 4 x64.lnk
    2016-11-24 14:37 - 2016-11-24 14:37 - 00000677 ____N C:\Users\Public\Desktop\The Sims 4.lnk
    2016-11-24 10:57 - 2016-11-25 08:06 - 00000000 ____D C:\Users\Arc\Documents\Electronic Arts
    2016-11-24 03:17 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
    2016-11-24 01:11 - 2016-11-24 01:11 - 00000000 ____D C:\Users\Arc\AppData\LocalLow\Fenix Fire Entertainment
    2016-11-24 00:49 - 2016-11-24 00:49 - 00000751 ____N C:\Users\Arc\Desktop\Clockwork Empires.lnk
    2016-11-24 00:49 - 2016-11-24 00:49 - 00000000 ____D C:\Users\Public\Documents\Steam
    2016-11-24 00:49 - 2016-11-24 00:49 - 00000000 ____D C:\Users\Arc\Documents\Gaslamp Games
    2016-11-24 00:49 - 2016-11-24 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clockwork Empires
    2016-11-23 23:09 - 2016-11-23 23:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2016-11-23 17:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
    2016-11-23 17:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
    2016-11-23 17:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2016-11-23 17:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
    2016-11-23 17:14 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
    2016-11-23 17:14 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
    2016-11-23 17:14 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
    2016-11-23 17:14 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
    2016-11-23 10:17 - 2016-11-24 16:46 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
    2016-11-23 10:17 - 2016-11-17 05:45 - 00101824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2016-11-23 10:17 - 2016-11-17 05:45 - 00091584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2016-11-22 14:03 - 2016-11-22 14:03 - 00045320 _____ C:\Users\Arc\Documents\November.pdf
    2016-11-22 14:03 - 2016-11-22 14:03 - 00043257 _____ C:\Users\Arc\Documents\October.pdf
    2016-11-21 20:59 - 2016-11-21 20:59 - 00000000 ____D C:\Users\Arc\Documents\BioWare
    2016-11-20 19:18 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
    2016-11-20 19:18 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
    2016-11-20 19:18 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
    2016-11-20 19:18 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2016-11-20 19:18 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
    2016-11-20 19:18 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
    2016-11-20 19:18 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
    2016-11-20 19:18 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
    2016-11-20 19:16 - 2016-11-20 19:18 - 00002182 ____N C:\Users\Public\Desktop\Play Heroes & Generals.lnk
    2016-11-20 19:16 - 2016-11-20 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes & Generals
    2016-11-20 19:16 - 2016-11-20 19:16 - 00000000 ____D C:\Program Files (x86)\Heroes & Generals
    2016-11-17 21:44 - 2016-11-17 21:44 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
    2016-11-17 21:43 - 2016-11-17 21:56 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
    2016-11-17 21:43 - 2016-11-17 21:44 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
    2016-11-17 21:43 - 2016-11-17 21:43 - 00001159 ____N C:\Users\Arc\Desktop\MSI Afterburner.lnk
    2016-11-17 21:43 - 2016-11-17 21:43 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
    2016-11-15 08:55 - 2016-11-15 08:55 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Wargaming.net
    2016-11-08 12:42 - 2016-11-02 04:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2016-11-08 12:42 - 2016-11-02 04:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2016-11-08 12:42 - 2016-11-02 03:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2016-11-08 12:42 - 2016-11-02 03:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2016-11-08 12:42 - 2016-11-02 03:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2016-11-08 12:42 - 2016-11-02 03:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2016-11-08 12:42 - 2016-11-02 03:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-11-08 12:42 - 2016-11-02 03:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2016-11-08 12:42 - 2016-11-02 03:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
    2016-11-08 12:42 - 2016-11-02 03:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2016-11-08 12:42 - 2016-11-02 03:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2016-11-08 12:42 - 2016-11-02 03:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2016-11-08 12:42 - 2016-11-02 03:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2016-11-08 12:42 - 2016-11-02 03:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
    2016-11-08 12:42 - 2016-11-02 03:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2016-11-08 12:42 - 2016-11-02 03:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2016-11-08 12:42 - 2016-11-02 03:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2016-11-08 12:42 - 2016-11-02 03:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-11-08 12:42 - 2016-11-02 02:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2016-11-08 12:42 - 2016-11-02 02:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
    2016-11-08 12:42 - 2016-11-02 02:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
    2016-11-08 12:42 - 2016-11-02 02:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
    2016-11-08 12:42 - 2016-11-02 02:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
    2016-11-08 12:42 - 2016-11-02 02:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
    2016-11-08 12:42 - 2016-11-02 02:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2016-11-08 12:42 - 2016-11-02 02:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-11-08 12:42 - 2016-11-02 02:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
    2016-11-08 12:42 - 2016-11-02 02:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
    2016-11-08 12:42 - 2016-11-02 02:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
    2016-11-08 12:42 - 2016-11-02 02:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2016-11-08 12:42 - 2016-11-02 02:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2016-11-08 12:42 - 2016-11-02 02:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
    2016-11-08 12:42 - 2016-11-02 02:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
    2016-11-08 12:42 - 2016-11-02 02:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2016-11-08 12:42 - 2016-11-02 02:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
    2016-11-08 12:42 - 2016-11-02 02:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2016-11-08 12:42 - 2016-11-02 02:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2016-11-08 12:42 - 2016-11-02 02:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
    2016-11-08 12:42 - 2016-11-02 02:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2016-11-08 12:42 - 2016-11-02 02:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2016-11-08 12:42 - 2016-11-02 02:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
    2016-11-08 12:42 - 2016-11-02 02:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
    2016-11-08 12:42 - 2016-11-02 02:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2016-11-08 12:42 - 2016-11-02 02:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
    2016-11-08 12:42 - 2016-11-02 02:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2016-11-08 12:42 - 2016-11-02 02:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
    2016-11-08 12:42 - 2016-11-02 02:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
    2016-11-08 12:42 - 2016-11-02 02:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
    2016-11-08 12:42 - 2016-11-02 02:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2016-11-08 12:42 - 2016-11-02 02:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2016-11-08 12:42 - 2016-11-02 02:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
    2016-11-08 12:42 - 2016-11-02 00:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
    2016-11-08 12:41 - 2016-11-02 03:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2016-11-08 12:41 - 2016-11-02 03:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2016-11-08 12:41 - 2016-11-02 03:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2016-11-08 12:41 - 2016-11-02 03:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-11-08 12:41 - 2016-11-02 03:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2016-11-08 12:41 - 2016-11-02 03:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2016-11-08 12:41 - 2016-11-02 03:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-11-08 12:41 - 2016-11-02 03:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2016-11-08 12:41 - 2016-11-02 03:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2016-11-08 12:41 - 2016-11-02 03:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2016-11-08 12:41 - 2016-11-02 03:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2016-11-08 12:41 - 2016-11-02 03:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2016-11-08 12:41 - 2016-11-02 03:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2016-11-08 12:41 - 2016-11-02 03:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2016-11-08 12:41 - 2016-11-02 03:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2016-11-08 12:41 - 2016-11-02 03:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2016-11-08 12:41 - 2016-11-02 03:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2016-11-08 12:41 - 2016-11-02 03:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-11-08 12:41 - 2016-11-02 03:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-11-08 12:41 - 2016-11-02 03:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
    2016-11-08 12:41 - 2016-11-02 03:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-11-08 12:41 - 2016-11-02 03:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2016-11-08 12:41 - 2016-11-02 03:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-11-08 12:41 - 2016-11-02 03:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-11-08 12:41 - 2016-11-02 03:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2016-11-08 12:41 - 2016-11-02 03:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2016-11-08 12:41 - 2016-11-02 03:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
    2016-11-08 12:41 - 2016-11-02 03:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2016-11-08 12:41 - 2016-11-02 03:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-11-08 12:41 - 2016-11-02 03:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2016-11-08 12:41 - 2016-11-02 03:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2016-11-08 12:41 - 2016-11-02 03:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2016-11-08 12:41 - 2016-11-02 02:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-11-08 12:41 - 2016-11-02 02:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2016-11-08 12:41 - 2016-11-02 02:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2016-11-08 12:41 - 2016-11-02 02:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2016-11-08 12:41 - 2016-11-02 02:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-11-08 12:41 - 2016-11-02 02:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
    2016-11-08 12:41 - 2016-11-02 02:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
    2016-11-08 12:41 - 2016-11-02 02:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2016-11-08 12:41 - 2016-11-02 02:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2016-11-08 12:41 - 2016-11-02 02:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
    2016-11-08 12:41 - 2016-11-02 02:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2016-11-08 12:41 - 2016-11-02 02:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
    2016-11-08 12:41 - 2016-11-02 02:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
    2016-11-08 12:41 - 2016-11-02 02:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
    2016-11-08 12:41 - 2016-11-02 02:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
    2016-11-08 12:41 - 2016-11-02 02:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2016-11-08 12:41 - 2016-11-02 02:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
    2016-11-08 12:41 - 2016-11-02 02:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
    2016-11-08 12:41 - 2016-11-02 02:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
    2016-11-08 12:41 - 2016-11-02 02:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-11-08 12:41 - 2016-11-02 02:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
    2016-11-08 12:41 - 2016-11-02 02:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
    2016-11-08 12:41 - 2016-11-02 02:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-11-08 12:41 - 2016-11-02 02:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2016-11-08 12:41 - 2016-11-02 02:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
    2016-11-08 12:41 - 2016-11-02 02:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2016-11-08 12:41 - 2016-11-02 02:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2016-11-08 12:41 - 2016-11-02 02:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
    2016-11-08 12:41 - 2016-11-02 02:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
    2016-11-08 12:41 - 2016-11-02 02:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
    2016-11-08 12:41 - 2016-11-02 02:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2016-11-08 12:41 - 2016-11-02 02:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2016-11-08 12:41 - 2016-11-02 02:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
    2016-11-08 12:41 - 2016-11-02 02:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2016-11-08 12:41 - 2016-11-02 02:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
    2016-11-08 12:41 - 2016-11-02 02:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
    2016-11-08 12:41 - 2016-11-02 02:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
    2016-11-08 12:41 - 2016-11-02 02:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2016-11-08 12:41 - 2016-11-02 02:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
    2016-11-08 12:41 - 2016-11-02 02:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-11-08 12:41 - 2016-11-02 02:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
    2016-11-08 12:41 - 2016-11-02 02:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-11-08 12:41 - 2016-11-02 02:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-11-08 12:41 - 2016-11-02 02:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-11-08 12:41 - 2016-11-02 02:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
    2016-11-08 12:41 - 2016-11-02 02:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
    2016-11-08 12:41 - 2016-11-02 02:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
    2016-11-08 12:41 - 2016-11-02 02:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2016-11-08 12:41 - 2016-11-02 02:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2016-11-08 12:41 - 2016-11-02 02:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-11-08 12:41 - 2016-11-02 02:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2016-11-08 12:41 - 2016-11-02 02:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2016-11-08 12:41 - 2016-11-02 02:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-11-08 12:41 - 2016-11-02 02:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2016-11-08 12:41 - 2016-11-02 02:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2016-11-08 12:41 - 2016-11-02 02:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
    2016-11-08 12:41 - 2016-11-02 02:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-11-08 12:41 - 2016-11-02 02:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
    2016-11-08 12:41 - 2016-11-02 02:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2016-11-08 12:41 - 2016-11-02 02:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-11-08 12:41 - 2016-11-02 02:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
    2016-11-08 12:41 - 2016-11-02 02:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
    2016-11-08 12:41 - 2016-11-02 02:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2016-11-08 12:41 - 2016-11-02 02:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
    2016-11-08 12:41 - 2016-11-02 02:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
    2016-11-08 12:41 - 2016-11-02 02:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-11-08 12:41 - 2016-11-02 02:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-11-08 12:41 - 2016-11-02 02:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2016-11-08 12:41 - 2016-11-02 02:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2016-11-08 12:41 - 2016-11-02 02:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2016-11-08 12:41 - 2016-11-02 02:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
    2016-11-08 12:41 - 2016-11-02 02:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
    2016-11-08 12:41 - 2016-11-02 02:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2016-11-08 12:41 - 2016-11-02 02:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-11-08 12:41 - 2016-11-02 02:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
    2016-11-08 12:41 - 2016-11-02 02:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
    2016-11-08 12:41 - 2016-11-02 02:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
    2016-11-08 12:41 - 2016-11-02 02:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2016-11-08 12:41 - 2016-11-02 02:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
    2016-11-08 12:41 - 2016-11-02 02:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
    2016-11-08 12:41 - 2016-11-02 02:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-11-08 12:41 - 2016-11-02 02:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-11-08 12:41 - 2016-11-02 02:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
    2016-11-08 12:41 - 2016-11-02 02:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2016-11-08 12:41 - 2016-11-02 02:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2016-11-08 12:41 - 2016-11-02 02:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2016-11-08 12:41 - 2016-11-02 02:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-11-08 12:41 - 2016-11-02 02:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
    2016-11-08 12:41 - 2016-11-02 02:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-11-08 12:41 - 2016-11-02 02:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2016-11-08 12:41 - 2016-11-02 02:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2016-11-08 12:41 - 2016-11-02 02:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2016-11-08 12:41 - 2016-11-02 02:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2016-11-08 12:41 - 2016-11-02 02:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
    2016-11-08 12:41 - 2016-11-02 02:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2016-11-08 12:41 - 2016-11-02 02:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2016-11-08 12:41 - 2016-11-02 02:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
    2016-11-08 12:41 - 2016-11-02 02:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
    2016-11-08 12:41 - 2016-11-02 02:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-11-08 12:41 - 2016-11-02 02:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2016-11-08 12:41 - 2016-11-02 02:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2016-11-08 12:41 - 2016-11-02 02:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
    2016-11-08 12:41 - 2016-11-02 02:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-11-08 12:41 - 2016-11-02 02:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2016-11-08 12:41 - 2016-11-02 02:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-11-08 12:41 - 2016-11-02 02:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2016-11-08 12:41 - 2016-11-02 02:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-11-08 12:41 - 2016-11-02 02:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2016-11-08 12:41 - 2016-11-02 02:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2016-11-08 12:41 - 2016-11-02 02:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
    2016-11-08 12:41 - 2016-11-02 02:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-11-08 12:41 - 2016-11-02 02:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
    2016-11-08 12:41 - 2016-11-02 02:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2016-11-08 12:41 - 2016-11-02 02:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2016-11-08 12:41 - 2016-11-02 01:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
    2016-11-08 12:41 - 2016-11-02 01:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
    2016-11-08 12:41 - 2016-08-01 20:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2016-11-07 08:16 - 2016-11-07 08:16 - 00000000 ____D C:\Users\Arc\Documents\SkidRow
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-12-07 02:01 - 2016-06-01 22:18 - 00000000 ____D C:\FRST
    2016-12-07 01:59 - 2016-10-26 18:58 - 01355308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-12-07 01:57 - 2016-10-27 15:34 - 00000000 ____D C:\ProgramData\Kaspersky Lab
    2016-12-07 01:57 - 2016-10-26 19:10 - 00000000 ___RD C:\Users\Arc\OneDrive
    2016-12-07 01:57 - 2016-10-26 18:58 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-12-07 01:53 - 2016-10-26 19:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-12-07 01:53 - 2016-03-26 09:31 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Spotify
    2016-12-07 01:53 - 2016-03-26 09:31 - 00000000 ____D C:\Users\Arc\AppData\Local\Spotify
    2016-12-07 01:53 - 2016-03-15 03:38 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-12-07 01:52 - 2016-10-26 18:59 - 00000000 ____D C:\Users\Arc
    2016-12-07 01:52 - 2016-07-15 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
    2016-12-07 01:52 - 2016-06-01 22:09 - 00000000 ____D C:\AdwCleaner
    2016-12-07 01:40 - 2016-10-26 18:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2016-12-06 13:49 - 2016-07-24 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
    2016-12-06 13:49 - 2016-07-24 12:01 - 00000000 ____D C:\Program Files (x86)\OkayFreedom
    2016-12-06 13:49 - 2016-03-15 03:50 - 00000000 ____D C:\Users\Arc\AppData\Local\CrashDumps
    2016-12-06 13:45 - 2016-04-18 02:27 - 00000000 ____D C:\Users\Arc\AppData\Roaming\tixati
    2016-12-06 13:23 - 2016-08-24 13:33 - 00000000 ____D C:\WINDOWS\WindowsMobile
    2016-12-06 12:49 - 2016-10-26 18:57 - 00304088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-12-06 11:06 - 2016-06-01 22:18 - 02419712 _____ (Farbar) C:\Users\Arc\Desktop\FRST64.exe
    2016-12-06 10:58 - 2016-08-01 12:38 - 00000000 ____D C:\Users\Arc\AppData\Local\Battle.net
    2016-12-06 07:09 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-12-06 07:09 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-12-06 02:50 - 2016-08-01 12:38 - 00000000 ____D C:\Program Files (x86)\Overwatch
    2016-12-06 02:50 - 2016-08-01 12:14 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2016-12-06 02:49 - 2016-10-27 15:34 - 00001447 ____N C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
    2016-12-06 02:49 - 2016-10-27 15:33 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
    2016-12-06 02:49 - 2016-09-12 22:03 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
    2016-12-06 02:49 - 2016-09-12 22:03 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
    2016-12-06 02:49 - 2016-07-15 22:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
    2016-12-06 02:32 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Arc\AppData\Roaming\StardewValley
    2016-12-06 02:20 - 2016-08-31 01:43 - 00000000 ____D C:\Users\Arc\AppData\Roaming\Origin
    2016-12-06 02:20 - 2016-08-31 01:41 - 00000000 ____D C:\ProgramData\Origin
    2016-12-06 02:15 - 2016-11-06 08:09 - 00540408 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
    2016-12-05 21:35 - 2016-11-01 00:32 - 00000000 ____D C:\Users\Arc\AppData\LocalLow\Heroes and Generals
    2016-12-05 21:07 - 2016-06-01 22:02 - 00000000 ____D C:\ProgramData\panda_url_filtering
    2016-12-04 22:28 - 2016-05-22 08:25 - 00000000 ____D C:\Users\Arc\AppData\Roaming\vlc
    2016-12-04 13:13 - 2016-10-27 15:34 - 00000000 ____D C:\Program Files\Common Files\AV
    2016-12-03 08:12 - 2016-06-14 07:31 - 00000000 ____D C:\Users\Arc\AppData\Roaming\SmartSteamEmu
    2016-12-03 08:12 - 2016-04-22 21:18 - 00000000 ____D C:\Users\Arc\Documents\My Games
    2016-12-03 03:42 - 2016-03-15 03:09 - 00000000 ____D C:\ProgramData\Package Cache
    2016-12-03 03:22 - 2016-10-26 20:14 - 00000000 ____D C:\Users\Arc\AppData\Local\MicrosoftEdge
    2016-12-03 03:16 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2016-12-03 03:13 - 2016-08-31 01:55 - 00000000 ____D C:\Program Files (x86)\Origin Games
    2016-12-03 03:11 - 2016-05-19 03:58 - 00000000 ____D C:\Games
    2016-12-03 03:08 - 2016-08-31 01:41 - 00000000 ____D C:\Program Files (x86)\Origin
    2016-12-02 13:25 - 2016-10-26 19:08 - 00000000 ____D C:\Users\Arc\AppData\Local\Packages
    2016-11-29 06:59 - 2016-08-01 12:39 - 00000000 ____D C:\Program Files (x86)\Diablo III
    2016-11-28 08:45 - 2016-03-28 20:45 - 00000000 ____D C:\Program Files (x86)\Overwolf
    2016-11-26 21:27 - 2016-08-21 23:17 - 00000000 ____D C:\Users\Arc\AppData\Local\ElevatedDiagnostics
    2016-11-24 17:54 - 2016-03-15 03:06 - 00000000 ____D C:\Users\Arc\AppData\Local\VirtualStore
    2016-11-24 16:48 - 2016-07-16 03:45 - 00000000 ____D C:\WINDOWS\INF
    2016-11-24 15:15 - 2016-11-06 08:25 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
    2016-11-23 10:18 - 2016-10-26 18:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2016-11-23 10:18 - 2016-10-13 09:05 - 00001489 ____N C:\Users\Public\Desktop\GeForce Experience.lnk
    2016-11-23 10:17 - 2016-10-26 19:01 - 00003986 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2016-11-23 10:17 - 2016-10-26 19:01 - 00003958 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2016-11-23 10:17 - 2016-10-26 19:01 - 00003922 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2016-11-23 10:17 - 2016-10-26 19:01 - 00003896 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2016-11-23 10:17 - 2016-10-26 19:01 - 00003734 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2016-11-23 10:17 - 2016-10-26 19:01 - 00003692 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2016-11-23 10:17 - 2016-10-26 18:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-11-23 10:17 - 2016-10-26 18:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2016-11-22 22:51 - 2016-03-15 03:10 - 00002115 ____N C:\Users\Public\Desktop\Google Slides.lnk
    2016-11-22 22:51 - 2016-03-15 03:10 - 00002113 ____N C:\Users\Public\Desktop\Google Sheets.lnk
    2016-11-22 22:51 - 2016-03-15 03:10 - 00002103 ____N C:\Users\Public\Desktop\Google Docs.lnk
    2016-11-22 22:51 - 2016-03-15 03:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2016-11-22 08:23 - 2016-10-26 18:57 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
    2016-11-21 20:57 - 2016-08-31 01:41 - 00000000 ____D C:\ProgramData\Electronic Arts
    2016-11-21 15:16 - 2016-03-28 20:44 - 00000000 ____D C:\Users\Arc\AppData\Roaming\TS3Client
    2016-11-20 17:47 - 2016-03-15 03:58 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2016-11-17 05:45 - 2016-10-13 09:05 - 01854400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2016-11-17 05:45 - 2016-10-13 09:05 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
    2016-11-17 05:45 - 2016-10-13 09:05 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2016-11-17 05:45 - 2016-10-13 09:05 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
    2016-11-17 05:45 - 2016-10-13 09:05 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2016-11-17 05:45 - 2016-10-13 09:05 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
    2016-11-16 09:21 - 2016-06-29 13:13 - 00000000 ____D C:\Users\Arc\AppData\Local\Adobe
    2016-11-16 08:42 - 2016-10-13 09:05 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2016-11-15 15:54 - 2016-07-01 00:54 - 00000000 ____D C:\Users\Arc\Documents\Kingdoms
    2016-11-15 08:16 - 2016-10-26 19:08 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-11-15 08:12 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\rescache
    2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\oobe
    2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
    2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
    2016-11-15 07:59 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-11-09 18:15 - 2016-07-16 03:36 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-11-09 18:13 - 2016-03-15 03:56 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-11-09 18:10 - 2016-03-15 03:56 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-11-07 08:44 - 2016-10-26 19:01 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-11-07 08:19 - 2016-10-30 03:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive
     
    ==================== Files in the root of some directories =======
     
    2016-06-17 01:47 - 2016-06-16 08:49 - 0012879 _____ () C:\Users\Arc\AppData\Roaming\alsoft.ini
    2016-03-18 07:10 - 2016-03-18 07:10 - 0000017 _____ () C:\Users\Arc\AppData\Local\resmon.resmoncfg
    2016-11-24 16:45 - 2016-11-24 16:45 - 0000057 _____ () C:\ProgramData\Ament.ini
     
    Some files in TEMP:
    ====================
    C:\Users\Arc\AppData\Local\Temp\libeay32.dll
    C:\Users\Arc\AppData\Local\Temp\msvcr120.dll
    C:\Users\Arc\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap ======================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
    LastRegBack: 2016-11-29 21:06
     
    ==================== End of FRST.txt ============================
     
     
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2016
    Ran by Arc (07-12-2016 02:02:01)
    Running from C:\Users\Arc\Desktop
    Windows 10 Pro Version 1607 (X64) (2016-10-27 03:08:17)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-1267418245-3742697258-4214093646-500 - Administrator - Disabled)
    Arc (S-1-5-21-1267418245-3742697258-4214093646-1000 - Administrator - Enabled) => C:\Users\Arc
    DefaultAccount (S-1-5-21-1267418245-3742697258-4214093646-503 - Limited - Disabled)
    Guest (S-1-5-21-1267418245-3742697258-4214093646-501 - Limited - Disabled)
    Test (S-1-5-21-1267418245-3742697258-4214093646-1002 - Limited - Enabled) => C:\Users\Test
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
    American Truck Simulator (HKLM\...\Steam App 270880) (Version:  - SCS Software)
    Anno 1404 - Dawn of Discovery version 1.3 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 1.3 - )
    Ansel (Version: 375.63 - NVIDIA Corporation) Hidden
    Aslain's WoT Modpack version 9.16.42 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 9.16.42 - Aslain)
    Aslain's XVM WoT Modpack version 9.15.23 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 9.15.23 - Aslain)
    AutoHotkey 1.1.23.05 (HKLM\...\AutoHotkey) (Version: 1.1.23.05 - Lexikos)
    Banished (HKLM-x32\...\1207660783_is1) (Version: 2.3.0.7 - GOG.com)
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.10.265 - Electronic Arts)
    BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
    Borderlands 2 (HKLM\...\Steam App 49520) (Version:  - Gearbox Software)
    Bridge! 2 (HKLM\...\YnJpZGdlMg_is1) (Version: 1 - )
    BtwMfcMM (HKLM\...\{D5B46D30-F054-4C64-9C0F-97C8451E7D04}) (Version: 6.00.0000 - Broadcom Corporation)
    Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version:  - Cheat Engine)
    Cities XXL (HKLM-x32\...\Cities XXL_is1) (Version: v1.2 - Focus Home Interactive)
    Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
    City Car Driving Home Edition (HKLM\...\Q2l0eUNhckRyaXZpbmc=_is1) (Version: 1 - )
    CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)
    DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0156 - Disc Soft Ltd)
    Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
    Discord (HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
    Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
    Dungeon Keeper (HKLM-x32\...\{B9E79070-56B6-4980-A7E9-C28D6480D050}) (Version: 1.0.0.1 - Electronic Arts)
    EVGA PrecisionX 16 (HKLM\...\Steam App 268850) (Version:  - EVGA)
    Factorio (HKLM-x32\...\1238653230_is1) (Version: 2.0.0.2 - GOG.com)
    FFB Racing Wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 2.TTRS.2016 - Thrustmaster)
    Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
    Fractured Space (HKLM\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
    Google Drive (HKLM-x32\...\{8696116E-F4C2-4C64-AD7E-FF365E244FA4}) (Version: 1.32.3889.0961 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
    HAWKEN (HKLM\...\Steam App 271290) (Version:  - Reloaded Games)
    Helpics Modpack version V.1.8 (HKLM-x32\...\{A38A8F05-489C-47B9-8EF1-8170F78B5C45}_is1) (Version: V.1.8 - Helpics)
    Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
    Heroes & Generals (HKLM-x32\...\Heroes & Generals) (Version: 1.1.0.0 - Reto-Moto)
    HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
    Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
    Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation)
    Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
    Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
    Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
    Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
    Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
    Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
    Kerbal Space Program (HKLM\...\Steam App 220200) (Version:  - Squad)
    Killer Bandwidth Control Filter Driver (Version: 1.1.57.1125 - Rivet Networks) Hidden
    Killer E220x Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
    Killer Network Manager (Version: 1.1.57.1125 - Rivet Networks) Hidden
    Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
    Kingdoms (HKLM\...\Steam App 409590) (Version:  - Max Peskov)
    Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
    Macro Recorder 5.6.5 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.6.5 - Jitbit Software)
    Medieval II: Total War (HKLM\...\Steam App 4700) (Version:  - The Creative Assembly)
    METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Mini Metro (HKLM-x32\...\1434554947_is1) (Version: 2.0.0.3 - GOG.com)
    MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
    MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.16 - MSI)
    MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.35 - MSI)
    MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
    MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.0.0.23 - MSI)
    MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.023 - MSI)
    MSI Smart Utilities (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.11 - MSI)
    MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.07 - MSI)
    MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)
    MSI® Intel® Extreme Tuning Utility (x32 Version: 6.0.2.102 - Intel Corporation) Hidden
    NBA 2K16 (HKLM-x32\...\NBA 2K16_is1) (Version:  - )
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
    NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.63 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
    NVIDIA Graphics Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
    NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
    OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.7.4 - Steganos Software GmbH)
    OMC ModPack Client version 1.5.1.9 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.1.9 - Odem Mortis)
    One Troll Army (HKLM\...\Steam App 438680) (Version:  - FlyAnvil)
    Origin (HKLM-x32\...\Origin) (Version: 10.3.2.64936 - Electronic Arts, Inc.)
    Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
    Overwolf (HKLM-x32\...\Overwolf) (Version: 0.100.9.0 - Overwolf Ltd.)
    Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
    PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Daybreak Game Company)
    PlanetSide 2 (HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
    Police Tactics Imperio (HKLM-x32\...\Police Tactics Imperio_is1) (Version:  - )
    Project CARS Game Of The Year Edition (HKLM\...\cHJvamVjdGNhcnM_is1) (Version: 1 - )
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
    Rebel Galaxy (HKLM-x32\...\1435582019_is1) (Version: 2.0.0.1 - GOG.com)
    RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
    SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
    SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
    Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.08 - Creative Technology Limited)
    Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
    Spotify (HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\...\Spotify) (Version: 1.0.43.123.g80176796 - Spotify AB)
    Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.26 - Bioware/EA)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.2.0.4 - GOG.com)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Stellaris (HKLM-x32\...\Stellaris_is1) (Version:  - )
    Stonehearth (HKLM\...\Steam App 253250) (Version:  - Radiant Entertainment)
    Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
    The Elder Scrolls V: Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V: Skyrim - Legendary Edition_is1) (Version:  - )
    The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version:  - )
    The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
    Tixati (HKLM-x32\...\tixati) (Version:  - )
    Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
    Transport Fever (HKLM-x32\...\Transport Fever_is1) (Version:  - )
    Uplay (HKLM-x32\...\Uplay) (Version: 19.0 - Ubisoft)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
    WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
    Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
    Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
    Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
    Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
    Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
    WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
    Workplace Backgrounds (HKLM-x32\...\{13304708-E115-4044-82DA-88A6F5424359}) (Version: 1.0.0 - Screaming Bee)
    XSplit Gamecaster (HKLM-x32\...\{D7BEC6E9-5E86-44FF-AA21-23DA71ED676B}) (Version: 2.4.1506.1243 - SplitmediaLabs)
    XVM version 6.4.0 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.4.0 - XVM team)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-1267418245-3742697258-4214093646-1000_Classes\CLSID\{58d0e2b1-e998-4e65-9933-805c2921aaf2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {0C996F31-F3F3-42A8-9E0E-332B8F087BB4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {1FADFA6D-2ABA-43DC-8511-A7E675AEB976} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)
    Task: {242F7C19-74F8-49A7-8F8A-0A3056469D0A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {290340AF-B9BF-4162-9B58-DD3BF3E5F8A8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {2AE470FE-0DEE-4CB4-B581-A7E6317E3931} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {42D805F6-348D-41A6-9725-2D59690F2FA7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {4AD7333C-C532-4AF9-91FA-378793CCEDEF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {526A1F25-192E-4920-9A6E-B1737004A2C8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
    Task: {5A978438-8FE0-42B8-9B08-82723263DAE4} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)
    Task: {5D120BC2-8B84-4C58-A50F-09D58E5F661C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {5F0175AA-EDB1-4B7C-A55A-025B338A1F3B} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
    Task: {61E028B4-DFD3-44A3-9E17-0851CEBE35CC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
    Task: {6ABBBFB5-1C92-4B78-AAD3-0C558E2B11FE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
    Task: {6B87E203-E717-4F1D-8F4C-9980F1CD035A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {7220BC0F-1E2C-448A-897B-26097DF373F7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {735F7E8A-4A7D-402C-B7F1-40EE94C57828} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {805673AD-3BA3-48C5-BF50-B8F759B2DE95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-15] (Google Inc.)
    Task: {856C30CB-E623-4393-996B-433588C0508E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {981DC40A-2229-4C0D-B90C-E96B443F8111} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [2015-08-18] (MSI)
    Task: {A6903129-3930-4CA8-9C81-06E434BDDF33} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {A78FC1AF-1611-4C9F-8CE3-E2153B86B690} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
    Task: {AA2E67F3-5F36-4A8C-9510-A0BDEE289956} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {B5679E3E-9239-4362-9E3F-1D4C0CF0C3E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {B82885D1-7D6C-4863-A880-BE56F603F824} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {BC77BEA3-5910-4F76-8029-842FE36B46CD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
    Task: {BD126F5C-8B68-478A-A911-35CED6BBA3E3} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
    Task: {C2407C5C-1C9B-4AFE-9A07-B33675C0069F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
    Task: {C2B97F26-7847-48C3-A440-0A8E3484BD7C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
    Task: {C8E1A3E9-D50C-4DD9-B7F4-C83472857A1B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {D5E0CF6C-5F8A-4478-922B-6067A88F75C4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
    Task: {D83D0E57-3D8F-49B4-98F5-F715A5759B1E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
    Task: {DF304282-7262-4DC9-868C-DBE69C633480} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-23] (Overwolf LTD)
    Task: {ED662C0F-FD84-43C3-9627-FFFCB605878A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
    Task: {F787F8B2-4DE2-4109-8EAD-1E34B1DEBF7A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {FC18AE39-6B4F-4103-B397-F4001967AFD0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {FEB6BB38-4088-474D-A1E1-9C87AD911646} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    Shortcut: C:\Users\Arc\Desktop\Gnоmоriа.lnk -> D:\Games\Gnomoria v1.0\Launcher_SGi.bat ()
     
    ShortcutWithArgument: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
    ShortcutWithArgument: C:\Users\Arc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\230b56f3403e3566\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2016-07-16 03:42 - 2016-07-16 03:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2016-10-26 19:50 - 2016-10-26 19:50 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-05-19 08:11 - 2015-05-19 08:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
    2016-10-26 19:50 - 2016-10-26 19:50 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
    2016-10-27 19:10 - 2016-10-27 19:10 - 01864384 _____ () C:\Users\Arc\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
    2016-02-21 13:38 - 2016-02-21 13:38 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
    2016-11-17 08:17 - 2016-11-17 08:17 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2016-11-17 08:17 - 2016-11-17 08:17 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2016-11-17 08:17 - 2016-11-17 08:17 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2016-11-08 12:41 - 2016-11-02 02:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-10-13 09:05 - 2016-11-17 05:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
    2016-10-13 09:05 - 2016-11-17 05:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
    2016-10-13 09:05 - 2016-11-17 05:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
    2016-10-26 19:50 - 2016-10-26 19:50 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
    2016-11-08 12:41 - 2016-11-02 02:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
    2016-11-08 12:41 - 2016-11-02 02:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-11-08 12:41 - 2016-11-02 02:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
    2016-11-08 12:41 - 2016-11-02 02:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2016-11-08 12:41 - 2016-11-02 02:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-11-08 12:41 - 2016-11-02 02:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
    2016-10-27 13:35 - 2005-07-18 12:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
    2016-09-11 07:04 - 2016-12-03 03:08 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
    2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files\Intel\Intel® Management Engine Components\LMS\ACE.dll
    2016-03-15 03:38 - 2016-11-17 05:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2016-10-13 09:05 - 2016-11-17 05:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
    2016-10-13 09:05 - 2016-11-17 05:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
    2016-10-30 01:00 - 2016-10-20 00:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
    2016-10-30 01:00 - 2016-10-20 00:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
    AlternateDataStreams: C:\Users\Arc:Heroes & Generals [38]
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-1267418245-3742697258-4214093646-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Arc\AppData\Local\Microsoft\Windows\INetCache\IE\E5EZKBV2\MSI[1].jpg
    DNS Servers: 192.168.2.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [vm-monitoring-nb-session] => LPort=139
    FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
    FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
    FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
    FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
    FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
    FirewallRules: [UDP Query User{0CC5CD62-C891-4E31-9EAD-2079CE9BFB72}C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe] => C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe
    FirewallRules: [TCP Query User{5855DD9B-B492-4145-8448-9E58FD36FF72}C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe] => C:\program files (x86)\3d instructor 2.2 home\bin\win32\starter.exe
    FirewallRules: [{788B49AF-03D2-45A8-AE12-F18C2D66EF7C}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [{B283F19A-9E0F-4248-908A-9D42A5F7DBE6}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
    FirewallRules: [UDP Query User{D8004B09-0194-4CA4-B7DE-C5F8B5E09C18}C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
    FirewallRules: [TCP Query User{8870DE43-FE48-46E4-9556-5B100FFAD661}C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe] => C:\program files (x86)\steam\steamapps\common\space\spacegame\binaries\win64\spserver.exe
    FirewallRules: [UDP Query User{DB768BC9-9F28-4617-BEFC-7289CE0B003D}C:\program files\city car driving\bin\win32\starter.exe] => C:\program files\city car driving\bin\win32\starter.exe
    FirewallRules: [TCP Query User{9D5D624A-56A5-4247-8E8D-4196636F8BD6}C:\program files\city car driving\bin\win32\starter.exe] => C:\program files\city car driving\bin\win32\starter.exe
    FirewallRules: [UDP Query User{43716CBE-B3E7-46E5-AC0A-4C24932CA0D7}C:\program files\guillemot\tools\giwebupdater.exe] => C:\program files\guillemot\tools\giwebupdater.exe
    FirewallRules: [TCP Query User{A824BD5E-35C6-4124-8A98-FE673E6F7BA2}C:\program files\guillemot\tools\giwebupdater.exe] => C:\program files\guillemot\tools\giwebupdater.exe
    FirewallRules: [{81CD8610-D4BD-43F3-9C32-06D4F000AF81}] => D:\Games\Star Wars-The Old Republic\launcher.exe
    FirewallRules: [{60F6B292-8134-49F9-BCF1-195FB8C958C7}] => D:\Games\Star Wars-The Old Republic\launcher.exe
    FirewallRules: [{536E5F11-A0D1-43CE-9F40-C764525D0C12}] => D:\Games\Star Wars-The Old Republic\launcher.exe
    FirewallRules: [{B79863EC-1BC4-4AC6-B11E-782030B500EA}] => D:\Games\Star Wars-The Old Republic\launcher.exe
    FirewallRules: [{75B51B17-CE6B-45EF-9070-B0514DAE0DC9}] => C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
    FirewallRules: [{758C6E8E-0BE4-40F4-A879-040197F40167}] => C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
    FirewallRules: [{055E7A77-5B61-493A-813E-A97D2CDF2E4E}] => C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
    FirewallRules: [{76AFF123-0D6D-4EA6-B69B-F024AE500900}] => C:\Games\World_of_Tanks\worldoftanks.exe
    FirewallRules: [{7ACC00E9-8683-43A5-BE7A-5C6A85924B24}] => C:\Games\World_of_Tanks\worldoftanks.exe
    FirewallRules: [{B6CF547D-3DC8-48BB-A376-C93E8D5142E4}] => C:\Games\World_of_Tanks\WoTLauncher.exe
    FirewallRules: [{78E33DDA-93F9-42DB-8BA8-0361C5B0371A}] => C:\Games\World_of_Tanks\WoTLauncher.exe
    FirewallRules: [UDP Query User{A7F32F0A-08B3-42BF-8010-3B905BE0E9F7}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [TCP Query User{11814690-709F-495E-B11F-B1E181A4F1BD}C:\program files (x86)\diablo iii\diablo iii.exe] => C:\program files (x86)\diablo iii\diablo iii.exe
    FirewallRules: [UDP Query User{552B0FF8-4C1D-4BA8-AE80-B4D10065740A}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [TCP Query User{73B02EE5-A638-43F1-9FB9-D8FA6C32BA74}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
    FirewallRules: [UDP Query User{63B2F2A3-4C03-4315-B6E4-00ECEC70A99F}C:\program files\tixati\tixati.exe] => C:\program files\tixati\tixati.exe
    FirewallRules: [TCP Query User{F65AE2AF-99A3-4D3E-B494-8748EDE42D35}C:\program files\tixati\tixati.exe] => C:\program files\tixati\tixati.exe
    FirewallRules: [{D0FB3FA5-E60E-4A2C-BFAE-04638B602EA6}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
    FirewallRules: [{245C56CD-BEF1-4F13-B9AB-66316AB0158A}] => C:\Program Files (x86)\Steam\steamapps\common\Medieval II Total War\medieval2.exe
    FirewallRules: [{CDEA253B-D517-4F97-9D60-29CEB90942F1}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
    FirewallRules: [{BCF42FED-456F-4C02-B1F3-2C1D34FDC90F}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
    FirewallRules: [{C54BA3A5-1693-4899-80F9-EDCE5A049131}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
    FirewallRules: [{797EC5AD-107A-4849-86B7-B3B0CCA0D276}] => C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
    FirewallRules: [{20A8D965-4FD1-468E-B953-228BE1C61DC9}] => C:\Program Files (x86)\Steam\steamapps\common\Stonehearth\Stonehearth.exe
    FirewallRules: [{9219C253-E5E3-478B-A558-137D92E0AFC7}] => C:\Program Files (x86)\Steam\steamapps\common\Stonehearth\Stonehearth.exe
    FirewallRules: [{816B4734-E3DA-4462-8EF5-6B1A46DC91C5}] => C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
    FirewallRules: [{A20C2052-E8BC-4E96-BF22-86E7BC8FD8F8}] => C:\Program Files (x86)\Steam\steamapps\common\OneTrollArmy\OTA.exe
    FirewallRules: [{D5611193-72B0-4186-905B-4B627FEE06FF}] => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe
    FirewallRules: [{4DBBB84D-8450-42D9-AC2A-9C8112C92CB6}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
    FirewallRules: [{C1A0B289-D146-406D-84F9-63B60D3F5B56}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
    FirewallRules: [{A3947EBE-C134-4020-8739-7C54998B32E9}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
    FirewallRules: [{76455814-AA29-4E95-A5F1-B72431079E8C}] => C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
    FirewallRules: [{FD4F8236-02DB-43F8-9454-F206D28A6A6D}] => C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
    FirewallRules: [{C76B6381-AB71-4E34-8D9E-0EB364336530}] => C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
    FirewallRules: [{8D830137-2146-49C7-A71E-AF6B9CCB289E}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
    FirewallRules: [{C0C1453F-B852-4C63-B352-D990F825367F}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
    FirewallRules: [{0345794C-DFF5-4922-BA70-A9D420F11AFA}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe
    FirewallRules: [{3042210A-6EEC-4600-BFD7-0C2860DD43E0}] => C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe
    FirewallRules: [UDP Query User{BCDC9D51-4AE5-4F1D-B6AD-46E9E270F4C2}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
    FirewallRules: [TCP Query User{2A62E163-5488-48DD-8E83-0AAFDB5F0C0B}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
    FirewallRules: [{FF0AA9D3-F94B-4466-8358-D9E399EB8737}] => C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
    FirewallRules: [{EAE4890F-D4AA-42C7-A719-87FC4BE79C62}] => C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
    FirewallRules: [UDP Query User{969BBA19-CB75-49ED-B715-6E28471A7630}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{37910C61-2775-4A9D-857F-909077FA8578}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{CB97E01F-2673-44FE-B541-C5C646CA316C}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{DED341C8-6FEF-4813-9266-9D3663309F63}C:\users\arc\appdata\roaming\spotify\spotify.exe] => C:\users\arc\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{046E13F3-894F-43D9-A381-41E453A697DC}C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe] => C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe
    FirewallRules: [TCP Query User{795DE68D-A9AC-46E1-BB85-736C83241085}C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe] => C:\program files (x86)\world_of_tanks9.14\wotlauncher.exe
    FirewallRules: [UDP Query User{DA006301-262A-4FB1-9458-2672B7EE365F}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{03BA674D-0199-40A6-8D1F-510303A6D3A0}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [{D4816D2B-4205-40B0-B4FF-A893397D5CCF}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe
    FirewallRules: [{005E3195-15F2-4061-B475-A8244BCCA4A4}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\Skins\UxfTool.exe
    FirewallRules: [{C9739606-D9E2-4B97-AE0E-B525FF4A6B06}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe
    FirewallRules: [{D8593815-1A56-40CF-A9A2-325D7CD4E5A6}] => C:\Program Files (x86)\Steam\steamapps\common\EVGA PrecisionX\PrecisionX_x64.exe
    FirewallRules: [UDP Query User{6800A260-83FF-4027-957F-1B5A8253AA8D}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{9F9A748D-6483-4F8F-87E9-808B86DC3103}C:\program files\logitech gaming software\lcore.exe] => C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [UDP Query User{B1F30188-D7D3-43B8-ABFA-11B27C181F98}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
    FirewallRules: [TCP Query User{0FF54AC1-5DEB-4E2C-9E30-AED5056284B3}C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe] => C:\program files (x86)\world_of_tanks9.14\worldoftanks.exe
    FirewallRules: [UDP Query User{C3141228-2A6F-4BF1-840C-68922A1A60D9}F:\world_of_tanks9.14\worldoftanks.exe] => F:\world_of_tanks9.14\worldoftanks.exe
    FirewallRules: [TCP Query User{25740937-DDA9-4B04-B5C7-B0006035A2FF}F:\world_of_tanks9.14\worldoftanks.exe] => F:\world_of_tanks9.14\worldoftanks.exe
    FirewallRules: [{53006F1A-7172-47CB-9CD0-5943395EF31A}] => C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
    FirewallRules: [{9940A988-2A95-4B0D-BC2A-2E6046D8692D}] => C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
    FirewallRules: [{C05AFB7E-2F21-47B2-8C19-850326E7A306}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{8B2BBA81-548C-4230-9E2C-73BFD0139374}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{6D6481AF-CEC6-4B84-BC2E-10357E960BB2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{274F9AA5-F481-49B1-AF2B-D220D32F71B6}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{AE11D8C5-2249-49E3-B9EE-DF28AB51ADAA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{CD7AB6DE-EDEF-42B8-BA25-E23E1BE988DE}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
    FirewallRules: [{02F1CFE1-8290-45F3-B370-EC87937D861E}] => C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{A7F85393-4B7F-4280-A6F2-4644DF64D8FB}] => C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{D6BED798-FFF9-44C8-86E2-24002D7595E6}] => D:\Steam D\steamapps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [{B1997FB8-020C-44FD-916D-F05185180DAA}] => D:\Steam D\steamapps\common\PlanetSide 2\LaunchPad.exe
    FirewallRules: [TCP Query User{2983A911-EEF2-47BD-9CD0-8BA5D00E34B0}D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe] => D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [UDP Query User{DCE7F637-8882-45A2-81A7-23DB23E5E5E0}D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe] => D:\steam d\steamapps\common\planetside 2\planetside2_x64.exe
    FirewallRules: [{46B263B8-CC8A-4812-8C36-6ABC28DC444D}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{1FAC9E39-0457-4DC1-AE22-25C0500F3D90}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExileSteam.exe
    FirewallRules: [{AE86A8D2-6FFB-4BF5-AC04-CFA405049F99}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{26B03AE9-9410-4989-8DF3-021E2B51FCC4}] => C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
    FirewallRules: [{204F0BA2-5860-4B81-8AB8-D1AF922DB383}] => C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
    FirewallRules: [{9AF8838B-F46E-4466-AA4E-207108E67936}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
    FirewallRules: [{9A2CD5D8-D17D-4F6B-A3B3-5254A39A6971}] => D:\Steam D\steamapps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{700AD4FE-A4DF-4EDE-84E3-F68A14AB3431}] => D:\Steam D\steamapps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{10629B9B-E897-4756-AD6F-D0DD08405713}] => D:\Steam D\steamapps\common\Kingdoms\Kingdoms.exe
    FirewallRules: [{A6DC472C-BF5E-4C7D-A504-1B9E32A5B333}] => D:\Steam D\steamapps\common\Kingdoms\Kingdoms.exe
    FirewallRules: [{5495A2DF-1E1B-4B81-A886-EBF6053A5326}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [{23D8ACF2-63A5-4A04-BED2-A66547428F75}] => D:\Steam D\steamapps\common\Path of Exile\PathOfExile_x64Steam.exe
    FirewallRules: [{42DC1856-CAA5-483C-B637-CDEDEDB6C373}] => C:\Program Files (x86)\Heroes & Generals\live\hng.exe
    FirewallRules: [{7E013171-55AC-497F-B74B-B84E69449E3F}] => C:\Program Files (x86)\Heroes & Generals\live\hng.exe
    FirewallRules: [{D898032E-1076-4B83-BE85-E6DE7BE208C4}] => C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
    FirewallRules: [{C5E3E15C-E3D2-4FCE-8462-AD4436FE5FE1}] => C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
    FirewallRules: [{BE44E150-9C62-448B-99FE-2C3B03AFC9C7}] => D:\Steam D\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
    FirewallRules: [{AACA2506-4167-45A3-BB58-D92191A910CB}] => D:\Steam D\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
    FirewallRules: [{520452B1-5C23-407B-AB38-C1F0048D9E12}] => C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
    FirewallRules: [{2C456EA4-6984-4AB8-9E77-0A1F545E9733}] => C:\Program Files (x86)\Origin Games\Dungeon Keeper\DATA\DOSBox\DOSBox.exe
    FirewallRules: [{CE14CCC9-75FF-49C0-91CC-18D08FE2751A}] => D:\Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{DA73AF93-954A-4767-BF3B-5630FDB3F89A}] => D:\Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{D4717FD0-05BB-4681-A008-EA2F17833BBF}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
    FirewallRules: [{64FA3BB6-6C85-485A-8A6C-2D841546DDEB}] => LPort=5357
    FirewallRules: [{8311B0EF-6D16-4EFE-9E51-9511A52968DA}] => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{420145C4-121C-41B3-902E-AB6A7BA06C76}] => C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
    FirewallRules: [{0E9AE795-B0F9-4AE7-A242-CC21E196EBE8}] => C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
    FirewallRules: [{20A37FAA-CDB7-4A2A-9FC2-1DFD33741D7B}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
    FirewallRules: [{00C1C67F-3BC4-446D-86E3-ADA48F2DF4BD}] => C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
    FirewallRules: [{3C9FB0EB-B288-4F42-B713-7E1413FCC3D8}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
    FirewallRules: [{8BE6643C-85EF-4B1F-BEDD-FA2F56A0353F}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
    FirewallRules: [{17FEFD7C-811A-4B9A-BABF-773AEFDD7E23}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
    FirewallRules: [{65016E45-8C07-40E4-800C-EA2CF1F49D44}] => C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
     
    ==================== Restore Points =========================
     
    23-11-2016 17:14:33 Installed DirectX
    30-11-2016 19:09:11 Scheduled Checkpoint
    03-12-2016 03:42:36 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
    03-12-2016 03:42:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
    06-12-2016 13:23:08 Removed Windows Mobile Device Center
    07-12-2016 01:57:38 JRT Pre-Junkware Removal
     
    ==================== Faulty Device Manager Devices =============
     
    Name: Standard PS/2 Keyboard
    Description: Standard PS/2 Keyboard
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard keyboards)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (12/07/2016 01:57:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
     
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
     
    System Error:
    Access is denied.
    .
     
    Error: (12/07/2016 01:55:17 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: MASTACHIE)
    Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
     
    Error: (12/07/2016 01:41:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program HeroesAndGeneralsDesktop.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
     
    Process ID: 178c
     
    Start Time: 01d2500aa82ef566
     
    Termination Time: 3
     
    Application Path: C:\Program Files (x86)\Heroes & Generals\live\HeroesAndGeneralsDesktop.exe
     
    Report Id: 4a1506de-bc61-11e6-9f9e-d8cb8adfa151
     
    Faulting package full name: 
     
    Faulting package-relative application ID:
     
    Error: (12/06/2016 01:50:28 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: MASTACHIE)
    Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
     
    Error: (12/06/2016 01:49:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: OkayFreedomClient.exe, version: 1.7.4.12069, time stamp: 0x5823391a
    Faulting module name: OkayFreedomClient.exe, version: 1.7.4.12069, time stamp: 0x5823391a
    Exception code: 0xc0000005
    Fault offset: 0x000d5561
    Faulting process id: 0x30b0
    Faulting application start time: 0x01d2500a9a607901
    Faulting application path: C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
    Faulting module path: C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
    Report Id: 084bcd04-41a2-4146-b16f-ef5992db1bf5
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (12/06/2016 01:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Exception code: 0xc0000005
    Fault offset: 0x0000000000006f58
    Faulting process id: 0xa04
    Faulting application start time: 0x01d250024ffd6254
    Faulting application path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
    Faulting module path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
    Report Id: 269e9dac-fd8d-4560-ad26-18c356fc5e09
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (12/06/2016 01:23:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
     
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
     
    System Error:
    Access is denied.
    .
     
    Error: (12/06/2016 12:52:11 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: MASTACHIE)
    Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
     
    Error: (12/06/2016 12:49:35 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b
    Exception code: 0xc0000005
    Fault offset: 0x0000000000006f58
    Faulting process id: 0x8e4
    Faulting application start time: 0x01d24ebbae7a32ed
    Faulting application path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
    Faulting module path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
    Report Id: 324c045d-7eee-4f53-a6c5-e705818a35a2
    Faulting package full name: 
    Faulting package-relative application ID:
     
    Error: (12/06/2016 12:49:30 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_stisvc, version: 10.0.14393.0, time stamp: 0x57899b1c
    Faulting module name: combase.dll, version: 10.0.14393.351, time stamp: 0x5801a419
    Exception code: 0xc0000005
    Fault offset: 0x00000000000aed8c
    Faulting process id: 0xae0
    Faulting application start time: 0x01d24ebbae83d388
    Faulting application path: C:\WINDOWS\system32\svchost.exe
    Faulting module path: C:\WINDOWS\System32\combase.dll
    Report Id: 897f2ffd-65a8-4169-8870-e695f088373d
    Faulting package full name: 
    Faulting package-relative application ID:
     
     
    System errors:
    =============
    Error: (12/07/2016 01:57:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
     
    Error: (12/07/2016 01:53:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
    {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
     and APPID 
    {F72671A9-012C-4725-9D2F-2A4D32D65169}
     to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Error: (12/07/2016 01:53:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
     
    Error: (12/07/2016 01:53:02 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
    Description: Performance power management features on Hyper-V logical processor 7 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Error: (12/07/2016 01:53:02 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
    Description: Performance power management features on Hyper-V logical processor 5 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Error: (12/07/2016 01:53:02 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
    Description: Performance power management features on Hyper-V logical processor 3 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Error: (12/07/2016 01:53:02 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
    Description: Performance power management features on Hyper-V logical processor 1 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Error: (12/07/2016 01:53:02 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
    Description: Performance power management features on Hyper-V logical processor 6 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Error: (12/07/2016 01:53:02 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
    Description: Performance power management features on Hyper-V logical processor 4 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Error: (12/07/2016 01:53:02 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: NT AUTHORITY)
    Description: Performance power management features on Hyper-V logical processor 2 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
     
    CodeIntegrity:
    ===================================
      Date: 2016-12-03 20:37:01.621
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
     
      Date: 2016-12-03 03:22:11.129
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
     
      Date: 2016-12-03 03:21:59.422
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
     
      Date: 2016-11-26 16:46:17.997
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
     
      Date: 2016-11-24 14:59:19.066
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
     
      Date: 2016-11-21 15:41:42.112
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-11-15 08:51:46.695
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
     
      Date: 2016-11-15 08:11:56.350
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll that did not meet the Microsoft signing level requirements.
     
      Date: 2016-11-15 08:11:56.342
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll that did not meet the Microsoft signing level requirements.
     
      Date: 2016-11-15 08:11:56.331
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll that did not meet the Microsoft signing level requirements.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
    Percentage of memory in use: 15%
    Total physical RAM: 16329.45 MB
    Available physical RAM: 13762.58 MB
    Total Virtual: 32713.45 MB
    Available Virtual: 29912.79 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:446.69 GB) (Free:64.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive d: () (Fixed) (Total:912.7 GB) (Free:480 GB) NTFS
    Drive i: (Transport Fever) (CDROM) (Total:4.96 GB) (Free:0 GB) CDFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 8E648704)
    Partition 1: (Active) - (Size=446.7 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
     
    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: ED8A50F5)
    Partition 1: (Not Active) - (Size=912.7 GB) - (Type=07 NTFS)
     
    ==================== End of Addition.txt ============================
     
     
     
     
     
     
    Kaspersky has been silent for the past few hours I think it did its job of alerting me of the virus but as in terms of prevention and removal it lacked on doing so, thank you for the time and effort you guys put in if there any more dicrepancies in the log please let me know
     
    Thanks again 

    • 0

    #5
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    The Russian connection was getting in through the Chrome.bat file that was being called when you started Chrome using the shortcut.  I expect one of the programs that I had you uninstall put the bat file in.  Not really Kaspersky's fault when you install junk.  It's actually one of the best anti-virus programs so stick with it.  

     

    Your log shows you probably need a new BIOS - check with you PC maker and see if they have an update on their site.

     

    Your NVIDIA driver is also out of date and needs to be updated.  You may have to get one from their website if your PC maker doesn't have one.

     

    http://www.nvidia.co...load/index.aspx

     

    This error:

     

    Error: (12/07/2016 01:53:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
    The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

     

     

     

    is caused by a mistake in the Windows 10 Update.  Search for

     

    services.msc

     

    and hit Enter and it should bring up the services menu.

     

    Scroll down and find the 4 entries that start with Net.  All four should be Disabled.  If they are not, right click on each and select Properties and change the Startup Type: to Disabled.  OK.

     

    Your OkayFreedom program is causing errors so I would uninstall it.

     

    CSR Harmony Wireless Software Stack also needs an upgrade.

     

    http://www.gleescape.com/posts/3093may help.

     

     

    Open an elevated command prompt:
     
     
    If you open an elevated command prompt it will by default open in c:\Windows\system32
     
    Once you have an elevated command prompt:
     
    Now Type(with an Enter after each line):
     
     DISM  /Online  /Cleanup-Image  /RestoreHealth
     
     (I use two spaces so you can be sure to see where one space goes.)
    This will take a while to complete.  Once the prompt returns:
     
    Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
     
    sfc  /scannow
     
     
     
    This will also take a few minutes.  
     
    When it finishes it will say one of the following:
     
    Windows did not find any integrity violations (a good thing)
    Windows Resource Protection found corrupt files and repaired them (a good thing)
    Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
     
    If you get the last result then type:
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt 
     
    Hit Enter.  Then type::
     
     
    notepad  \junk.txt 
     
    Hit Enter. 
     
     Copy the text from notepad and paste it into a reply.
     
     
    After you finish SFC, regardless of the result:
     
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

    • 0

    #6
    archiep

    archiep

      Member

    • Topic Starter
    • Member
    • PipPip
    • 53 posts

    Hello sorry for the late reply here is the Elevated CMD logs 

     

    2016-12-08 06:57:42, Info                  CSI    00000006 [SR] Verifying 100 components
    2016-12-08 06:57:42, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:43, Info                  CSI    0000006c [SR] Verify complete
    2016-12-08 06:57:43, Info                  CSI    0000006d [SR] Verifying 100 components
    2016-12-08 06:57:43, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:44, Info                  CSI    000000d3 [SR] Verify complete
    2016-12-08 06:57:44, Info                  CSI    000000d4 [SR] Verifying 100 components
    2016-12-08 06:57:44, Info                  CSI    000000d5 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:45, Info                  CSI    0000013a [SR] Verify complete
    2016-12-08 06:57:45, Info                  CSI    0000013b [SR] Verifying 100 components
    2016-12-08 06:57:45, Info                  CSI    0000013c [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:45, Info                  CSI    000001a1 [SR] Verify complete
    2016-12-08 06:57:45, Info                  CSI    000001a2 [SR] Verifying 100 components
    2016-12-08 06:57:45, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:46, Info                  CSI    00000208 [SR] Verify complete
    2016-12-08 06:57:46, Info                  CSI    00000209 [SR] Verifying 100 components
    2016-12-08 06:57:46, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:47, Info                  CSI    0000026f [SR] Verify complete
    2016-12-08 06:57:47, Info                  CSI    00000270 [SR] Verifying 100 components
    2016-12-08 06:57:47, Info                  CSI    00000271 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:47, Info                  CSI    000002d6 [SR] Verify complete
    2016-12-08 06:57:47, Info                  CSI    000002d7 [SR] Verifying 100 components
    2016-12-08 06:57:47, Info                  CSI    000002d8 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:48, Info                  CSI    0000033d [SR] Verify complete
    2016-12-08 06:57:48, Info                  CSI    0000033e [SR] Verifying 100 components
    2016-12-08 06:57:48, Info                  CSI    0000033f [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:49, Info                  CSI    000003a4 [SR] Verify complete
    2016-12-08 06:57:49, Info                  CSI    000003a5 [SR] Verifying 100 components
    2016-12-08 06:57:49, Info                  CSI    000003a6 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:49, Info                  CSI    0000040b [SR] Verify complete
    2016-12-08 06:57:49, Info                  CSI    0000040c [SR] Verifying 100 components
    2016-12-08 06:57:49, Info                  CSI    0000040d [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:50, Info                  CSI    00000472 [SR] Verify complete
    2016-12-08 06:57:50, Info                  CSI    00000473 [SR] Verifying 100 components
    2016-12-08 06:57:50, Info                  CSI    00000474 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:51, Info                  CSI    000004d9 [SR] Verify complete
    2016-12-08 06:57:51, Info                  CSI    000004da [SR] Verifying 100 components
    2016-12-08 06:57:51, Info                  CSI    000004db [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:52, Info                  CSI    00000540 [SR] Verify complete
    2016-12-08 06:57:52, Info                  CSI    00000541 [SR] Verifying 100 components
    2016-12-08 06:57:52, Info                  CSI    00000542 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:53, Info                  CSI    000005a8 [SR] Verify complete
    2016-12-08 06:57:53, Info                  CSI    000005a9 [SR] Verifying 100 components
    2016-12-08 06:57:53, Info                  CSI    000005aa [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:54, Info                  CSI    0000060f [SR] Verify complete
    2016-12-08 06:57:54, Info                  CSI    00000610 [SR] Verifying 100 components
    2016-12-08 06:57:54, Info                  CSI    00000611 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:55, Info                  CSI    00000676 [SR] Verify complete
    2016-12-08 06:57:55, Info                  CSI    00000677 [SR] Verifying 100 components
    2016-12-08 06:57:55, Info                  CSI    00000678 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:55, Info                  CSI    000006dd [SR] Verify complete
    2016-12-08 06:57:55, Info                  CSI    000006de [SR] Verifying 100 components
    2016-12-08 06:57:55, Info                  CSI    000006df [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:56, Info                  CSI    00000744 [SR] Verify complete
    2016-12-08 06:57:56, Info                  CSI    00000745 [SR] Verifying 100 components
    2016-12-08 06:57:56, Info                  CSI    00000746 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:57, Info                  CSI    000007ab [SR] Verify complete
    2016-12-08 06:57:57, Info                  CSI    000007ac [SR] Verifying 100 components
    2016-12-08 06:57:57, Info                  CSI    000007ad [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:58, Info                  CSI    00000812 [SR] Verify complete
    2016-12-08 06:57:58, Info                  CSI    00000813 [SR] Verifying 100 components
    2016-12-08 06:57:58, Info                  CSI    00000814 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:58, Info                  CSI    00000879 [SR] Verify complete
    2016-12-08 06:57:58, Info                  CSI    0000087a [SR] Verifying 100 components
    2016-12-08 06:57:58, Info                  CSI    0000087b [SR] Beginning Verify and Repair transaction
    2016-12-08 06:57:59, Info                  CSI    000008e0 [SR] Verify complete
    2016-12-08 06:57:59, Info                  CSI    000008e1 [SR] Verifying 100 components
    2016-12-08 06:57:59, Info                  CSI    000008e2 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:00, Info                  CSI    00000947 [SR] Verify complete
    2016-12-08 06:58:00, Info                  CSI    00000948 [SR] Verifying 100 components
    2016-12-08 06:58:00, Info                  CSI    00000949 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:01, Info                  CSI    000009ae [SR] Verify complete
    2016-12-08 06:58:01, Info                  CSI    000009af [SR] Verifying 100 components
    2016-12-08 06:58:01, Info                  CSI    000009b0 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:02, Info                  CSI    00000a15 [SR] Verify complete
    2016-12-08 06:58:02, Info                  CSI    00000a16 [SR] Verifying 100 components
    2016-12-08 06:58:02, Info                  CSI    00000a17 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:03, Info                  CSI    00000a7c [SR] Verify complete
    2016-12-08 06:58:03, Info                  CSI    00000a7d [SR] Verifying 100 components
    2016-12-08 06:58:03, Info                  CSI    00000a7e [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:03, Info                  CSI    00000ae3 [SR] Verify complete
    2016-12-08 06:58:03, Info                  CSI    00000ae4 [SR] Verifying 100 components
    2016-12-08 06:58:03, Info                  CSI    00000ae5 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:04, Info                  CSI    00000b4a [SR] Verify complete
    2016-12-08 06:58:04, Info                  CSI    00000b4b [SR] Verifying 100 components
    2016-12-08 06:58:04, Info                  CSI    00000b4c [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:05, Info                  CSI    00000bb1 [SR] Verify complete
    2016-12-08 06:58:05, Info                  CSI    00000bb2 [SR] Verifying 100 components
    2016-12-08 06:58:05, Info                  CSI    00000bb3 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:06, Info                  CSI    00000c18 [SR] Verify complete
    2016-12-08 06:58:06, Info                  CSI    00000c19 [SR] Verifying 100 components
    2016-12-08 06:58:06, Info                  CSI    00000c1a [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:07, Info                  CSI    00000c83 [SR] Verify complete
    2016-12-08 06:58:07, Info                  CSI    00000c84 [SR] Verifying 100 components
    2016-12-08 06:58:07, Info                  CSI    00000c85 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:08, Info                  CSI    00000cea [SR] Verify complete
    2016-12-08 06:58:08, Info                  CSI    00000ceb [SR] Verifying 100 components
    2016-12-08 06:58:08, Info                  CSI    00000cec [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:08, Info                  CSI    00000d51 [SR] Verify complete
    2016-12-08 06:58:08, Info                  CSI    00000d52 [SR] Verifying 100 components
    2016-12-08 06:58:08, Info                  CSI    00000d53 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:09, Info                  CSI    00000db8 [SR] Verify complete
    2016-12-08 06:58:09, Info                  CSI    00000db9 [SR] Verifying 100 components
    2016-12-08 06:58:09, Info                  CSI    00000dba [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:10, Info                  CSI    00000e26 [SR] Verify complete
    2016-12-08 06:58:10, Info                  CSI    00000e27 [SR] Verifying 100 components
    2016-12-08 06:58:10, Info                  CSI    00000e28 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:11, Info                  CSI    00000e8e [SR] Verify complete
    2016-12-08 06:58:11, Info                  CSI    00000e8f [SR] Verifying 100 components
    2016-12-08 06:58:11, Info                  CSI    00000e90 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:12, Info                  CSI    00000ef7 [SR] Verify complete
    2016-12-08 06:58:12, Info                  CSI    00000ef8 [SR] Verifying 100 components
    2016-12-08 06:58:12, Info                  CSI    00000ef9 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:13, Info                  CSI    00000f68 [SR] Verify complete
    2016-12-08 06:58:13, Info                  CSI    00000f69 [SR] Verifying 100 components
    2016-12-08 06:58:13, Info                  CSI    00000f6a [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:15, Info                  CSI    00000fe7 [SR] Verify complete
    2016-12-08 06:58:15, Info                  CSI    00000fe8 [SR] Verifying 100 components
    2016-12-08 06:58:15, Info                  CSI    00000fe9 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:17, Info                  CSI    00001051 [SR] Verify complete
    2016-12-08 06:58:17, Info                  CSI    00001052 [SR] Verifying 100 components
    2016-12-08 06:58:17, Info                  CSI    00001053 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:19, Info                  CSI    000010bc [SR] Verify complete
    2016-12-08 06:58:19, Info                  CSI    000010bd [SR] Verifying 100 components
    2016-12-08 06:58:19, Info                  CSI    000010be [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:20, Info                  CSI    0000112c [SR] Verify complete
    2016-12-08 06:58:20, Info                  CSI    0000112d [SR] Verifying 100 components
    2016-12-08 06:58:20, Info                  CSI    0000112e [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:21, Info                  CSI    0000119b [SR] Verify complete
    2016-12-08 06:58:21, Info                  CSI    0000119c [SR] Verifying 100 components
    2016-12-08 06:58:21, Info                  CSI    0000119d [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:23, Info                  CSI    00001265 [SR] Verify complete
    2016-12-08 06:58:23, Info                  CSI    00001266 [SR] Verifying 100 components
    2016-12-08 06:58:23, Info                  CSI    00001267 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:25, Info                  CSI    000012d8 [SR] Verify complete
    2016-12-08 06:58:25, Info                  CSI    000012d9 [SR] Verifying 100 components
    2016-12-08 06:58:25, Info                  CSI    000012da [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:26, Info                  CSI    0000133f [SR] Verify complete
    2016-12-08 06:58:26, Info                  CSI    00001340 [SR] Verifying 100 components
    2016-12-08 06:58:26, Info                  CSI    00001341 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:28, Info                  CSI    000013a6 [SR] Verify complete
    2016-12-08 06:58:28, Info                  CSI    000013a7 [SR] Verifying 100 components
    2016-12-08 06:58:28, Info                  CSI    000013a8 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:29, Info                  CSI    0000140d [SR] Verify complete
    2016-12-08 06:58:30, Info                  CSI    0000140e [SR] Verifying 100 components
    2016-12-08 06:58:30, Info                  CSI    0000140f [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:32, Info                  CSI    00001476 [SR] Verify complete
    2016-12-08 06:58:33, Info                  CSI    00001477 [SR] Verifying 100 components
    2016-12-08 06:58:33, Info                  CSI    00001478 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:35, Info                  CSI    000014f2 [SR] Verify complete
    2016-12-08 06:58:35, Info                  CSI    000014f3 [SR] Verifying 100 components
    2016-12-08 06:58:35, Info                  CSI    000014f4 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:37, Info                  CSI    00001563 [SR] Verify complete
    2016-12-08 06:58:37, Info                  CSI    00001564 [SR] Verifying 100 components
    2016-12-08 06:58:37, Info                  CSI    00001565 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:41, Info                  CSI    000015f3 [SR] Verify complete
    2016-12-08 06:58:41, Info                  CSI    000015f4 [SR] Verifying 100 components
    2016-12-08 06:58:41, Info                  CSI    000015f5 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:43, Info                  CSI    00001661 [SR] Verify complete
    2016-12-08 06:58:43, Info                  CSI    00001662 [SR] Verifying 100 components
    2016-12-08 06:58:43, Info                  CSI    00001663 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:44, Info                  CSI    000016cc [SR] Verify complete
    2016-12-08 06:58:44, Info                  CSI    000016cd [SR] Verifying 100 components
    2016-12-08 06:58:44, Info                  CSI    000016ce [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:46, Info                  CSI    0000173d [SR] Verify complete
    2016-12-08 06:58:46, Info                  CSI    0000173e [SR] Verifying 100 components
    2016-12-08 06:58:46, Info                  CSI    0000173f [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:47, Info                  CSI    000017b5 [SR] Verify complete
    2016-12-08 06:58:47, Info                  CSI    000017b6 [SR] Verifying 100 components
    2016-12-08 06:58:47, Info                  CSI    000017b7 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:49, Info                  CSI    0000181f [SR] Verify complete
    2016-12-08 06:58:49, Info                  CSI    00001820 [SR] Verifying 100 components
    2016-12-08 06:58:49, Info                  CSI    00001821 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:50, Info                  CSI    00001888 [SR] Verify complete
    2016-12-08 06:58:50, Info                  CSI    00001889 [SR] Verifying 100 components
    2016-12-08 06:58:50, Info                  CSI    0000188a [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:52, Info                  CSI    000018ef [SR] Verify complete
    2016-12-08 06:58:52, Info                  CSI    000018f0 [SR] Verifying 100 components
    2016-12-08 06:58:52, Info                  CSI    000018f1 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:53, Info                  CSI    0000195a [SR] Verify complete
    2016-12-08 06:58:53, Info                  CSI    0000195b [SR] Verifying 100 components
    2016-12-08 06:58:53, Info                  CSI    0000195c [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:54, Info                  CSI    000019cc [SR] Verify complete
    2016-12-08 06:58:54, Info                  CSI    000019cd [SR] Verifying 100 components
    2016-12-08 06:58:54, Info                  CSI    000019ce [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:56, Info                  CSI    00001a52 [SR] Verify complete
    2016-12-08 06:58:56, Info                  CSI    00001a53 [SR] Verifying 100 components
    2016-12-08 06:58:56, Info                  CSI    00001a54 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:58:59, Info                  CSI    00001aea [SR] Verify complete
    2016-12-08 06:58:59, Info                  CSI    00001aeb [SR] Verifying 100 components
    2016-12-08 06:58:59, Info                  CSI    00001aec [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:03, Info                  CSI    00001b75 [SR] Verify complete
    2016-12-08 06:59:03, Info                  CSI    00001b76 [SR] Verifying 100 components
    2016-12-08 06:59:03, Info                  CSI    00001b77 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:05, Info                  CSI    00001bdc [SR] Verify complete
    2016-12-08 06:59:05, Info                  CSI    00001bdd [SR] Verifying 100 components
    2016-12-08 06:59:05, Info                  CSI    00001bde [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:06, Info                  CSI    00001c4a [SR] Verify complete
    2016-12-08 06:59:06, Info                  CSI    00001c4b [SR] Verifying 100 components
    2016-12-08 06:59:06, Info                  CSI    00001c4c [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:07, Info                  CSI    00001cb7 [SR] Verify complete
    2016-12-08 06:59:07, Info                  CSI    00001cb8 [SR] Verifying 100 components
    2016-12-08 06:59:07, Info                  CSI    00001cb9 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:10, Info                  CSI    00001d2d [SR] Verify complete
    2016-12-08 06:59:10, Info                  CSI    00001d2e [SR] Verifying 100 components
    2016-12-08 06:59:10, Info                  CSI    00001d2f [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:11, Info                  CSI    00001d97 [SR] Verify complete
    2016-12-08 06:59:11, Info                  CSI    00001d98 [SR] Verifying 100 components
    2016-12-08 06:59:11, Info                  CSI    00001d99 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:12, Info                  CSI    00001dfe [SR] Verify complete
    2016-12-08 06:59:12, Info                  CSI    00001dff [SR] Verifying 100 components
    2016-12-08 06:59:12, Info                  CSI    00001e00 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:13, Info                  CSI    00001e70 [SR] Verify complete
    2016-12-08 06:59:13, Info                  CSI    00001e71 [SR] Verifying 100 components
    2016-12-08 06:59:13, Info                  CSI    00001e72 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:16, Info                  CSI    00001ee2 [SR] Verify complete
    2016-12-08 06:59:16, Info                  CSI    00001ee3 [SR] Verifying 100 components
    2016-12-08 06:59:16, Info                  CSI    00001ee4 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:18, Info                  CSI    00001f55 [SR] Verify complete
    2016-12-08 06:59:18, Info                  CSI    00001f56 [SR] Verifying 100 components
    2016-12-08 06:59:18, Info                  CSI    00001f57 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:20, Info                  CSI    00001fca [SR] Verify complete
    2016-12-08 06:59:20, Info                  CSI    00001fcb [SR] Verifying 100 components
    2016-12-08 06:59:20, Info                  CSI    00001fcc [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:21, Info                  CSI    00002032 [SR] Verify complete
    2016-12-08 06:59:21, Info                  CSI    00002033 [SR] Verifying 100 components
    2016-12-08 06:59:21, Info                  CSI    00002034 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:24, Info                  CSI    000020b0 [SR] Verify complete
    2016-12-08 06:59:24, Info                  CSI    000020b1 [SR] Verifying 100 components
    2016-12-08 06:59:24, Info                  CSI    000020b2 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:25, Info                  CSI    0000213d [SR] Verify complete
    2016-12-08 06:59:25, Info                  CSI    0000213e [SR] Verifying 100 components
    2016-12-08 06:59:25, Info                  CSI    0000213f [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:27, Info                  CSI    000021a9 [SR] Verify complete
    2016-12-08 06:59:27, Info                  CSI    000021aa [SR] Verifying 100 components
    2016-12-08 06:59:27, Info                  CSI    000021ab [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:29, Info                  CSI    00002215 [SR] Verify complete
    2016-12-08 06:59:29, Info                  CSI    00002216 [SR] Verifying 100 components
    2016-12-08 06:59:29, Info                  CSI    00002217 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:30, Info                  CSI    0000227c [SR] Verify complete
    2016-12-08 06:59:30, Info                  CSI    0000227d [SR] Verifying 100 components
    2016-12-08 06:59:30, Info                  CSI    0000227e [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:31, Info                  CSI    000022e7 [SR] Verify complete
    2016-12-08 06:59:31, Info                  CSI    000022e8 [SR] Verifying 100 components
    2016-12-08 06:59:31, Info                  CSI    000022e9 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:34, Info                  CSI    00002358 [SR] Verify complete
    2016-12-08 06:59:34, Info                  CSI    00002359 [SR] Verifying 100 components
    2016-12-08 06:59:34, Info                  CSI    0000235a [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:37, Info                  CSI    000023da [SR] Verify complete
    2016-12-08 06:59:37, Info                  CSI    000023db [SR] Verifying 100 components
    2016-12-08 06:59:37, Info                  CSI    000023dc [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:39, Info                  CSI    00002447 [SR] Verify complete
    2016-12-08 06:59:39, Info                  CSI    00002448 [SR] Verifying 100 components
    2016-12-08 06:59:39, Info                  CSI    00002449 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:40, Info                  CSI    000024b1 [SR] Verify complete
    2016-12-08 06:59:40, Info                  CSI    000024b2 [SR] Verifying 100 components
    2016-12-08 06:59:40, Info                  CSI    000024b3 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:41, Info                  CSI    0000251a [SR] Verify complete
    2016-12-08 06:59:41, Info                  CSI    0000251b [SR] Verifying 100 components
    2016-12-08 06:59:41, Info                  CSI    0000251c [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:42, Info                  CSI    000025b4 [SR] Verify complete
    2016-12-08 06:59:42, Info                  CSI    000025b5 [SR] Verifying 100 components
    2016-12-08 06:59:42, Info                  CSI    000025b6 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:44, Info                  CSI    0000261e [SR] Verify complete
    2016-12-08 06:59:44, Info                  CSI    0000261f [SR] Verifying 100 components
    2016-12-08 06:59:44, Info                  CSI    00002620 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:45, Info                  CSI    00002685 [SR] Verify complete
    2016-12-08 06:59:45, Info                  CSI    00002686 [SR] Verifying 100 components
    2016-12-08 06:59:45, Info                  CSI    00002687 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:46, Info                  CSI    000026f8 [SR] Verify complete
    2016-12-08 06:59:46, Info                  CSI    000026f9 [SR] Verifying 100 components
    2016-12-08 06:59:46, Info                  CSI    000026fa [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:47, Info                  CSI    00002766 [SR] Verify complete
    2016-12-08 06:59:47, Info                  CSI    00002767 [SR] Verifying 100 components
    2016-12-08 06:59:47, Info                  CSI    00002768 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:48, Info                  CSI    000027db [SR] Verify complete
    2016-12-08 06:59:48, Info                  CSI    000027dc [SR] Verifying 100 components
    2016-12-08 06:59:48, Info                  CSI    000027dd [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:50, Info                  CSI    00002848 [SR] Verify complete
    2016-12-08 06:59:50, Info                  CSI    00002849 [SR] Verifying 100 components
    2016-12-08 06:59:50, Info                  CSI    0000284a [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:51, Info                  CSI    000028ca [SR] Verify complete
    2016-12-08 06:59:51, Info                  CSI    000028cb [SR] Verifying 100 components
    2016-12-08 06:59:51, Info                  CSI    000028cc [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:55, Info                  CSI    00002960 [SR] Verify complete
    2016-12-08 06:59:55, Info                  CSI    00002961 [SR] Verifying 100 components
    2016-12-08 06:59:55, Info                  CSI    00002962 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:56, Info                  CSI    000029cc [SR] Verify complete
    2016-12-08 06:59:56, Info                  CSI    000029cd [SR] Verifying 100 components
    2016-12-08 06:59:56, Info                  CSI    000029ce [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:57, Info                  CSI    00002a33 [SR] Verify complete
    2016-12-08 06:59:57, Info                  CSI    00002a34 [SR] Verifying 100 components
    2016-12-08 06:59:57, Info                  CSI    00002a35 [SR] Beginning Verify and Repair transaction
    2016-12-08 06:59:59, Info                  CSI    00002a9c [SR] Verify complete
    2016-12-08 06:59:59, Info                  CSI    00002a9d [SR] Verifying 100 components
    2016-12-08 06:59:59, Info                  CSI    00002a9e [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:00, Info                  CSI    00002b0b [SR] Verify complete
    2016-12-08 07:00:00, Info                  CSI    00002b0c [SR] Verifying 100 components
    2016-12-08 07:00:00, Info                  CSI    00002b0d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:01, Info                  CSI    00002b7b [SR] Verify complete
    2016-12-08 07:00:01, Info                  CSI    00002b7c [SR] Verifying 100 components
    2016-12-08 07:00:01, Info                  CSI    00002b7d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:02, Info                  CSI    00002be2 [SR] Verify complete
    2016-12-08 07:00:02, Info                  CSI    00002be3 [SR] Verifying 100 components
    2016-12-08 07:00:02, Info                  CSI    00002be4 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:03, Info                  CSI    00002c4b [SR] Verify complete
    2016-12-08 07:00:03, Info                  CSI    00002c4c [SR] Verifying 100 components
    2016-12-08 07:00:03, Info                  CSI    00002c4d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:05, Info                  CSI    00002cbc [SR] Verify complete
    2016-12-08 07:00:05, Info                  CSI    00002cbd [SR] Verifying 100 components
    2016-12-08 07:00:05, Info                  CSI    00002cbe [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:07, Info                  CSI    00002d2e [SR] Verify complete
    2016-12-08 07:00:07, Info                  CSI    00002d2f [SR] Verifying 100 components
    2016-12-08 07:00:07, Info                  CSI    00002d30 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:08, Info                  CSI    00002d97 [SR] Verify complete
    2016-12-08 07:00:08, Info                  CSI    00002d98 [SR] Verifying 100 components
    2016-12-08 07:00:08, Info                  CSI    00002d99 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:10, Info                  CSI    00002e07 [SR] Verify complete
    2016-12-08 07:00:10, Info                  CSI    00002e08 [SR] Verifying 100 components
    2016-12-08 07:00:10, Info                  CSI    00002e09 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:12, Info                  CSI    00002e9b [SR] Verify complete
    2016-12-08 07:00:12, Info                  CSI    00002e9c [SR] Verifying 100 components
    2016-12-08 07:00:12, Info                  CSI    00002e9d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:15, Info                  CSI    00002f11 [SR] Verify complete
    2016-12-08 07:00:15, Info                  CSI    00002f12 [SR] Verifying 100 components
    2016-12-08 07:00:15, Info                  CSI    00002f13 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:16, Info                  CSI    00002f7b [SR] Verify complete
    2016-12-08 07:00:16, Info                  CSI    00002f7c [SR] Verifying 100 components
    2016-12-08 07:00:16, Info                  CSI    00002f7d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:17, Info                  CSI    00002fef [SR] Verify complete
    2016-12-08 07:00:17, Info                  CSI    00002ff0 [SR] Verifying 100 components
    2016-12-08 07:00:17, Info                  CSI    00002ff1 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:19, Info                  CSI    0000305a [SR] Verify complete
    2016-12-08 07:00:19, Info                  CSI    0000305b [SR] Verifying 100 components
    2016-12-08 07:00:19, Info                  CSI    0000305c [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:21, Info                  CSI    000030c4 [SR] Verify complete
    2016-12-08 07:00:21, Info                  CSI    000030c5 [SR] Verifying 100 components
    2016-12-08 07:00:21, Info                  CSI    000030c6 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:22, Info                  CSI    0000312d [SR] Verify complete
    2016-12-08 07:00:22, Info                  CSI    0000312e [SR] Verifying 100 components
    2016-12-08 07:00:22, Info                  CSI    0000312f [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:23, Info                  CSI    0000319a [SR] Verify complete
    2016-12-08 07:00:23, Info                  CSI    0000319b [SR] Verifying 100 components
    2016-12-08 07:00:23, Info                  CSI    0000319c [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:25, Info                  CSI    0000320f [SR] Verify complete
    2016-12-08 07:00:25, Info                  CSI    00003210 [SR] Verifying 100 components
    2016-12-08 07:00:25, Info                  CSI    00003211 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:26, Info                  CSI    00003283 [SR] Verify complete
    2016-12-08 07:00:26, Info                  CSI    00003284 [SR] Verifying 100 components
    2016-12-08 07:00:26, Info                  CSI    00003285 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:28, Info                  CSI    000032f2 [SR] Verify complete
    2016-12-08 07:00:28, Info                  CSI    000032f3 [SR] Verifying 100 components
    2016-12-08 07:00:28, Info                  CSI    000032f4 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:29, Info                  CSI    0000335b [SR] Verify complete
    2016-12-08 07:00:29, Info                  CSI    0000335c [SR] Verifying 100 components
    2016-12-08 07:00:29, Info                  CSI    0000335d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:30, Info                  CSI    000033d3 [SR] Verify complete
    2016-12-08 07:00:30, Info                  CSI    000033d4 [SR] Verifying 100 components
    2016-12-08 07:00:30, Info                  CSI    000033d5 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:31, Info                  CSI    0000343b [SR] Verify complete
    2016-12-08 07:00:32, Info                  CSI    0000343c [SR] Verifying 100 components
    2016-12-08 07:00:32, Info                  CSI    0000343d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:33, Info                  CSI    000034a4 [SR] Verify complete
    2016-12-08 07:00:33, Info                  CSI    000034a5 [SR] Verifying 100 components
    2016-12-08 07:00:33, Info                  CSI    000034a6 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:35, Info                  CSI    0000350b [SR] Verify complete
    2016-12-08 07:00:35, Info                  CSI    0000350c [SR] Verifying 100 components
    2016-12-08 07:00:35, Info                  CSI    0000350d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:37, Info                  CSI    00003580 [SR] Verify complete
    2016-12-08 07:00:37, Info                  CSI    00003581 [SR] Verifying 100 components
    2016-12-08 07:00:37, Info                  CSI    00003582 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:39, Info                  CSI    00003668 [SR] Verify complete
    2016-12-08 07:00:39, Info                  CSI    00003669 [SR] Verifying 100 components
    2016-12-08 07:00:39, Info                  CSI    0000366a [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:40, Info                  CSI    000036d1 [SR] Verify complete
    2016-12-08 07:00:40, Info                  CSI    000036d2 [SR] Verifying 100 components
    2016-12-08 07:00:40, Info                  CSI    000036d3 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:42, Info                  CSI    0000374b [SR] Verify complete
    2016-12-08 07:00:42, Info                  CSI    0000374c [SR] Verifying 100 components
    2016-12-08 07:00:42, Info                  CSI    0000374d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:43, Info                  CSI    000037b2 [SR] Verify complete
    2016-12-08 07:00:43, Info                  CSI    000037b3 [SR] Verifying 100 components
    2016-12-08 07:00:43, Info                  CSI    000037b4 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:44, Info                  CSI    00003819 [SR] Verify complete
    2016-12-08 07:00:44, Info                  CSI    0000381a [SR] Verifying 100 components
    2016-12-08 07:00:44, Info                  CSI    0000381b [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:46, Info                  CSI    00003881 [SR] Verify complete
    2016-12-08 07:00:46, Info                  CSI    00003882 [SR] Verifying 100 components
    2016-12-08 07:00:46, Info                  CSI    00003883 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:47, Info                  CSI    000038e8 [SR] Verify complete
    2016-12-08 07:00:47, Info                  CSI    000038e9 [SR] Verifying 100 components
    2016-12-08 07:00:47, Info                  CSI    000038ea [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:49, Info                  CSI    0000394f [SR] Verify complete
    2016-12-08 07:00:49, Info                  CSI    00003950 [SR] Verifying 100 components
    2016-12-08 07:00:49, Info                  CSI    00003951 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:50, Info                  CSI    000039b6 [SR] Verify complete
    2016-12-08 07:00:50, Info                  CSI    000039b7 [SR] Verifying 100 components
    2016-12-08 07:00:50, Info                  CSI    000039b8 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:51, Info                  CSI    00003a1e [SR] Verify complete
    2016-12-08 07:00:51, Info                  CSI    00003a1f [SR] Verifying 100 components
    2016-12-08 07:00:51, Info                  CSI    00003a20 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:52, Info                  CSI    00003a85 [SR] Verify complete
    2016-12-08 07:00:52, Info                  CSI    00003a86 [SR] Verifying 100 components
    2016-12-08 07:00:52, Info                  CSI    00003a87 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:53, Info                  CSI    00003aec [SR] Verify complete
    2016-12-08 07:00:53, Info                  CSI    00003aed [SR] Verifying 100 components
    2016-12-08 07:00:53, Info                  CSI    00003aee [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:55, Info                  CSI    00003b53 [SR] Verify complete
    2016-12-08 07:00:55, Info                  CSI    00003b54 [SR] Verifying 100 components
    2016-12-08 07:00:55, Info                  CSI    00003b55 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:56, Info                  CSI    00003bde [SR] Verify complete
    2016-12-08 07:00:56, Info                  CSI    00003bdf [SR] Verifying 100 components
    2016-12-08 07:00:56, Info                  CSI    00003be0 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:57, Info                  CSI    00003c45 [SR] Verify complete
    2016-12-08 07:00:57, Info                  CSI    00003c46 [SR] Verifying 100 components
    2016-12-08 07:00:57, Info                  CSI    00003c47 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:00:58, Info                  CSI    00003cae [SR] Verify complete
    2016-12-08 07:00:58, Info                  CSI    00003caf [SR] Verifying 100 components
    2016-12-08 07:00:58, Info                  CSI    00003cb0 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:00, Info                  CSI    00003d15 [SR] Verify complete
    2016-12-08 07:01:00, Info                  CSI    00003d16 [SR] Verifying 100 components
    2016-12-08 07:01:00, Info                  CSI    00003d17 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:01, Info                  CSI    00003d7c [SR] Verify complete
    2016-12-08 07:01:01, Info                  CSI    00003d7d [SR] Verifying 100 components
    2016-12-08 07:01:01, Info                  CSI    00003d7e [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:02, Info                  CSI    00003de4 [SR] Verify complete
    2016-12-08 07:01:03, Info                  CSI    00003de5 [SR] Verifying 100 components
    2016-12-08 07:01:03, Info                  CSI    00003de6 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:03, Info                  CSI    00003e4b [SR] Verify complete
    2016-12-08 07:01:03, Info                  CSI    00003e4c [SR] Verifying 100 components
    2016-12-08 07:01:03, Info                  CSI    00003e4d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:06, Info                  CSI    00003eb3 [SR] Verify complete
    2016-12-08 07:01:06, Info                  CSI    00003eb4 [SR] Verifying 100 components
    2016-12-08 07:01:06, Info                  CSI    00003eb5 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:07, Info                  CSI    00003f1c [SR] Verify complete
    2016-12-08 07:01:07, Info                  CSI    00003f1d [SR] Verifying 100 components
    2016-12-08 07:01:07, Info                  CSI    00003f1e [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:09, Info                  CSI    00003f87 [SR] Verify complete
    2016-12-08 07:01:09, Info                  CSI    00003f88 [SR] Verifying 100 components
    2016-12-08 07:01:09, Info                  CSI    00003f89 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:09, Info                  CSI    00003fee [SR] Verify complete
    2016-12-08 07:01:09, Info                  CSI    00003fef [SR] Verifying 100 components
    2016-12-08 07:01:09, Info                  CSI    00003ff0 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:10, Info                  CSI    00004056 [SR] Verify complete
    2016-12-08 07:01:11, Info                  CSI    00004057 [SR] Verifying 100 components
    2016-12-08 07:01:11, Info                  CSI    00004058 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:12, Info                  CSI    000040c6 [SR] Verify complete
    2016-12-08 07:01:12, Info                  CSI    000040c7 [SR] Verifying 100 components
    2016-12-08 07:01:12, Info                  CSI    000040c8 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:13, Info                  CSI    0000412f [SR] Verify complete
    2016-12-08 07:01:13, Info                  CSI    00004130 [SR] Verifying 100 components
    2016-12-08 07:01:13, Info                  CSI    00004131 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:14, Info                  CSI    00004196 [SR] Verify complete
    2016-12-08 07:01:14, Info                  CSI    00004197 [SR] Verifying 100 components
    2016-12-08 07:01:14, Info                  CSI    00004198 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:15, Info                  CSI    000041fd [SR] Verify complete
    2016-12-08 07:01:15, Info                  CSI    000041fe [SR] Verifying 100 components
    2016-12-08 07:01:15, Info                  CSI    000041ff [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:16, Info                  CSI    00004264 [SR] Verify complete
    2016-12-08 07:01:16, Info                  CSI    00004265 [SR] Verifying 100 components
    2016-12-08 07:01:16, Info                  CSI    00004266 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:17, Info                  CSI    000042cb [SR] Verify complete
    2016-12-08 07:01:17, Info                  CSI    000042cc [SR] Verifying 100 components
    2016-12-08 07:01:17, Info                  CSI    000042cd [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:19, Info                  CSI    0000433f [SR] Verify complete
    2016-12-08 07:01:19, Info                  CSI    00004340 [SR] Verifying 100 components
    2016-12-08 07:01:19, Info                  CSI    00004341 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:21, Info                  CSI    000043ad [SR] Verify complete
    2016-12-08 07:01:21, Info                  CSI    000043ae [SR] Verifying 100 components
    2016-12-08 07:01:21, Info                  CSI    000043af [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:22, Info                  CSI    0000441e [SR] Verify complete
    2016-12-08 07:01:22, Info                  CSI    0000441f [SR] Verifying 100 components
    2016-12-08 07:01:22, Info                  CSI    00004420 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:24, Info                  CSI    00004493 [SR] Verify complete
    2016-12-08 07:01:24, Info                  CSI    00004494 [SR] Verifying 100 components
    2016-12-08 07:01:24, Info                  CSI    00004495 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:25, Info                  CSI    000044fb [SR] Verify complete
    2016-12-08 07:01:25, Info                  CSI    000044fc [SR] Verifying 100 components
    2016-12-08 07:01:25, Info                  CSI    000044fd [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:27, Info                  CSI    00004576 [SR] Verify complete
    2016-12-08 07:01:27, Info                  CSI    00004577 [SR] Verifying 100 components
    2016-12-08 07:01:27, Info                  CSI    00004578 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:29, Info                  CSI    000045e1 [SR] Verify complete
    2016-12-08 07:01:29, Info                  CSI    000045e2 [SR] Verifying 100 components
    2016-12-08 07:01:29, Info                  CSI    000045e3 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:30, Info                  CSI    00004648 [SR] Verify complete
    2016-12-08 07:01:30, Info                  CSI    00004649 [SR] Verifying 100 components
    2016-12-08 07:01:30, Info                  CSI    0000464a [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:31, Info                  CSI    000046af [SR] Verify complete
    2016-12-08 07:01:31, Info                  CSI    000046b0 [SR] Verifying 100 components
    2016-12-08 07:01:31, Info                  CSI    000046b1 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:33, Info                  CSI    00004725 [SR] Verify complete
    2016-12-08 07:01:33, Info                  CSI    00004726 [SR] Verifying 100 components
    2016-12-08 07:01:33, Info                  CSI    00004727 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:36, Info                  CSI    000047a4 [SR] Verify complete
    2016-12-08 07:01:36, Info                  CSI    000047a5 [SR] Verifying 100 components
    2016-12-08 07:01:36, Info                  CSI    000047a6 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:39, Info                  CSI    00004824 [SR] Verify complete
    2016-12-08 07:01:39, Info                  CSI    00004825 [SR] Verifying 100 components
    2016-12-08 07:01:39, Info                  CSI    00004826 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:41, Info                  CSI    00004893 [SR] Verify complete
    2016-12-08 07:01:41, Info                  CSI    00004894 [SR] Verifying 100 components
    2016-12-08 07:01:41, Info                  CSI    00004895 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:42, Info                  CSI    00004912 [SR] Verify complete
    2016-12-08 07:01:42, Info                  CSI    00004913 [SR] Verifying 100 components
    2016-12-08 07:01:42, Info                  CSI    00004914 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:44, Info                  CSI    00004986 [SR] Verify complete
    2016-12-08 07:01:44, Info                  CSI    00004987 [SR] Verifying 100 components
    2016-12-08 07:01:44, Info                  CSI    00004988 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:45, Info                  CSI    000049f9 [SR] Verify complete
    2016-12-08 07:01:45, Info                  CSI    000049fa [SR] Verifying 100 components
    2016-12-08 07:01:45, Info                  CSI    000049fb [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:46, Info                  CSI    00004a66 [SR] Verify complete
    2016-12-08 07:01:46, Info                  CSI    00004a67 [SR] Verifying 100 components
    2016-12-08 07:01:46, Info                  CSI    00004a68 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:48, Info                  CSI    00004adc [SR] Verify complete
    2016-12-08 07:01:48, Info                  CSI    00004add [SR] Verifying 100 components
    2016-12-08 07:01:48, Info                  CSI    00004ade [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:50, Info                  CSI    00004b51 [SR] Verify complete
    2016-12-08 07:01:50, Info                  CSI    00004b52 [SR] Verifying 100 components
    2016-12-08 07:01:50, Info                  CSI    00004b53 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:52, Info                  CSI    00004bcb [SR] Verify complete
    2016-12-08 07:01:52, Info                  CSI    00004bcc [SR] Verifying 100 components
    2016-12-08 07:01:52, Info                  CSI    00004bcd [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:54, Info                  CSI    00004c3d [SR] Verify complete
    2016-12-08 07:01:54, Info                  CSI    00004c3e [SR] Verifying 100 components
    2016-12-08 07:01:54, Info                  CSI    00004c3f [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:55, Info                  CSI    00004ca6 [SR] Verify complete
    2016-12-08 07:01:55, Info                  CSI    00004ca7 [SR] Verifying 100 components
    2016-12-08 07:01:55, Info                  CSI    00004ca8 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:58, Info                  CSI    00004de1 [SR] Verify complete
    2016-12-08 07:01:58, Info                  CSI    00004de2 [SR] Verifying 100 components
    2016-12-08 07:01:58, Info                  CSI    00004de3 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:01:59, Info                  CSI    00004e49 [SR] Verify complete
    2016-12-08 07:01:59, Info                  CSI    00004e4a [SR] Verifying 100 components
    2016-12-08 07:01:59, Info                  CSI    00004e4b [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:00, Info                  CSI    00004eb1 [SR] Verify complete
    2016-12-08 07:02:00, Info                  CSI    00004eb2 [SR] Verifying 100 components
    2016-12-08 07:02:00, Info                  CSI    00004eb3 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:02, Info                  CSI    00004f1a [SR] Verify complete
    2016-12-08 07:02:02, Info                  CSI    00004f1b [SR] Verifying 100 components
    2016-12-08 07:02:02, Info                  CSI    00004f1c [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:05, Info                  CSI    00004f99 [SR] Verify complete
    2016-12-08 07:02:05, Info                  CSI    00004f9a [SR] Verifying 100 components
    2016-12-08 07:02:05, Info                  CSI    00004f9b [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:07, Info                  CSI    00005025 [SR] Verify complete
    2016-12-08 07:02:07, Info                  CSI    00005026 [SR] Verifying 100 components
    2016-12-08 07:02:07, Info                  CSI    00005027 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:09, Info                  CSI    00005093 [SR] Verify complete
    2016-12-08 07:02:09, Info                  CSI    00005094 [SR] Verifying 100 components
    2016-12-08 07:02:09, Info                  CSI    00005095 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:10, Info                  CSI    000050fa [SR] Verify complete
    2016-12-08 07:02:10, Info                  CSI    000050fb [SR] Verifying 100 components
    2016-12-08 07:02:10, Info                  CSI    000050fc [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:12, Info                  CSI    00005186 [SR] Verify complete
    2016-12-08 07:02:12, Info                  CSI    00005187 [SR] Verifying 100 components
    2016-12-08 07:02:12, Info                  CSI    00005188 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:14, Info                  CSI    000051f9 [SR] Verify complete
    2016-12-08 07:02:14, Info                  CSI    000051fa [SR] Verifying 100 components
    2016-12-08 07:02:14, Info                  CSI    000051fb [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:16, Info                  CSI    00005270 [SR] Verify complete
    2016-12-08 07:02:16, Info                  CSI    00005271 [SR] Verifying 100 components
    2016-12-08 07:02:16, Info                  CSI    00005272 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:18, Info                  CSI    000052e0 [SR] Verify complete
    2016-12-08 07:02:18, Info                  CSI    000052e1 [SR] Verifying 100 components
    2016-12-08 07:02:18, Info                  CSI    000052e2 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:19, Info                  CSI    00005348 [SR] Verify complete
    2016-12-08 07:02:19, Info                  CSI    00005349 [SR] Verifying 100 components
    2016-12-08 07:02:19, Info                  CSI    0000534a [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:21, Info                  CSI    000053b3 [SR] Verify complete
    2016-12-08 07:02:21, Info                  CSI    000053b4 [SR] Verifying 100 components
    2016-12-08 07:02:21, Info                  CSI    000053b5 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:22, Info                  CSI    0000541b [SR] Verify complete
    2016-12-08 07:02:22, Info                  CSI    0000541c [SR] Verifying 100 components
    2016-12-08 07:02:22, Info                  CSI    0000541d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:23, Info                  CSI    000054ac [SR] Verify complete
    2016-12-08 07:02:23, Info                  CSI    000054ad [SR] Verifying 100 components
    2016-12-08 07:02:23, Info                  CSI    000054ae [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:24, Info                  CSI    00005515 [SR] Verify complete
    2016-12-08 07:02:24, Info                  CSI    00005516 [SR] Verifying 100 components
    2016-12-08 07:02:24, Info                  CSI    00005517 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:25, Info                  CSI    0000557f [SR] Verify complete
    2016-12-08 07:02:25, Info                  CSI    00005580 [SR] Verifying 100 components
    2016-12-08 07:02:25, Info                  CSI    00005581 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:26, Info                  CSI    000055e8 [SR] Verify complete
    2016-12-08 07:02:26, Info                  CSI    000055e9 [SR] Verifying 100 components
    2016-12-08 07:02:26, Info                  CSI    000055ea [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:28, Info                  CSI    00005655 [SR] Verify complete
    2016-12-08 07:02:28, Info                  CSI    00005656 [SR] Verifying 100 components
    2016-12-08 07:02:28, Info                  CSI    00005657 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:29, Info                  CSI    000056c1 [SR] Verify complete
    2016-12-08 07:02:29, Info                  CSI    000056c2 [SR] Verifying 100 components
    2016-12-08 07:02:29, Info                  CSI    000056c3 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:30, Info                  CSI    00005729 [SR] Verify complete
    2016-12-08 07:02:30, Info                  CSI    0000572a [SR] Verifying 100 components
    2016-12-08 07:02:30, Info                  CSI    0000572b [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:31, Info                  CSI    00005792 [SR] Verify complete
    2016-12-08 07:02:31, Info                  CSI    00005793 [SR] Verifying 100 components
    2016-12-08 07:02:31, Info                  CSI    00005794 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:32, Info                  CSI    00005802 [SR] Verify complete
    2016-12-08 07:02:32, Info                  CSI    00005803 [SR] Verifying 100 components
    2016-12-08 07:02:32, Info                  CSI    00005804 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:34, Info                  CSI    0000586c [SR] Verify complete
    2016-12-08 07:02:34, Info                  CSI    0000586d [SR] Verifying 100 components
    2016-12-08 07:02:34, Info                  CSI    0000586e [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:35, Info                  CSI    000058d3 [SR] Verify complete
    2016-12-08 07:02:35, Info                  CSI    000058d4 [SR] Verifying 100 components
    2016-12-08 07:02:35, Info                  CSI    000058d5 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:36, Info                  CSI    0000593b [SR] Verify complete
    2016-12-08 07:02:36, Info                  CSI    0000593c [SR] Verifying 100 components
    2016-12-08 07:02:36, Info                  CSI    0000593d [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:38, Info                  CSI    000059a2 [SR] Verify complete
    2016-12-08 07:02:38, Info                  CSI    000059a3 [SR] Verifying 100 components
    2016-12-08 07:02:38, Info                  CSI    000059a4 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:39, Info                  CSI    00005a09 [SR] Verify complete
    2016-12-08 07:02:39, Info                  CSI    00005a0a [SR] Verifying 100 components
    2016-12-08 07:02:39, Info                  CSI    00005a0b [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:40, Info                  CSI    00005a71 [SR] Verify complete
    2016-12-08 07:02:40, Info                  CSI    00005a72 [SR] Verifying 100 components
    2016-12-08 07:02:40, Info                  CSI    00005a73 [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:42, Info                  CSI    00005ad8 [SR] Verify complete
    2016-12-08 07:02:42, Info                  CSI    00005ad9 [SR] Verifying 97 components
    2016-12-08 07:02:42, Info                  CSI    00005ada [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:43, Info                  CSI    00005b3c [SR] Verify complete
    2016-12-08 07:02:43, Info                  CSI    00005b3d [SR] Repairing 0 components
    2016-12-08 07:02:43, Info                  CSI    00005b3e [SR] Beginning Verify and Repair transaction
    2016-12-08 07:02:43, Info                  CSI    00005b3f [SR] Repair complete
     
     
     
    Vino's Event Viewer v01c run on Windows 7 in English
    Report run at 08/12/2016 7:07:33 AM
     
    Note: All dates below are in the format dd/mm/yyyy
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Critical Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 26/11/2016 12:16:38 AM
    Type: Critical Category: 63
    Event: 41 Source: Microsoft-Windows-Kernel-Power
    The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
     
    Log: 'System' Date/Time: 18/11/2016 5:52:51 AM
    Type: Critical Category: 63
    Event: 41 Source: Microsoft-Windows-Kernel-Power
    The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
     
    Log: 'System' Date/Time: 02/11/2016 7:53:26 AM
    Type: Critical Category: 63
    Event: 41 Source: Microsoft-Windows-Kernel-Power
    The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
     
    Log: 'System' Date/Time: 27/10/2016 9:34:17 PM
    Type: Critical Category: 63
    Event: 41 Source: Microsoft-Windows-Kernel-Power
    The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 08/12/2016 2:56:19 PM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 5 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 1 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 6 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 4 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 0 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.
     
    Log: 'System' Date/Time: 08/12/2016 2:55:42 PM
    Type: Error Category: 0
    Event: 10010 Source: Microsoft-Windows-DistributedCOM
    The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
     
    Log: 'System' Date/Time: 08/12/2016 2:55:42 PM
    Type: Error Category: 0
    Event: 10010 Source: Microsoft-Windows-DistributedCOM
    The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
     
    Log: 'System' Date/Time: 08/12/2016 2:55:42 PM
    Type: Error Category: 0
    Event: 10010 Source: Microsoft-Windows-DistributedCOM
    The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
     
    Log: 'System' Date/Time: 08/12/2016 2:55:42 PM
    Type: Error Category: 0
    Event: 10010 Source: Microsoft-Windows-DistributedCOM
    The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
     
    Log: 'System' Date/Time: 08/12/2016 2:55:13 PM
    Type: Error Category: 0
    Event: 7034 Source: Service Control Manager
    The CSR OBEX Service service terminated unexpectedly.  It has done this 1 time(s).
     
    Log: 'System' Date/Time: 08/12/2016 2:53:46 PM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 08/12/2016 2:53:46 PM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 08/12/2016 2:53:46 PM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 08/12/2016 2:53:46 PM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 08/12/2016 4:08:05 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user Mastachie\Arc SID (S-1-5-21-1267418245-3742697258-4214093646-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
     
    Log: 'System' Date/Time: 08/12/2016 4:08:05 AM
    Type: Error Category: 0
    Event: 10016 Source: Microsoft-Windows-DistributedCOM
    The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user Mastachie\Arc SID (S-1-5-21-1267418245-3742697258-4214093646-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - Warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Log: 'System' Date/Time: 07/12/2016 8:02:51 AM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name pwd.doh.gov.ph timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 06/12/2016 4:00:31 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name us.patch.battle.net timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 06/12/2016 4:00:29 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name wpad timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 06/12/2016 4:00:26 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name client-download.steampowered.com timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 06/12/2016 4:00:14 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name blzddist2-a.akamaihd.net timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 06/12/2016 4:00:05 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name blzddist1-a.akamaihd.net timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 29/11/2016 4:00:30 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name _ldap._tcp.dc._msdcs.WORKGROUP timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 29/11/2016 4:00:28 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name _ldap._tcp.dc._msdcs.WORKGROUP timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 29/11/2016 4:00:25 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name wpad timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 29/11/2016 4:00:24 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name wpad timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 24/11/2016 6:28:53 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.
     
    Log: 'System' Date/Time: 24/11/2016 6:28:53 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.
     
    Log: 'System' Date/Time: 24/11/2016 6:28:51 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.
     
    Log: 'System' Date/Time: 24/11/2016 6:28:51 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.
     
    Log: 'System' Date/Time: 24/11/2016 6:28:51 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.
     
    Log: 'System' Date/Time: 24/11/2016 6:28:51 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.
     
    Log: 'System' Date/Time: 24/11/2016 6:28:51 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.
     
    Log: 'System' Date/Time: 22/11/2016 4:00:43 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name _ldap._tcp.dc._msdcs.WORKGROUP timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 22/11/2016 4:00:32 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name _ldap._tcp.dc._msdcs.WORKGROUP timed out after none of the configured DNS servers responded.
     
    Log: 'System' Date/Time: 22/11/2016 4:57:07 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.




    I am amazed with the last scan, correct me if i am wrong, were those errors caused by bluescreens? 

    I remember when i first setup my computer i had the power settings to power saver and it would cause my desktop to reboot,


    In terms of the bios update i will look into that, I have ran the MSI update utility to check for further driver updates on my pc and it claims i have the latest bios (ran under msi liveupdate 6) 

     

    • 0

    #7
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    Delays are no problems.  I don't keep track.

     

    The shutdown errors are not blue screens.  Usually you get these errors when you lose AC power, or the power supply stops but these could be related to the firmware problem.  

     

    Something wrong in the BIOS indicated by these errors:

     

    Log: 'System' Date/Time: 08/12/2016 2:56:05 PM
    Type: Error Category: 2
    Event: 35 Source: Microsoft-Windows-Kernel-Processor-Power
    Performance power management features on processor 7 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

     

     

    Probably why power saver didn't work right.  Might just be a BIOS setting wrong.  Perhaps if you set  the BIOS to the default values?  Also check for a chipset upgrade as that software interfaces between the PC & Windows.
     
     
     
    Log: 'System' Date/Time: 29/11/2016 4:00:24 PM
    Type: Warning Category: 1014
    Event: 1014 Source: Microsoft-Windows-DNS-Client
    Name resolution for the name wpad timed out after none of the configured DNS servers responded.

     

     

     
    This one is easy to fix:
     
    In IE,  Gear icon (Tools), Internet Options, Connections, LAN Settings, then uncheck all boxes and OK. Close IE and restart IE.
     
    Log: 'System' Date/Time: 22/11/2016 4:57:07 AM
    Type: Warning Category: 0
    Event: 4101 Source: Display
    Display driver nvlddmkm stopped responding and has successfully recovered.

     

     

    Might still be the BIOS problem or an old nvidia driver.  

     
     
    Get the free version of Speccy:
     
    http://www.filehippo...download_speccy (Look in the upper right for the Download
    Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
    Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
    File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
    (It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
     
    Uninstall Speccy when done.

    • 0

    #8
    archiep

    archiep

      Member

    • Topic Starter
    • Member
    • PipPip
    • 53 posts

    Okay for the NVIDIA Drivers, GeForce Experience has me updated to the latest driver, 

    And in terms of the Nvlddmkm Error i rember doing this fix a while back, i changed the power settings and pci link state to off as stated on the instructions. 
     

    For the IE fix , i was not able to locate IE, the browser shows up as EDGE, and i dont even use that for i only Use Chrome as by web browser. 

    Attached with this reply is the speccy txt file and i deleted the serial as requested.

    Attached Files


    Edited by archiep, 08 December 2016 - 07:03 PM.

    • 0

    #9
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    If you search for

     

    control panel

     

    and hit Enter it should open to the Control Panel.

     

    You should have one called Internet Options.

     

    Click on it and then on Connections, Lan Settings, Uncheck everything OK.

     

    It looks like you have a fairly new BIOS (2/16) but you can check with AMI and see if they have something newer:

     

    https://ami.com/supp...rmware-support/

     

    Then click on the wrench in a red box icon above where it says: Firmware Update Tool

     

    You have an Intel chipset so you can ask intel if you have the latest:

     

    https://downloadcenter.intel.com/


    • 0

    #10
    archiep

    archiep

      Member

    • Topic Starter
    • Member
    • PipPip
    • 53 posts

    Okay i installed the intel software and it did not find any software that needs to be updated. 

    I downloaded the ami firmware id tool and it did not work, i did this because I dont know which update tool to download 

    Firmware Update Tool for Aptio V

    Firmware Update Tool for Aptio 4

    Firmware Update Tool for AMIBIOS 8

     

    It was between those 3 so i do not wanna mess with the bios like i said earlier,

     

    As for the internet options they are already unchecked 


    Edited by archiep, 09 December 2016 - 10:09 AM.

    • 0

    Advertisements


    #11
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    What is your PC's make & model number? 


    • 0

    #12
    archiep

    archiep

      Member

    • Topic Starter
    • Member
    • PipPip
    • 53 posts

    The pc is built from scratch, 
    Im just gonna cut and past speccy's scan 

     

    Summary
    Operating System
    Windows 10 Pro 64-bit
    CPU
    Intel Core i7 4790K @ 4.00GHz 44 °C
    Haswell 22nm Technology
    RAM
    16.0GB Dual-Channel DDR3 @ 800MHz (9-9-9-24)
    Motherboard
    MSI Z97 GAMING 5 (MS-7917) (SOCKET 0) 34 °C
    Graphics
    VG248 (1920x1080@144Hz)
    ASUS VN248 (1920x1080@60Hz)
    4095MB NVIDIA GeForce GTX 970 (EVGA)

    • 0

    #13
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    I  looked on the MSI support website.  It doesn't look like your CPU is supposrted.

     

    https://us.msi.com/M...tml#support-cpu

     

    It has the i7 Haswell but the fastest I see is 3.5 and you have a 4 per Speccy.

     

    Do you know your part number?


    • 0

    #14
    archiep

    archiep

      Member

    • Topic Starter
    • Member
    • PipPip
    • 53 posts

    well the software that the motherboard uses for updates is the MSI Live update 6 

    Under that software it lists my motherboard as Z97 Gaming 5 ( ms-7917) 

    and the bios version atm is 1.D0 

     

     

     

     After looking through the site thats the latest version for the board as it states. 

     

     

    https://us.msi.com/M....html#down-bios


    Edited by archiep, 12 December 2016 - 02:04 AM.

    • 0

    #15
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    Yes you have the latest version but it doesn't look from the compatibility list that it knows about your exact version of the CPU.  Yours appears faster than the fastest one on the list so it may not be supported yet and that may be why you are having the errors pointing to firmware.  That's why I asked what part number your CPU was.


    • 0






    Similar Topics


    Also tagged with one or more of these keywords: clickbait, trojan, help

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP