Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I need help my system is bogged down.


  • Please log in to reply

#1
mythica

mythica

    Member

  • Member
  • PipPip
  • 11 posts

My daughter downloaded a music program and I am pretty sure it came with something. because right after that I started having internet explorer windows constantly being opened in the background. with names like what are the stars doing now. Like you find on Facebook. But they were not opening where I could see them. It was almost like I was the server for them to be opened. I only happened upon it because as I gamer I notice when my computer is bogged down. I did the normal malware sweep and the virus scan. but it still seems that I am bogged down. programs take a few seconds to respond my start bar will take several seconds to respond. I need to have a quick response time. What else is there that I could do besides debugging my system and starting over.

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Stefinee (02-12-2017 12:24:58)
Running from C:\Users\mythi\Desktop
Windows 10 Home Version 1709 16299.64 (X64) (2017-11-06 10:14:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1111491060-269441850-655590923-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1111491060-269441850-655590923-503 - Limited - Disabled)
Guest (S-1-5-21-1111491060-269441850-655590923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1111491060-269441850-655590923-1004 - Limited - Enabled)
Stefinee (S-1-5-21-1111491060-269441850-655590923-1001 - Administrator - Enabled) => C:\Users\mythi
WDAGUtilityAccount (S-1-5-21-1111491060-269441850-655590923-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AEGIS II - Boost Launcher (HKLM-x32\...\{4829AFF2-F50E-44F6-8BC5-C985F2C24CE1}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
AEGIS II - GameALive (HKLM-x32\...\{9A689EB4-C4FA-49C1-80A5-EC49A7F43046}) (Version: 3.00.21 - ASUSTeK Computer Inc.)
AEGIS II - Lighting (HKLM-x32\...\{E7691292-4F73-4EC6-A3F8-126BFDC987F5}) (Version: 3.00.19 - ASUSTeK Computer Inc.)
AEGIS II - System Usage (HKLM-x32\...\{E8D6582C-D43C-452A-9F75-1D8C6BC0AA12}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
AEGIS II - Threshold Setting (HKLM-x32\...\{6C5979A6-97A8-4D0C-8A3F-4F49D2A13055}) (Version: 3.00.07 - ASUSTeK Computer Inc.)
AEGIS II (HKLM-x32\...\{A9FDB6CC-F2D6-4903-87BC-1537931F11B0}) (Version: 2.01.04 - ASUSTeK Computer Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
ASUS App Box (HKLM-x32\...\{F0CE6060-50B1-401E-8357-B6E24DB98D21}) (Version: 1.01.09 - ASUSTeK Computer Inc.)
ASUS Command - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.17 - ASUSTeK Computer Inc.)
ASUS Command - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.01.13 - ASUSTeK Computer Inc.)
ASUS Command - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.17 - ASUSTeK Computer Inc.)
ASUS Command - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.18 - ASUSTeK Computer Inc.)
ASUS Command - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.09 - ASUSTeK Computer Inc.)
ASUS Command - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.05.05 - ASUSTeK Computer Inc.)
ASUS Command (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.11.01 - ASUSTeK Computer Inc.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.1 - ASUSTek Computer Inc.)
Discord (HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.63 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Update 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.879.110515 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0282 - REALTEK Semiconductor Corp.)
RoboForm 8-4-3-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-4-3-4 - Siber Systems)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tukui Client (HKLM-x32\...\{BAD6EBBD-A6A9-41C9-898A-8C868A552E4C}) (Version: 2.4.6 - Tukui)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-10-21] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E22AE70-0B76-46E0-9D41-476D6EE5DFA5} - System32\Tasks\ASUS\AEGIS II System Level Up Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsSysLevelUpSrc.exe [2015-02-12] (ASUSTeK Computer Inc.)
Task: {0F31FF08-92B3-4C5B-AB76-F6E10557A5E2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3C129648-9067-47AF-A59E-197C3986D16E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {3CB4DC9E-C29F-4875-9895-8177665B1FEB} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2016-07-15] ()
Task: {3EF621F7-329C-4476-B6D9-8E6BA9C2B82C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {3FAB1B7D-BFE6-4C7F-A801-D1F62A4577E2} - System32\Tasks\ASUS\AEGIS_II Lighting AudioDetect Execute => C:\Program Files (x86)\ASUS\AEGIS II\Lighting\AudioDetect.exe [2015-08-11] ()
Task: {4F2FE484-A48E-414D-829E-EA07F94A1882} - System32\Tasks\ASUS\ASUS OCULUS WIZARD HELPER => C:\PROGRAM FILES (X86)\ASUS\ASUS OCULUS WIZARD\ASOCULUSCHECK.EXE [2016-03-01] (ASUSTeK COMPUTER INC.)
Task: {52D461E4-2476-45AB-B862-6E2B9DA7F9E4} - System32\Tasks\ASUS\AEGIS II Alert Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AlertService.exe [2015-02-12] (ASUSTeK Computer Inc.)
Task: {59ADE45C-EC3F-4424-957C-E60E978602C5} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-25] (ASUSTek Computer Inc.)
Task: {64162CF2-1AE7-40AF-BADE-6774A22FA4DF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-11-29] (AVAST Software)
Task: {64245644-58D0-4C88-A5C7-CE07A498BC73} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {72DE78E2-236B-420D-B8A0-137C9B04F712} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2016-07-15] ()
Task: {800CCE1E-2A01-42D7-9EED-674A8C5FEC78} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {907BC804-746A-419F-939E-D13DC3AAF609} - System32\Tasks\ASUS\AEGIS II Toast Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsToastHelper.exe [2015-02-12] (ASUSTeK Computer Inc.)
Task: {90F5A945-66FA-4675-95FB-57774474A4B0} - System32\Tasks\ASUS\AEGIS_II Lighting CD_Rom Execute => C:\Program Files (x86)\ASUS\AEGIS II\Lighting\CheckCD_RomLighting.exe [2015-09-24] ()
Task: {92FD871A-37A6-4271-A97D-AF59487E5A1B} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2015-11-30] ()
Task: {A4CDA3F0-0C9A-4C2E-92A9-78619FDE993D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {AD219124-9CC6-4FC8-8670-1E6E973302ED} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2015-02-02] ()
Task: {B0DCB82C-05D4-4464-AE1C-3ADB14A17063} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {B191E982-7A14-4D6E-B15A-1FCABCCF9201} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-10-25] (Siber Systems)
Task: {B1ADF9A7-F90F-4E33-8ECC-9EB18AA09280} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {B20A1380-D109-408F-95E8-34B39E2B6C14} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-26] (AVAST Software)
Task: {B9C173A7-27FE-46D2-BD25-47B17EF83F63} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BAFA7367-F16F-4723-AE30-4ED02EFAF167} - System32\Tasks\ASUS\AEGIS II Matrix => C:\Program Files (x86)\ASUS\AEGIS II\LaunchAtStartupHelper.exe [2015-03-13] ()
Task: {C4E6B127-8A29-40F6-BC98-BBB27F270E55} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMHMJMMMKJHMMMKMMMCNNJLMMJLJCNLMOMIMNMCNNJJJMMHMCNPMLJJJGMIMKMOMOJOJJJNJOMJNJICMHMCNLMCNMMFMOMOMCNJMIMLMCNOMKMPMJMMMFMPMCNPMCNOMKMPMJMMMCNNMJNPICMOMFMEKMICNJJCKFMNMMMPMJNHICMEKMICNJJCKJNBJCMCJGILIHJGJJNKJCMJNNICMJNDJCMKJBJJNM (the data entry has 48 more characters).
Task: {C70A8A83-5E38-4D45-885C-6A4C6D2BC86D} - System32\Tasks\ASUS\AEGIS II - Boost Launcher => C:\Program Files (x86)\ASUS\AEGIS II\Boost Launcher\BLMonitor.exe [2015-04-20] ()
Task: {D07546F9-1C02-45B0-A31E-5599074181DE} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
Task: {D1592A33-EC25-4601-8AD2-6266A7E2EA26} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2015-07-07] (ASUSTeK)
Task: {D15DD130-5A53-4C72-9654-FD8ECE30FC70} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {DDE6980B-25DA-43EE-BDE7-61F853222549} - System32\Tasks\ASUS\AEGIS II SysInfo Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_SysMode.exe [2015-04-22] (ASUSTeK Computer Inc.)
Task: {FF24A9FA-D4B7-4E0A-8C8A-9D0CD5FED928} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-02] (ASUSTek Computer Inc.) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 06:41 - 2017-09-29 06:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-13 12:56 - 2017-01-13 12:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-19 10:11 - 2015-05-19 10:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
2017-04-20 09:52 - 2017-05-03 13:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-17 22:58 - 2015-07-20 20:19 - 000121560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
2017-07-04 17:22 - 2005-04-21 21:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-11-26 13:51 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-26 13:51 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-05-13 00:17 - 2016-10-21 23:04 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-17 23:01 - 2013-08-28 08:24 - 000920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-10-17 23:02 - 2014-08-27 15:48 - 000907776 _____ () C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll
2016-06-02 02:26 - 2015-04-20 18:06 - 000860160 _____ () C:\Windows\BoostLauncherMenu\x64\ContextMenuHandler.dll
2016-06-02 02:27 - 2015-09-24 17:12 - 000021456 _____ () C:\Program Files (x86)\ASUS\AEGIS II\Lighting\CheckCD_RomLighting.exe
2016-10-17 23:02 - 2015-11-30 16:22 - 000924672 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2016-06-02 02:26 - 2015-04-20 17:55 - 001011712 _____ () C:\Program Files (x86)\ASUS\AEGIS II\Boost Launcher\BLMonitor.exe
2017-09-29 06:42 - 2017-09-29 07:43 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 06:42 - 2017-09-29 07:43 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 02:32 - 2017-11-30 02:32 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-10-17 23:01 - 2017-12-02 12:07 - 000018216 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2016-10-17 23:01 - 2010-06-28 19:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-08-07 02:09 - 2015-08-07 02:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-04-20 09:52 - 2017-05-03 13:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-02 02:26 - 2014-09-29 17:57 - 000011264 _____ () C:\Program Files (x86)\ASUS\AEGIS II\SysTranslations\AsMultiLang.dll
2016-06-02 02:26 - 2014-10-16 15:05 - 000053248 _____ () C:\Program Files (x86)\ASUS\AEGIS II\cpuutil.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-08 21:17 - 2017-08-08 14:13 - 001893880 _____ () C:\Users\mythi\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
2017-08-08 21:17 - 2017-08-08 21:17 - 001577976 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
2017-04-20 09:52 - 2017-03-27 20:29 - 065708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-08-08 21:17 - 2017-08-08 14:13 - 001938424 _____ () C:\Users\mythi\AppData\Local\Discord\app-0.0.298\libglesv2.dll
2017-08-08 21:17 - 2017-08-08 14:13 - 000095736 _____ () C:\Users\mythi\AppData\Local\Discord\app-0.0.298\libegl.dll
2017-08-09 21:52 - 2017-09-09 12:25 - 000688416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-08-09 21:52 - 2017-10-30 20:22 - 002546976 _____ () C:\Program Files (x86)\Steam\video.dll
2017-08-09 21:52 - 2016-08-31 18:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-08-09 21:52 - 2016-08-31 18:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-08-09 21:52 - 2016-08-31 18:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-08-09 21:52 - 2017-10-30 20:22 - 000901408 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-08-09 21:52 - 2016-07-04 15:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-07-04 17:22 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-08-08 21:17 - 2017-10-06 07:44 - 009722360 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
2017-08-08 21:17 - 2017-11-22 16:58 - 001494520 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
2017-12-02 12:10 - 2017-12-02 12:10 - 000148992 _____ () \\?\C:\Users\mythi\AppData\Local\Temp\A87.tmp.node
2017-08-08 21:17 - 2017-08-08 21:17 - 002658296 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
2017-08-08 21:18 - 2017-11-27 15:24 - 002739192 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
2017-11-21 21:14 - 2017-11-21 21:14 - 001505272 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_game_utils\discord_game_utils.node
2017-08-09 21:55 - 2017-08-16 15:28 - 073130272 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-08-09 21:55 - 2017-09-06 19:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-08-09 21:52 - 2015-09-24 16:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\mythi\Desktop\Image (3).jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\mythi\Desktop\Image (3).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 00:24 - 2017-07-05 08:36 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1111491060-269441850-655590923-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mythi\Pictures\2016-04-25 Iphone\Iphone 011.JPG
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\StartupApproved\Run: => "Chromium"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87CE54AB-6FFC-4522-BCC4-90AF7EC67F8D}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [{248CB65E-3B10-47FB-AB3B-A2709EE58406}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [UDP Query User{8F469CCE-274D-4043-9D96-16F6846108A0}C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [TCP Query User{BAA99407-34C0-4584-BC50-7E8EF25E22AD}C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [{68DC161C-E5D8-4003-8A49-78C94BE8BDAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{8E7ACC7E-CE68-45F5-8538-8A0E9661AD0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{107FF5C7-6275-49E8-8E3A-D5AF6D7C664F}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{04F8C1CC-AF77-40CB-BAC3-1595092EE3FC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{111030C0-7915-4ECB-B9CF-CC81FA8DD4DF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6F4E0B50-2063-4DE8-A5CA-43488E273CC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{91600ADC-768B-4F1E-810F-352470F5D545}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8BB29FAF-1D9F-41D9-BFCC-3A21208635A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC35B1E4-3592-4C2E-A399-50CA8BA0BDD1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F92FFA9-2EE1-40A1-95F5-53D64C014843}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4BD71770-05D0-4A19-92B8-717BA97A6765}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EA05B296-95B0-4D30-8D1B-D846C9DE3349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{9F2ACDCE-41FE-407D-BF14-F2FA7D1232A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{B8B1D80B-2343-4462-94B3-D91A4D83DC1E}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{22242041-1211-41A8-A286-2A1E1BDF2200}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{29E5790F-90ED-4087-B1A9-2E4F1FCD20F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4C795FED-67A1-4D81-B932-91BA0BD20180}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1C534F1B-F2AB-408B-9841-697BF2D2C5E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A26A381A-53D3-4E5A-8652-B2E101CFCF64}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{51CB24ED-F0A1-4237-B002-247ED58890BC}] => (Allow) C:\Program Files (x86)\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D860F677-DAB8-44A0-B55D-C8CEAD5C76E7}] => (Allow) C:\Program Files (x86)\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{6419F083-DD22-4E56-83EA-680B4F4B6DD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9434A9B9-B199-495B-94A1-59BF705BBEDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E4F37860-BE50-42CC-9823-85831BB93EC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F1DA7491-5072-4CAC-866C-3F7FCA3B43B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABEB3599-DDCA-44B2-A499-E8A8800016D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{61C4D6F1-F75A-4FF5-889C-D3C512AB2925}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{82D167F6-932C-492F-979E-C35E0E216583}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{566831D4-13A4-4299-BCA0-2265811DEF80}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{981A1E3B-895A-4DF1-8F80-E9BD2D99E0A0}C:\users\mythi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ABCA0221-A857-438B-B2A6-A3CCE38F1886}C:\users\mythi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D711FC12-5A61-4862-88B1-AE731B7BC183}] => (Block) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AE4F70DE-D042-437D-BBCE-16A1491D00AC}] => (Block) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{59CA13F2-6650-4382-9BA9-7B701BE326FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B9DBCCC2-B31A-41DB-B3D3-8016113EA4B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{A48F97B7-CAEA-48BB-8212-E5BA1586C24B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{F7756149-AADF-434E-838C-716BC5CCB6C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{52BB917E-60EE-46F5-B770-D812E371B5E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe

==================== Restore Points =========================

26-11-2017 18:19:39 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/02/2017 12:23:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.7563, time stamp: 0x580af596
Faulting module name: KERNELBASE.dll, version: 10.0.16299.15, time stamp: 0x4736733c
Exception code: 0xc06d007f
Fault offset: 0x0000000000013fb8
Faulting process id: 0x342c
Faulting application start time: 0x01d36ba303ef52fc
Faulting application path: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 835abe62-8b40-4b8c-b583-72fd4ec48a65
Faulting package full name:
Faulting package-relative application ID:

Error: (12/02/2017 12:22:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.7563, time stamp: 0x580af596
Faulting module name: KERNELBASE.dll, version: 10.0.16299.15, time stamp: 0x4736733c
Exception code: 0xc06d007f
Fault offset: 0x0000000000013fb8
Faulting process id: 0x2668
Faulting application start time: 0x01d36ba2de82c352
Faulting application path: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ba5cbc18-acc4-4f1d-85ca-ba904ef20f00
Faulting package full name:
Faulting package-relative application ID:

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Stefinee.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 3.5.D.D.A.F.2.9.8.6.8.E.6.F.1.A.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 3.5.D.D.A.F.2.9.8.6.8.E.6.F.1.A.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 197.0.0.10.in-addr.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 197.0.0.10.in-addr.arpa. PTR Stefinee.local.


System errors:
=============
Error: (12/02/2017 12:04:40 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:10 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2017-12-02 12:23:59.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:23:59.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:23:47.526
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:23:47.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:10.620
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:10.613
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:09.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:09.401
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:12:08.154
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:12:08.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 46%
Total physical RAM: 8121.65 MB
Available physical RAM: 4370.42 MB
Total Virtual: 17337.65 MB
Available Virtual: 12543.89 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.91 GB) (Free:715.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 63D2EEB8)

Partition: GPT.

==================== End of Addition.txt ============================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-11-2017
Ran by Stefinee (02-12-2017 12:24:58)
Running from C:\Users\mythi\Desktop
Windows 10 Home Version 1709 16299.64 (X64) (2017-11-06 10:14:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1111491060-269441850-655590923-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1111491060-269441850-655590923-503 - Limited - Disabled)
Guest (S-1-5-21-1111491060-269441850-655590923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1111491060-269441850-655590923-1004 - Limited - Enabled)
Stefinee (S-1-5-21-1111491060-269441850-655590923-1001 - Administrator - Enabled) => C:\Users\mythi
WDAGUtilityAccount (S-1-5-21-1111491060-269441850-655590923-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
AEGIS II - Boost Launcher (HKLM-x32\...\{4829AFF2-F50E-44F6-8BC5-C985F2C24CE1}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
AEGIS II - GameALive (HKLM-x32\...\{9A689EB4-C4FA-49C1-80A5-EC49A7F43046}) (Version: 3.00.21 - ASUSTeK Computer Inc.)
AEGIS II - Lighting (HKLM-x32\...\{E7691292-4F73-4EC6-A3F8-126BFDC987F5}) (Version: 3.00.19 - ASUSTeK Computer Inc.)
AEGIS II - System Usage (HKLM-x32\...\{E8D6582C-D43C-452A-9F75-1D8C6BC0AA12}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
AEGIS II - Threshold Setting (HKLM-x32\...\{6C5979A6-97A8-4D0C-8A3F-4F49D2A13055}) (Version: 3.00.07 - ASUSTeK Computer Inc.)
AEGIS II (HKLM-x32\...\{A9FDB6CC-F2D6-4903-87BC-1537931F11B0}) (Version: 2.01.04 - ASUSTeK Computer Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
ASUS App Box (HKLM-x32\...\{F0CE6060-50B1-401E-8357-B6E24DB98D21}) (Version: 1.01.09 - ASUSTeK Computer Inc.)
ASUS Command - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.17 - ASUSTeK Computer Inc.)
ASUS Command - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.01.13 - ASUSTeK Computer Inc.)
ASUS Command - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.17 - ASUSTeK Computer Inc.)
ASUS Command - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.18 - ASUSTeK Computer Inc.)
ASUS Command - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.09 - ASUSTeK Computer Inc.)
ASUS Command - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.05.05 - ASUSTeK Computer Inc.)
ASUS Command (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.11.01 - ASUSTeK Computer Inc.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.95 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.1 - ASUSTek Computer Inc.)
Discord (HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.63 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.63 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Update 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.879.110515 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0282 - REALTEK Semiconductor Corp.)
RoboForm 8-4-3-4 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 8-4-3-4 - Siber Systems)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tukui Client (HKLM-x32\...\{BAD6EBBD-A6A9-41C9-898A-8C868A552E4C}) (Version: 2.4.6 - Tukui)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-10-21] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-26] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E22AE70-0B76-46E0-9D41-476D6EE5DFA5} - System32\Tasks\ASUS\AEGIS II System Level Up Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsSysLevelUpSrc.exe [2015-02-12] (ASUSTeK Computer Inc.)
Task: {0F31FF08-92B3-4C5B-AB76-F6E10557A5E2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3C129648-9067-47AF-A59E-197C3986D16E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {3CB4DC9E-C29F-4875-9895-8177665B1FEB} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2016-07-15] ()
Task: {3EF621F7-329C-4476-B6D9-8E6BA9C2B82C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {3FAB1B7D-BFE6-4C7F-A801-D1F62A4577E2} - System32\Tasks\ASUS\AEGIS_II Lighting AudioDetect Execute => C:\Program Files (x86)\ASUS\AEGIS II\Lighting\AudioDetect.exe [2015-08-11] ()
Task: {4F2FE484-A48E-414D-829E-EA07F94A1882} - System32\Tasks\ASUS\ASUS OCULUS WIZARD HELPER => C:\PROGRAM FILES (X86)\ASUS\ASUS OCULUS WIZARD\ASOCULUSCHECK.EXE [2016-03-01] (ASUSTeK COMPUTER INC.)
Task: {52D461E4-2476-45AB-B862-6E2B9DA7F9E4} - System32\Tasks\ASUS\AEGIS II Alert Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AlertService.exe [2015-02-12] (ASUSTeK Computer Inc.)
Task: {59ADE45C-EC3F-4424-957C-E60E978602C5} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-25] (ASUSTek Computer Inc.)
Task: {64162CF2-1AE7-40AF-BADE-6774A22FA4DF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-11-29] (AVAST Software)
Task: {64245644-58D0-4C88-A5C7-CE07A498BC73} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {72DE78E2-236B-420D-B8A0-137C9B04F712} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2016-07-15] ()
Task: {800CCE1E-2A01-42D7-9EED-674A8C5FEC78} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {907BC804-746A-419F-939E-D13DC3AAF609} - System32\Tasks\ASUS\AEGIS II Toast Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsToastHelper.exe [2015-02-12] (ASUSTeK Computer Inc.)
Task: {90F5A945-66FA-4675-95FB-57774474A4B0} - System32\Tasks\ASUS\AEGIS_II Lighting CD_Rom Execute => C:\Program Files (x86)\ASUS\AEGIS II\Lighting\CheckCD_RomLighting.exe [2015-09-24] ()
Task: {92FD871A-37A6-4271-A97D-AF59487E5A1B} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2015-11-30] ()
Task: {A4CDA3F0-0C9A-4C2E-92A9-78619FDE993D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {AD219124-9CC6-4FC8-8670-1E6E973302ED} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2015-02-02] ()
Task: {B0DCB82C-05D4-4464-AE1C-3ADB14A17063} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {B191E982-7A14-4D6E-B15A-1FCABCCF9201} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-10-25] (Siber Systems)
Task: {B1ADF9A7-F90F-4E33-8ECC-9EB18AA09280} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {B20A1380-D109-408F-95E8-34B39E2B6C14} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-26] (AVAST Software)
Task: {B9C173A7-27FE-46D2-BD25-47B17EF83F63} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BAFA7367-F16F-4723-AE30-4ED02EFAF167} - System32\Tasks\ASUS\AEGIS II Matrix => C:\Program Files (x86)\ASUS\AEGIS II\LaunchAtStartupHelper.exe [2015-03-13] ()
Task: {C4E6B127-8A29-40F6-BC98-BBB27F270E55} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMHMJMMMKJHMMMKMMMCNNJLMMJLJCNLMOMIMNMCNNJJJMMHMCNPMLJJJGMIMKMOMOJOJJJNJOMJNJICMHMCNLMCNMMFMOMOMCNJMIMLMCNOMKMPMJMMMFMPMCNPMCNOMKMPMJMMMCNNMJNPICMOMFMEKMICNJJCKFMNMMMPMJNHICMEKMICNJJCKJNBJCMCJGILIHJGJJNKJCMJNNICMJNDJCMKJBJJNM (the data entry has 48 more characters).
Task: {C70A8A83-5E38-4D45-885C-6A4C6D2BC86D} - System32\Tasks\ASUS\AEGIS II - Boost Launcher => C:\Program Files (x86)\ASUS\AEGIS II\Boost Launcher\BLMonitor.exe [2015-04-20] ()
Task: {D07546F9-1C02-45B0-A31E-5599074181DE} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
Task: {D1592A33-EC25-4601-8AD2-6266A7E2EA26} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [2015-07-07] (ASUSTeK)
Task: {D15DD130-5A53-4C72-9654-FD8ECE30FC70} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {DDE6980B-25DA-43EE-BDE7-61F853222549} - System32\Tasks\ASUS\AEGIS II SysInfo Helper => C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_SysMode.exe [2015-04-22] (ASUSTeK Computer Inc.)
Task: {FF24A9FA-D4B7-4E0A-8C8A-9D0CD5FED928} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [2013-04-02] (ASUSTek Computer Inc.) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 06:41 - 2017-09-29 06:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-01-13 12:56 - 2017-01-13 12:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-19 10:11 - 2015-05-19 10:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
2017-04-20 09:52 - 2017-05-03 13:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-17 22:58 - 2015-07-20 20:19 - 000121560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
2017-07-04 17:22 - 2005-04-21 21:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-11-26 13:51 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-26 13:51 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-05-13 00:17 - 2016-10-21 23:04 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-17 23:01 - 2013-08-28 08:24 - 000920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-10-17 23:02 - 2014-08-27 15:48 - 000907776 _____ () C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll
2016-06-02 02:26 - 2015-04-20 18:06 - 000860160 _____ () C:\Windows\BoostLauncherMenu\x64\ContextMenuHandler.dll
2016-06-02 02:27 - 2015-09-24 17:12 - 000021456 _____ () C:\Program Files (x86)\ASUS\AEGIS II\Lighting\CheckCD_RomLighting.exe
2016-10-17 23:02 - 2015-11-30 16:22 - 000924672 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2016-06-02 02:26 - 2015-04-20 17:55 - 001011712 _____ () C:\Program Files (x86)\ASUS\AEGIS II\Boost Launcher\BLMonitor.exe
2017-09-29 06:42 - 2017-09-29 07:43 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 06:42 - 2017-09-29 07:43 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 000087040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-30 02:32 - 2017-11-30 02:32 - 000202752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 025600000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 002546176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-30 02:32 - 2017-11-30 02:32 - 000672256 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-10-17 23:01 - 2017-12-02 12:07 - 000018216 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2016-10-17 23:01 - 2010-06-28 19:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-08-07 02:09 - 2015-08-07 02:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-04-20 09:52 - 2017-05-03 13:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-02 02:26 - 2014-09-29 17:57 - 000011264 _____ () C:\Program Files (x86)\ASUS\AEGIS II\SysTranslations\AsMultiLang.dll
2016-06-02 02:26 - 2014-10-16 15:05 - 000053248 _____ () C:\Program Files (x86)\ASUS\AEGIS II\cpuutil.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-26 13:51 - 2017-11-26 13:51 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-08 21:17 - 2017-08-08 14:13 - 001893880 _____ () C:\Users\mythi\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
2017-08-08 21:17 - 2017-08-08 21:17 - 001577976 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
2017-04-20 09:52 - 2017-03-27 20:29 - 065708992 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-08-08 21:17 - 2017-08-08 14:13 - 001938424 _____ () C:\Users\mythi\AppData\Local\Discord\app-0.0.298\libglesv2.dll
2017-08-08 21:17 - 2017-08-08 14:13 - 000095736 _____ () C:\Users\mythi\AppData\Local\Discord\app-0.0.298\libegl.dll
2017-08-09 21:52 - 2017-09-09 12:25 - 000688416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-08-09 21:52 - 2017-10-30 20:22 - 002546976 _____ () C:\Program Files (x86)\Steam\video.dll
2017-08-09 21:52 - 2016-08-31 18:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-08-09 21:52 - 2016-08-31 18:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-08-09 21:52 - 2016-01-27 00:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-08-09 21:52 - 2016-08-31 18:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-08-09 21:52 - 2017-10-30 20:22 - 000901408 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-08-09 21:52 - 2016-07-04 15:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-07-04 17:22 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-08-08 21:17 - 2017-10-06 07:44 - 009722360 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
2017-08-08 21:17 - 2017-11-22 16:58 - 001494520 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
2017-12-02 12:10 - 2017-12-02 12:10 - 000148992 _____ () \\?\C:\Users\mythi\AppData\Local\Temp\A87.tmp.node
2017-08-08 21:17 - 2017-08-08 21:17 - 002658296 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
2017-08-08 21:18 - 2017-11-27 15:24 - 002739192 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
2017-11-21 21:14 - 2017-11-21 21:14 - 001505272 _____ () \\?\C:\Users\mythi\AppData\Roaming\discord\0.0.298\modules\discord_game_utils\discord_game_utils.node
2017-08-09 21:55 - 2017-08-16 15:28 - 073130272 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-08-09 21:55 - 2017-09-06 19:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-08-09 21:52 - 2015-09-24 16:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\mythi\Desktop\Image (3).jpg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\mythi\Desktop\Image (3).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 00:24 - 2017-07-05 08:36 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1111491060-269441850-655590923-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mythi\Pictures\2016-04-25 Iphone\Iphone 011.JPG
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\StartupApproved\Run: => "Chromium"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{87CE54AB-6FFC-4522-BCC4-90AF7EC67F8D}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [{248CB65E-3B10-47FB-AB3B-A2709EE58406}] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [UDP Query User{8F469CCE-274D-4043-9D96-16F6846108A0}C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [TCP Query User{BAA99407-34C0-4584-BC50-7E8EF25E22AD}C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 test\h1z1.exe
FirewallRules: [{68DC161C-E5D8-4003-8A49-78C94BE8BDAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{8E7ACC7E-CE68-45F5-8538-8A0E9661AD0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{107FF5C7-6275-49E8-8E3A-D5AF6D7C664F}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{04F8C1CC-AF77-40CB-BAC3-1595092EE3FC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{111030C0-7915-4ECB-B9CF-CC81FA8DD4DF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6F4E0B50-2063-4DE8-A5CA-43488E273CC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{91600ADC-768B-4F1E-810F-352470F5D545}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8BB29FAF-1D9F-41D9-BFCC-3A21208635A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC35B1E4-3592-4C2E-A399-50CA8BA0BDD1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9F92FFA9-2EE1-40A1-95F5-53D64C014843}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4BD71770-05D0-4A19-92B8-717BA97A6765}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{EA05B296-95B0-4D30-8D1B-D846C9DE3349}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{9F2ACDCE-41FE-407D-BF14-F2FA7D1232A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{B8B1D80B-2343-4462-94B3-D91A4D83DC1E}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{22242041-1211-41A8-A286-2A1E1BDF2200}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{29E5790F-90ED-4087-B1A9-2E4F1FCD20F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4C795FED-67A1-4D81-B932-91BA0BD20180}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1C534F1B-F2AB-408B-9841-697BF2D2C5E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A26A381A-53D3-4E5A-8652-B2E101CFCF64}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{51CB24ED-F0A1-4237-B002-247ED58890BC}] => (Allow) C:\Program Files (x86)\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D860F677-DAB8-44A0-B55D-C8CEAD5C76E7}] => (Allow) C:\Program Files (x86)\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{6419F083-DD22-4E56-83EA-680B4F4B6DD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9434A9B9-B199-495B-94A1-59BF705BBEDC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E4F37860-BE50-42CC-9823-85831BB93EC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F1DA7491-5072-4CAC-866C-3F7FCA3B43B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABEB3599-DDCA-44B2-A499-E8A8800016D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{61C4D6F1-F75A-4FF5-889C-D3C512AB2925}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{82D167F6-932C-492F-979E-C35E0E216583}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{566831D4-13A4-4299-BCA0-2265811DEF80}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{981A1E3B-895A-4DF1-8F80-E9BD2D99E0A0}C:\users\mythi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ABCA0221-A857-438B-B2A6-A3CCE38F1886}C:\users\mythi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D711FC12-5A61-4862-88B1-AE731B7BC183}] => (Block) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AE4F70DE-D042-437D-BBCE-16A1491D00AC}] => (Block) C:\users\mythi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{59CA13F2-6650-4382-9BA9-7B701BE326FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B9DBCCC2-B31A-41DB-B3D3-8016113EA4B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{A48F97B7-CAEA-48BB-8212-E5BA1586C24B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox_BE.exe
FirewallRules: [{F7756149-AADF-434E-838C-716BC5CCB6C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe
FirewallRules: [{52BB917E-60EE-46F5-B770-D812E371B5E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Conan Exiles\ConanSandbox\Binaries\Win64\ConanSandbox.exe

==================== Restore Points =========================

26-11-2017 18:19:39 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/02/2017 12:23:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.7563, time stamp: 0x580af596
Faulting module name: KERNELBASE.dll, version: 10.0.16299.15, time stamp: 0x4736733c
Exception code: 0xc06d007f
Fault offset: 0x0000000000013fb8
Faulting process id: 0x342c
Faulting application start time: 0x01d36ba303ef52fc
Faulting application path: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 835abe62-8b40-4b8c-b583-72fd4ec48a65
Faulting package full name:
Faulting package-relative application ID:

Error: (12/02/2017 12:22:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvtray.exe, version: 7.17.13.7563, time stamp: 0x580af596
Faulting module name: KERNELBASE.dll, version: 10.0.16299.15, time stamp: 0x4736733c
Exception code: 0xc06d007f
Fault offset: 0x0000000000013fb8
Faulting process id: 0x2668
Faulting application start time: 0x01d36ba2de82c352
Faulting application path: C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ba5cbc18-acc4-4f1d-85ca-ba904ef20f00
Faulting package full name:
Faulting package-relative application ID:

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Stefinee.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 3.5.D.D.A.F.2.9.8.6.8.E.6.F.1.A.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 3.5.D.D.A.F.2.9.8.6.8.E.6.F.1.A.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 3.F.1.A.E.3.8.D.F.3.A.E.0.8.C.6.B.5.0.3.1.0.6.0.1.8.6.0.1.0.6.2.ip6.arpa. PTR Stefinee.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   18 197.0.0.10.in-addr.arpa. PTR Stefinee-2.local.

Error: (12/02/2017 12:10:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.197:5353   16 197.0.0.10.in-addr.arpa. PTR Stefinee.local.


System errors:
=============
Error: (12/02/2017 12:04:40 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/02/2017 11:53:10 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI5

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (12/02/2017 11:51:32 AM) (Source: DCOM) (EventID: 10010) (User: STEFINEE)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2017-12-02 12:23:59.731
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:23:59.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:23:47.526
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:23:47.524
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:10.620
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:10.613
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:09.403
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:17:09.401
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:12:08.154
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-02 12:12:08.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 46%
Total physical RAM: 8121.65 MB
Available physical RAM: 4370.42 MB
Total Virtual: 17337.65 MB
Available Virtual: 12543.89 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.91 GB) (Free:715.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 63D2EEB8)

Partition: GPT.

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

You posted the Addition.txt log twice.  Can you post the FRST log?

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 

Tonight while you sleep let Avast do a boot-time scan:

It takes like 6 hours so I usually let it run at night.


Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.


 


  • 0

#3
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

You posted the Addition.txt log twice.  Can you post the FRST log?

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo.com/download_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 

Tonight while you sleep let Avast do a boot-time scan:

It takes like 6 hours so I usually let it run at night.


Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.


 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by Stefinee (administrator) on STEFINEE (02-12-2017 12:23:37)
Running from C:\Users\mythi\Desktop
Loaded Profiles: Stefinee (Available Profiles: Stefinee)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsSysLevelUpSrc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AlertService.exe
() C:\Program Files (x86)\ASUS\AEGIS II\Lighting\CheckCD_RomLighting.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_AsToastHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AEGIS II\AEGIS_II_SysMode.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
() C:\Program Files (x86)\ASUS\AEGIS II\Boost Launcher\BLMonitor.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Discord Inc.) C:\Users\mythi\AppData\Local\Discord\app-0.0.298\Discord.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Discord Inc.) C:\Users\mythi\AppData\Local\Discord\app-0.0.298\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Discord Inc.) C:\Users\mythi\AppData\Local\Discord\app-0.0.298\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon-x64.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8522480 2015-08-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-26] (AVAST Software)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-19] ()
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [52553728 2017-03-08] (Hammer & Chisel, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\Run: [Discord] => C:\Users\mythi\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-30] (Valve Corporation)
HKU\S-1-5-21-1111491060-269441850-655590923-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2017-10-25] (Siber Systems)
HKU\S-1-5-21-1111491060-269441850-655590923-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2017-09-29] (Microsoft Corporation)
Startup: C:\Users\mythi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-12]
ShortcutTarget: Twitch.lnk -> C:\Users\mythi\AppData\Roaming\Curse Client\Bin\Twitch.exe (Twitch Interactive, Inc.)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{0a35a3ba-6b81-46ed-92d3-3a5370f7aa01}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{23b8ff05-0486-47dd-9375-eae6c90b3bf5}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4a148242-7301-4620-9043-72d790b19d03}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1111491060-269441850-655590923-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ASUS15.msn.com/?pc=ASTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1111491060-269441850-655590923-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-10-25] (Siber Systems Inc.)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-10-25] (Siber Systems Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-10-25] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-10-25] (Siber Systems Inc.)

FireFox:
========
FF DefaultProfile: mi65td7f.default
FF ProfilePath: C:\Users\mythi\AppData\Roaming\Mozilla\Firefox\Profiles\mi65td7f.default [2017-12-02]
FF Homepage: Mozilla\Firefox\Profiles\mi65td7f.default -> google.com
FF NewTab: Mozilla\Firefox\Profiles\mi65td7f.default -> about:newtab
FF Extension: (RoboForm Password Manager) - C:\Users\mythi\AppData\Roaming\Mozilla\Firefox\Profiles\mi65td7f.default\Extensions\[email protected] [2017-10-25]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\mythi\AppData\Roaming\Mozilla\Firefox\Profiles\mi65td7f.default\features\{28de81fc-afdf-4652-aafd-f634cd26ad3c}\[email protected] [2017-11-22] [Lagacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-10-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-10-21] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-09-18] (Coupons, Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\mythi\AppData\Local\Google\Chrome\User Data\Default [2017-11-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-19] (ASUS Cloud Corporation) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-26] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-26] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-09] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [121560 2015-07-20] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-10-21] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-08] ()
R0 assdv2; C:\WINDOWS\System32\DRIVERS\assdv2.sys [30040 2015-09-07] (ASUS)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-26] (AVAST Software)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-26] (AVAST Software s.r.o.)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-26] (AVAST Software s.r.o.)
S3 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-26] (AVAST Software s.r.o.)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-26] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-26] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-26] (AVAST Software)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-26] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-26] (AVAST Software)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-26] (AVAST Software)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-26] (AVAST Software)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-26] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-26] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-12-02] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-12-02] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-26] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-12-02] (Malwarebytes)
R1 MpKsld547f9c9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F9CBA70-ED39-4154-94FC-7C9084EC91F8}\MpKsld547f9c9.sys [58120 2017-12-02] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvak.inf_amd64_791beb67a268df58\nvlddmkm.sys [14145584 2016-11-11] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-03-27] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-28] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607488 2016-02-25] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-02 12:23 - 2017-12-02 12:24 - 000019175 _____ C:\Users\mythi\Desktop\FRST.txt
2017-12-02 12:22 - 2017-12-02 12:23 - 000000000 ____D C:\FRST
2017-12-02 12:21 - 2017-12-02 12:21 - 002391552 _____ (Farbar) C:\Users\mythi\Desktop\FRST64.exe
2017-12-02 12:06 - 2017-12-02 12:06 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-29 08:45 - 2017-11-29 08:45 - 000000000 ____D C:\Users\mythi\AppData\Local\PlaceholderTileLogoFolder
2017-11-26 17:25 - 2017-11-26 17:25 - 000000222 _____ C:\Users\mythi\Desktop\Conan Exiles.url
2017-11-26 13:55 - 2017-11-30 17:45 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-26 13:55 - 2017-11-26 13:56 - 000000000 ____D C:\Users\mythi\AppData\Local\Google
2017-11-26 13:54 - 2017-11-26 13:54 - 000000000 ____D C:\Users\mythi\AppData\Roaming\AVAST Software
2017-11-26 13:53 - 2017-12-02 09:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2017-11-26 13:53 - 2017-11-26 14:29 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-11-26 13:53 - 2017-11-26 13:53 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-11-26 13:53 - 2017-11-26 13:53 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-11-26 13:53 - 2017-11-26 13:53 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-11-26 13:53 - 2017-11-26 13:53 - 000002007 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-11-26 13:53 - 2017-11-26 13:53 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-11-26 13:53 - 2017-11-26 13:52 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-11-26 13:53 - 2017-11-26 13:52 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-11-26 13:53 - 2017-11-26 13:51 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-11-26 13:52 - 2017-12-02 12:05 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-26 13:52 - 2017-12-02 12:05 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-26 13:52 - 2017-11-26 13:52 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-26 13:52 - 2017-11-26 13:51 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-11-26 13:51 - 2017-12-02 12:05 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-26 13:51 - 2017-11-26 14:06 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-26 13:51 - 2017-11-26 13:51 - 000001952 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-26 13:51 - 2017-11-26 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-26 13:51 - 2017-11-26 13:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-26 13:51 - 2017-11-26 13:51 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-26 13:51 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-26 13:50 - 2017-11-26 13:50 - 078346672 _____ (Malwarebytes ) C:\Users\mythi\Downloads\mb3-setup-35891.35891-3.3.1.2183.exe
2017-11-26 13:50 - 2017-11-26 13:50 - 000000000 ____D C:\Program Files\AVAST Software
2017-11-26 13:49 - 2017-11-26 15:19 - 000000000 ____D C:\ProgramData\AVAST Software
2017-11-26 13:49 - 2017-11-26 13:49 - 006654960 _____ (AVAST Software) C:\Users\mythi\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2017-11-26 13:13 - 2017-12-02 12:03 - 000000000 ____D C:\Program Files (x86)\AVG
2017-11-26 13:12 - 2017-12-02 12:05 - 000000000 ____D C:\Users\mythi\AppData\Local\Avg
2017-11-26 13:12 - 2017-12-02 12:05 - 000000000 ____D C:\ProgramData\Avg
2017-11-26 13:12 - 2017-12-02 12:02 - 000000000 ____D C:\Users\mythi\AppData\Local\AvgSetupLog
2017-11-26 13:10 - 2017-11-26 13:10 - 003449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\mythi\Downloads\AVG_Protection_Free_1606.exe
2017-11-18 16:23 - 2017-11-26 14:14 - 000000000 ____D C:\Users\mythi\AppData\Local\SoftUpgrade
2017-11-15 19:17 - 2017-11-15 19:17 - 000000000 ____D C:\Users\mythi\AppData\Roaming\WildTangent
2017-11-14 17:39 - 2017-10-25 02:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-14 17:39 - 2017-10-25 02:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-14 17:39 - 2017-10-25 02:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-14 17:39 - 2017-10-25 01:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-14 17:39 - 2017-10-24 21:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-14 17:39 - 2017-10-24 21:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-14 17:39 - 2017-10-24 21:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-14 17:39 - 2017-10-24 21:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-14 17:39 - 2017-10-24 21:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-14 17:39 - 2017-10-24 21:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-14 17:39 - 2017-10-24 20:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-14 17:39 - 2017-10-24 20:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-14 17:39 - 2017-10-24 20:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-14 17:39 - 2017-10-24 20:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-14 17:39 - 2017-10-24 20:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-14 17:39 - 2017-10-24 20:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-14 17:39 - 2017-10-24 20:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-14 17:39 - 2017-10-24 20:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-14 17:39 - 2017-10-24 20:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-14 17:39 - 2017-10-24 20:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-14 17:39 - 2017-10-24 20:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-14 17:39 - 2017-10-24 20:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-14 17:39 - 2017-10-24 20:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-14 17:39 - 2017-10-24 20:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-14 17:39 - 2017-10-24 20:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-14 17:39 - 2017-10-24 20:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-14 17:39 - 2017-10-24 19:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-14 17:39 - 2017-10-24 19:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-14 17:39 - 2017-10-21 05:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-14 17:39 - 2017-10-20 07:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-14 17:38 - 2017-10-25 01:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-14 17:38 - 2017-10-25 01:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-14 17:38 - 2017-10-24 23:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-14 17:38 - 2017-10-24 21:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-14 17:38 - 2017-10-24 21:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-14 17:38 - 2017-10-24 21:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-14 17:38 - 2017-10-24 21:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-14 17:38 - 2017-10-24 21:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-14 17:38 - 2017-10-24 21:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-14 17:38 - 2017-10-24 21:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-14 17:38 - 2017-10-24 21:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-14 17:38 - 2017-10-24 21:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-14 17:38 - 2017-10-24 21:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-14 17:38 - 2017-10-24 21:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-14 17:38 - 2017-10-24 21:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-14 17:38 - 2017-10-24 21:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-14 17:38 - 2017-10-24 21:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-14 17:38 - 2017-10-24 21:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-14 17:38 - 2017-10-24 21:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-14 17:38 - 2017-10-24 21:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-14 17:38 - 2017-10-24 21:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-14 17:38 - 2017-10-24 21:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-14 17:38 - 2017-10-24 21:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-14 17:38 - 2017-10-24 21:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-14 17:38 - 2017-10-24 21:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-14 17:38 - 2017-10-24 21:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-14 17:38 - 2017-10-24 21:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-14 17:38 - 2017-10-24 21:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-14 17:38 - 2017-10-24 20:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-14 17:38 - 2017-10-24 20:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-14 17:38 - 2017-10-24 20:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-14 17:38 - 2017-10-24 20:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-14 17:38 - 2017-10-24 20:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-14 17:38 - 2017-10-24 20:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-14 17:38 - 2017-10-24 20:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-14 17:38 - 2017-10-24 20:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-14 17:38 - 2017-10-24 20:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-14 17:38 - 2017-10-24 20:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-14 17:38 - 2017-10-24 20:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-14 17:38 - 2017-10-24 20:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-14 17:38 - 2017-10-24 20:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-14 17:38 - 2017-10-24 20:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-14 17:38 - 2017-10-24 20:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-14 17:38 - 2017-10-24 20:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-14 17:38 - 2017-10-24 20:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-14 17:38 - 2017-10-24 20:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-14 17:38 - 2017-10-24 20:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-14 17:38 - 2017-10-24 20:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-14 17:38 - 2017-10-24 20:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-14 17:38 - 2017-10-24 20:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-14 17:38 - 2017-10-24 20:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-14 17:38 - 2017-10-24 20:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-14 17:38 - 2017-10-24 20:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-14 17:38 - 2017-10-24 20:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-14 17:38 - 2017-10-24 20:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-14 17:38 - 2017-10-24 20:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-14 17:38 - 2017-10-24 20:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-14 17:38 - 2017-10-24 20:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-14 17:38 - 2017-10-24 20:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-14 17:38 - 2017-10-24 20:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-14 17:38 - 2017-10-24 20:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-14 17:38 - 2017-10-24 20:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-14 17:38 - 2017-10-24 20:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-14 17:38 - 2017-10-24 20:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-14 17:38 - 2017-10-24 20:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-14 17:38 - 2017-10-24 20:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-14 17:38 - 2017-10-24 20:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-14 17:38 - 2017-10-24 20:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-14 17:38 - 2017-10-24 20:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-14 17:38 - 2017-10-24 20:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-14 17:38 - 2017-10-24 20:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-14 17:38 - 2017-10-24 20:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-14 17:38 - 2017-10-24 20:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-14 17:38 - 2017-10-24 20:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-14 17:38 - 2017-10-24 20:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-14 17:38 - 2017-10-24 20:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-14 17:38 - 2017-10-24 20:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-14 17:38 - 2017-10-24 20:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-14 17:38 - 2017-10-24 20:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-14 17:38 - 2017-10-24 19:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-14 17:38 - 2017-10-24 19:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-14 17:38 - 2017-10-24 19:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-14 17:38 - 2017-10-24 19:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-14 17:38 - 2017-10-24 19:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-14 17:38 - 2017-10-24 19:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-14 17:38 - 2017-10-19 22:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-11 12:37 - 2017-11-11 16:04 - 000000000 ____D C:\Users\mythi\AppData\Roaming\Opera Software
2017-11-11 12:37 - 2017-11-11 16:04 - 000000000 ____D C:\Users\mythi\AppData\Local\Opera Software
2017-11-11 12:36 - 2017-11-11 16:04 - 000000000 ____D C:\Users\mythi\AppData\Local\Chromium
2017-11-11 12:36 - 2017-11-11 16:04 - 000000000 ____D C:\Users\mythi\AppData\Local\{2BCE1D92-0F66-712A-62FE-54C24696A85A}
2017-11-11 12:36 - 2017-11-11 12:36 - 001202160 _____ (Adobe Systems Incorporated) C:\Users\mythi\AppData\Local\flashplugin.exe
2017-11-11 12:35 - 2017-11-11 12:35 - 000000000 ____D C:\Users\mythi\AppData\Local\Package Cache
2017-11-06 11:53 - 2017-11-06 11:53 - 000001856 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-06 11:53 - 2017-11-06 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-06 11:53 - 2017-11-06 11:53 - 000000000 ____D C:\Program Files\iPod
2017-11-06 11:52 - 2017-11-06 11:53 - 000000000 ____D C:\Program Files\iTunes
2017-11-06 09:06 - 2017-11-06 09:06 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-06 09:04 - 2017-11-06 09:04 - 000000000 ___HD C:\Users\mythi\MicrosoftEdgeBackups
2017-11-06 09:03 - 2017-11-06 09:03 - 000000020 ___SH C:\Users\mythi\ntuser.ini
2017-11-06 09:03 - 2017-11-06 09:03 - 000000000 ___RD C:\Users\mythi\3D Objects
2017-11-06 03:46 - 2017-11-18 07:08 - 000000000 ____D C:\Windows.old
2017-11-06 03:43 - 2017-11-06 03:46 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-11-06 03:42 - 2017-11-06 03:43 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-11-06 03:42 - 2017-11-06 03:42 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-11-06 03:40 - 2017-11-06 03:40 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-06 03:40 - 2017-11-06 03:40 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-06 03:40 - 2017-11-06 03:40 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-11-06 03:40 - 2017-11-06 03:40 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-11-06 03:40 - 2017-11-06 03:40 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-11-06 03:40 - 2017-11-06 03:40 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-11-06 03:40 - 2017-11-06 03:40 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-11-06 03:37 - 2017-11-06 03:37 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-11-06 03:37 - 2017-11-06 03:37 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-11-06 03:37 - 2017-11-06 03:37 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-06 03:37 - 2017-11-06 03:37 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-11-06 03:37 - 2017-11-06 03:37 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-11-06 03:37 - 2017-11-06 03:37 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-11-06 03:37 - 2017-11-06 03:37 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-11-06 03:37 - 2017-11-06 03:37 - 000000000 ____D C:\Program Files\MSBuild
2017-11-06 03:37 - 2017-11-06 03:37 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-11-06 03:37 - 2017-11-06 03:37 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-11-06 03:11 - 2017-11-06 03:12 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-11-06 03:11 - 2017-11-06 03:12 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-11-06 03:10 - 2017-12-02 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-06 03:10 - 2017-12-02 09:53 - 000003554 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2017-11-06 03:10 - 2017-12-02 09:53 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-06 03:10 - 2017-12-02 09:53 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-06 03:10 - 2017-12-02 09:53 - 000003306 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7FBC1C38-5561-4B4D-BDB1-AF1DD3E523A9}
2017-11-06 03:10 - 2017-12-02 09:53 - 000003038 _____ C:\WINDOWS\System32\Tasks\Run RoboForm TaskBar Icon
2017-11-06 03:10 - 2017-12-02 09:53 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-06 03:10 - 2017-12-02 09:53 - 000002968 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-06 03:10 - 2017-12-02 09:53 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-06 03:10 - 2017-12-02 09:53 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1111491060-269441850-655590923-1001
2017-11-06 03:10 - 2017-12-02 09:53 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-06 03:10 - 2017-12-02 09:53 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-06 03:10 - 2017-12-02 09:53 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-06 03:10 - 2017-11-06 03:10 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-11-06 03:10 - 2017-11-06 03:10 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-11-06 03:07 - 2017-12-02 12:11 - 001192228 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-06 03:00 - 2017-11-06 03:00 - 000000000 ____D C:\ProgramData\USOShared
2017-11-06 02:56 - 2017-11-06 02:56 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-06 02:54 - 2017-11-29 08:45 - 000000000 ____D C:\Users\mythi\AppData\Local\Packages
2017-11-06 02:54 - 2017-11-15 03:03 - 000000000 ____D C:\Users\mythi
2017-11-06 02:52 - 2016-10-21 22:22 - 000133056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-11-06 02:51 - 2016-11-11 06:54 - 000224304 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-11-06 02:51 - 2016-11-11 06:54 - 000212024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-11-06 02:50 - 2017-09-29 06:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-11-06 02:49 - 2017-12-02 11:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-06 02:49 - 2017-11-15 03:07 - 000221968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-02 19:05 - 2017-11-06 09:03 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-02 12:00 - 2017-11-02 12:00 - 000000000 ____D C:\Users\mythi\AppData\Local\RoboForm

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-02 12:23 - 2017-04-21 13:13 - 000000000 ____D C:\Users\mythi\AppData\Local\CrashDumps
2017-12-02 12:12 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-02 12:12 - 2017-03-08 15:18 - 000000000 ____D C:\Users\mythi\AppData\LocalLow\Mozilla
2017-12-02 12:10 - 2017-08-09 21:51 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-02 12:10 - 2016-10-17 22:55 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-02 12:04 - 2017-09-29 01:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-12-01 23:40 - 2017-09-29 06:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-01 23:40 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-26 18:24 - 2017-03-08 17:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-26 18:20 - 2017-10-10 12:55 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-26 18:20 - 2017-03-08 17:24 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-26 17:25 - 2017-03-08 15:35 - 000000000 ____D C:\Users\mythi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-26 14:34 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-24 13:15 - 2017-09-29 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-21 11:49 - 2017-04-30 20:16 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-18 16:23 - 2017-03-08 12:52 - 000000000 ____D C:\Users\mythi\AppData\Local\VirtualStore
2017-11-18 12:20 - 2017-03-08 15:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-18 12:20 - 2017-03-08 15:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-15 19:17 - 2016-10-17 23:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-11-15 19:17 - 2016-10-17 23:03 - 000000000 ____D C:\ProgramData\WildTangent
2017-11-15 19:14 - 2017-03-08 15:15 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-15 19:14 - 2017-03-08 15:15 - 000000000 ____D C:\Users\mythi\AppData\Roaming\Mozilla
2017-11-15 05:09 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-15 03:15 - 2017-09-29 06:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-15 03:04 - 2017-09-29 06:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-15 03:04 - 2017-09-29 06:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-15 03:04 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-15 03:04 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-15 03:04 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-15 03:04 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 03:04 - 2017-09-29 01:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-14 08:33 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-14 08:33 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-12 15:59 - 2017-03-08 16:07 - 000000000 ____D C:\Users\mythi\AppData\Roaming\discord
2017-11-11 12:36 - 2017-03-29 18:11 - 000000000 ____D C:\Users\mythi\AppData\Local\Adobe
2017-11-07 03:30 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-06 11:22 - 2017-03-08 16:06 - 000000258 __RSH C:\ProgramData\ntuser.pol
2017-11-06 09:08 - 2017-05-13 07:28 - 000002409 _____ C:\Users\mythi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-06 09:08 - 2017-03-17 14:21 - 000000000 ___RD C:\Users\mythi\OneDrive
2017-11-06 09:04 - 2017-03-08 12:51 - 000000000 ____D C:\Users\mythi\AppData\Local\TileDataLayer
2017-11-06 09:03 - 2016-06-02 02:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-06 03:48 - 2017-09-29 06:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-11-06 03:46 - 2017-09-29 06:49 - 000000000 ____D C:\WINDOWS\Setup
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\Help
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-06 03:46 - 2017-09-29 06:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-06 03:46 - 2017-08-09 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-11-06 03:46 - 2017-07-30 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-06 03:46 - 2017-07-04 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-11-06 03:46 - 2017-05-13 00:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-06 03:46 - 2017-05-11 14:40 - 000000000 ____D C:\Program Files\UNP
2017-11-06 03:46 - 2017-04-20 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-06 03:46 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-06 03:46 - 2017-03-08 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2017-11-06 03:46 - 2017-03-08 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-11-06 03:46 - 2017-03-08 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2017-11-06 03:46 - 2016-10-17 22:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-11-06 03:46 - 2016-10-17 22:51 - 000000000 ____D C:\Program Files\Intel
2017-11-06 03:46 - 2016-06-02 02:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2017-11-06 03:46 - 2016-06-02 02:24 - 000000000 ____D C:\Program Files (x86)\ASUS
2017-11-06 03:46 - 2015-10-30 00:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-11-06 03:44 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-11-06 03:43 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\OCR
2017-11-06 03:43 - 2017-05-13 00:16 - 000000000 ____D C:\Program Files\Realtek
2017-11-06 03:43 - 2017-03-09 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tukui
2017-11-06 03:43 - 2016-10-17 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2017-11-06 03:43 - 2016-06-02 02:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-11-06 03:40 - 2017-09-29 07:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-11-06 03:12 - 2017-09-29 01:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-11-06 03:10 - 2017-09-29 06:46 - 000000000 ____D C:\WINDOWS\Registration
2017-11-06 03:10 - 2017-03-08 14:52 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-11-06 03:07 - 2016-10-17 22:54 - 000903962 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-11-06 03:00 - 2017-09-29 06:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-11-06 02:57 - 2017-09-29 06:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-11-06 02:55 - 2017-03-08 16:07 - 000000000 ____D C:\Users\mythi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-11-06 02:53 - 2017-09-29 01:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-11-06 02:51 - 2017-05-13 00:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-06 02:51 - 2017-05-13 00:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-06 02:51 - 2017-05-13 00:16 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-11-06 02:50 - 2017-05-13 00:16 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-03 18:25 - 2017-09-29 06:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-03 18:25 - 2017-09-29 06:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-03-09 00:07 - 2017-03-09 00:07 - 000000040 _____ () C:\Users\mythi\AppData\Roaming\WB.CFG
2017-11-11 12:36 - 2017-11-11 12:36 - 001202160 _____ (Adobe Systems Incorporated) C:\Users\mythi\AppData\Local\flashplugin.exe
2017-10-28 22:08 - 2017-10-28 22:08 - 000007601 _____ () C:\Users\mythi\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-26 18:19

==================== End of FRST.txt ============================


  • 0

#4
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

sorry about that lol I must have hit something else when I was copy/pasting. And didn't notice because it was so long. Getting the rest of it done now. TY so much.

 

 

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    87.76    52 K    8 K    0            
procexp64.exe    4.16    27,964 K    64,716 K    10428    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
Interrupts    1.07    0 K    0 K    n/a    Hardware Interrupts and DPCs        
dwm.exe    0.87    69,916 K    35,648 K    1132            
System    0.81    160 K    4,172 K    4            
Taskmgr.exe    0.76    33,308 K    61,428 K    6660            
Steam.exe    0.63    46,248 K    56,520 K    10788    Steam Client Bootstrapper    Valve Corporation    (Verified) Valve
firefox.exe    0.59    292,332 K    361,304 K    12504    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
Discord.exe    0.55    105,648 K    103,656 K    6944    Discord    Discord Inc.    (Verified) Hammer & Chisel Inc.
firefox.exe    0.53    239,936 K    252,040 K    10432    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
csrss.exe    0.30    3,128 K    2,748 K    820            
AvastUI.exe    0.28    22,516 K    39,536 K    10568    Avast Antivirus    AVAST Software    (Verified) AVAST Software s.r.o.
AsusWSPanel.exe    0.21    26,816 K    15,480 K    12544         ASUS Cloud Corporation    (Verified) ASUS Cloud Corporation
Discord.exe    0.16    34,400 K    45,736 K    10640    Discord    Discord Inc.    (Verified) Hammer & Chisel Inc.
MBAMService.exe    0.16    250,532 K    242,820 K    3160    Malwarebytes Service    Malwarebytes    (Verified) Malwarebytes Corporation
explorer.exe    0.15    88,352 K    117,748 K    6748    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe    0.14    6,236 K    9,788 K    6180    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
robotaskbaricon.exe    0.13    9,268 K    13,428 K    10860    RoboForm TaskBar Icon    Siber Systems    (Verified) Siber Systems
AEGIS_II_SysMode.exe    0.11    11,888 K    5,056 K    6472            
WmiPrvSE.exe    0.10    8,128 K    12,836 K    3852            
svchost.exe    0.07    8,532 K    13,244 K    2544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
rf-chrome-nm-host.exe    0.06    11,056 K    24,752 K    3980    rf-chrome-nm-host    Siber Systems Inc.    (Verified) Siber Systems
svchost.exe    0.05    40,096 K    38,200 K    1476    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
nvcontainer.exe    0.05    9,044 K    11,256 K    2660    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
firefox.exe    0.05    63,652 K    85,528 K    1096    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
NVIDIA Web Helper.exe    0.02    33,912 K    29,168 K    3972    NVIDIA Web Helper Service    Node.js    (Verified) NVIDIA Corporation
aswidsagenta.exe    0.02    16,568 K    21,712 K    10288    Avast Behavior Shield    AVAST Software    (Verified) AVAST Software s.r.o.
steamwebhelper.exe    0.02    16,676 K    14,496 K    12068    Steam Client WebHelper    Valve Corporation    (Verified) Valve
nvsphelper64.exe    0.02    2,980 K    4,080 K    7780            
svchost.exe    0.02    8,872 K    10,964 K    2756    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    0.02    44,556 K    41,352 K    11044    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
lsass.exe    0.01    6,608 K    11,420 K    892    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
nvcontainer.exe    0.01    19,812 K    22,224 K    5988    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
SearchIndexer.exe    0.01    21,840 K    15,048 K    2820    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.01    2,612 K    4,288 K    672    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    5,012 K    9,664 K    10592    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    5,748 K    12,692 K    2068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    24,056 K    26,684 K    2520    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
mbamtray.exe    0.01    17,508 K    20,188 K    5776    Malwarebytes Tray Application    Malwarebytes    (Verified) Malwarebytes Corporation
nvspcaps64.exe    0.01    8,376 K    16,304 K    10664    NVIDIA Capture Server    NVIDIA Corporation    (Verified) NVIDIA Corporation
svchost.exe    0.01    2,640 K    4,448 K    3532    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AvastSvc.exe    0.01    140,140 K    40,836 K    2112    Avast Service    AVAST Software    (Verified) AVAST Software s.r.o.
NVIDIA Share.exe    < 0.01    69,652 K    53,924 K    6732    NVIDIA Share    NVIDIA Corporation    (Verified) NVIDIA Corporation
SteamService.exe    < 0.01    6,920 K    6,568 K    12156    Steam Client Service    Valve Corporation    (Verified) Valve
Discord.exe    < 0.01    45,676 K    38,048 K    11168    Discord    Discord Inc.    (Verified) Hammer & Chisel Inc.
notepad.exe    < 0.01    3,076 K    16,376 K    8672            
svchost.exe    < 0.01    18,032 K    22,536 K    2096    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AppleMobileDeviceService.exe    < 0.01    3,428 K    4,620 K    2528    MobileDeviceService    Apple Inc.    (Verified) Apple Inc.
nvxdsync.exe    < 0.01    9,240 K    18,024 K    3652            
conhost.exe    < 0.01    6,320 K    15,068 K    9292            
svchost.exe    < 0.01    11,444 K    17,280 K    4176    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe    < 0.01    8,508 K    14,996 K    2356    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
WWAHost.exe    Suspended    99,280 K    3,364 K    9076    Microsoft WWA Host    Microsoft Corporation    (Verified) Microsoft Windows
wmpnetwk.exe        7,396 K    6,248 K    4468    Windows Media Player Network Sharing Service    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        3,272 K    6,660 K    4932            
WmiPrvSE.exe        3,860 K    5,240 K    13072            
wlanext.exe        1,856 K    3,224 K    2588            
WinStore.App.exe    Suspended    45,120 K    3,360 K    10024    Store    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
winlogon.exe        2,272 K    5,480 K    936            
wininit.exe        1,360 K    1,688 K    808            
unsecapp.exe        1,384 K    2,856 K    9684            
SystemSettings.exe    Suspended    48,836 K    4,260 K    12468    Settings    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        6,792 K    9,564 K    300    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,464 K    18,772 K    2568    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,660 K    11,400 K    3880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,132 K    23,412 K    12052    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,164 K    13,456 K    5872    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,052 K    16,396 K    1000    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,028 K    12,644 K    5952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,628 K    5,340 K    1900    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,320 K    4,068 K    1464    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,128 K    9,708 K    1884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,480 K    8,676 K    1640    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,360 K    1,776 K    1444    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,680 K    7,828 K    1708    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,000 K    9,820 K    1800    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,428 K    4,772 K    3212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,416 K    5,512 K    1996    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,152 K    4,044 K    2004    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,060 K    11,188 K    1268    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,060 K    7,588 K    1916    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,008 K    13,612 K    2836    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,444 K    6,056 K    1784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,332 K    12,600 K    2044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,820 K    2,940 K    1908    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,088 K    21,172 K    4188    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,772 K    8,960 K    2512    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,908 K    6,988 K    4908    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,636 K    4,800 K    6824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,992 K    8,188 K    7928    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,684 K    5,940 K    12400    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,388 K    6,152 K    5404    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,360 K    5,344 K    12768    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,004 K    1,068 K    988    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,224 K    5,132 K    1192    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,988 K    3,700 K    1200    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,836 K    2,700 K    1240    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,984 K    3,180 K    1368    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,112 K    6,040 K    1392    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,624 K    5,808 K    1436    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,080 K    4,428 K    1452    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,012 K    5,524 K    1524    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,164 K    3,876 K    1600    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,700 K    3,628 K    1608    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,420 K    4,004 K    2120    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,008 K    3,468 K    2444    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,740 K    3,240 K    2608    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,628 K    1,768 K    2700    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,304 K    1,504 K    2792    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,352 K    1,820 K    2976    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,136 K    9,484 K    3168    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,492 K    5,452 K    4784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,640 K    9,188 K    5292    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,112 K    5,016 K    5300    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,080 K    5,812 K    5320    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,724 K    3,004 K    5580    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,788 K    2,864 K    6312    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,692 K    4,212 K    7188    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,052 K    4,968 K    7220    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,304 K    4,588 K    9516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,948 K    13,716 K    12240    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,880 K    5,252 K    6372    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,144 K    3,516 K    4884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,648 K    5,816 K    8620    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,632 K    6,340 K    10484    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
steamwebhelper.exe        21,688 K    8,032 K    12136    Steam Client WebHelper    Valve Corporation    (Verified) Valve
smss.exe        568 K    608 K    464            
smartscreen.exe        13,660 K    27,944 K    2788    Windows Defender SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
SkypeHost.exe    Suspended    25,440 K    15,512 K    8420    Microsoft Skype    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
sihost.exe        6,788 K    17,336 K    5616    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    68,252 K    67,148 K    7768    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SettingSyncHost.exe        3,172 K    1,456 K    9176    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        5,072 K    7,624 K    872            
SecurityHealthService.exe        4,108 K    7,516 K    2720    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecureDeleteBackground.exe        66,604 K    4,960 K    6344            
SearchUI.exe    Suspended    82,468 K    92,876 K    7900    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        7,104 K    7,236 K    12016    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        4,648 K    4,744 K    9928    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        4,356 K    9,244 K    10236    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        5,220 K    5,952 K    7856    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        6,968 K    15,384 K    8068    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,552 K    3,256 K    7628    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RtkNGUI64.exe        4,600 K    5,120 K    7524    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
robotaskbaricon-x64.exe        6,404 K    12,872 K    5780    RoboForm TaskBar Icon    Siber Systems    (Verified) Siber Systems
procexp.exe        3,292 K    10,896 K    5204    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
NvTelemetryContainer.exe        5,408 K    4,484 K    2688    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
NVIDIA Share.exe        41,668 K    31,524 K    4880    NVIDIA Share    NVIDIA Corporation    (Verified) NVIDIA Corporation
NVDisplay.Container.exe        4,464 K    7,488 K    2668    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
MSASCuiL.exe        1,916 K    3,216 K    9896    Windows Defender notification icon    Microsoft Corporation    (Verified) Microsoft Windows
Memory Compression        256 K    63,100 K    1560            
mDNSResponder.exe        1,916 K    3,732 K    2484    Bonjour Service    Apple Inc.    (Verified) Apple Inc.
LMS.exe        4,512 K    5,000 K    6220    Intel® Local Management Service    Intel Corporation    (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
jhi_service.exe        1,568 K    1,940 K    11848    Intel® Dynamic Application Loader Host Interface    Intel Corporation    (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
isa.exe        9,716 K    4,080 K    2220    Intel® Security Assist    Intel Corporation    (No signature was present in the subject) Intel Corporation
IAStorIcon.exe        24,556 K    10,180 K    11376    IAStorIcon    Intel Corporation    (Verified) Intel Corporation - Rapid Storage Technology
IAStorDataMgrSvc.exe        32,860 K    22,248 K    11864    IAStorDataSvc    Intel Corporation    (Verified) Intel Corporation - Rapid Storage Technology
fontdrvhost.exe        4,080 K    7,452 K    1052            
fontdrvhost.exe        1,524 K    1,680 K    1008            
firefox.exe        109,228 K    120,744 K    10064    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
dllhost.exe        1,964 K    9,980 K    5932    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        6,368 K    13,820 K    1952            
ctfmon.exe        3,004 K    9,428 K    6456            
csrss.exe        2,040 K    2,852 K    732            
conhost.exe        5,600 K    10,212 K    7748    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        1,176 K    1,588 K    3200            
conhost.exe        5,552 K    4,976 K    6300    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
cmd.exe        3,896 K    5,744 K    7380            
CheckCD_RomLighting.exe        60,324 K    3,704 K    6324            
CastSrv.exe        4,012 K    6,520 K    9964    Casting protocol connection listener    Microsoft Corporation    (Verified) Microsoft Windows
BTDevMgr.exe        2,080 K    4,076 K    2492    Realtek Bluetooth BTDevManager Service Application        (Verified) Realtek Semiconductor Corp
BrYNSvc.exe        4,252 K    6,712 K    3316    BrYNCSvc    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrStMonW.exe        3,176 K    6,672 K    6488    Status Monitor Application    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrCtrlCntr.exe        2,312 K    3,044 K    6640    ControlCenter Main Process    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BrCcUxSys.exe        2,140 K    2,992 K    8984    ControlCenter UX System    Brother Industries, Ltd.    (No signature was present in the subject) Brother Industries, Ltd.
BLMonitor.exe        36,356 K    2,316 K    6424            
atkexComSvc.exe        7,684 K    4,320 K    9268            (Verified) ASUSTeK Computer Inc.
AsusWSWinService.exe        25,944 K    6,896 K    2476    Asus WebStorage Windows Service    ASUS Cloud Corporation    (No signature was present in the subject) ASUS Cloud Corporation
AsHKService.exe        1,796 K    164 K    6440            
ApplicationFrameHost.exe        21,568 K    15,060 K    12132    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows
AiChargerDT.exe        1,588 K    140 K    6480            
Ai_ChargerII_TrayIcon(ASUS_Manager).exe        2,228 K    176 K    6464            
AEGIS_II_AsToastHelper.exe        1,748 K    160 K    6332            
AEGIS_II_AsSysLevelUpSrc.exe        4,324 K    192 K    6156            
AEGIS_II_AlertService.exe        1,652 K    680 K    6224            

 


  • 0

#5
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       464 N/A                                         
csrss.exe                      732 N/A                                         
wininit.exe                    808 N/A                                         
csrss.exe                      820 N/A                                         
services.exe                   872 N/A                                         
lsass.exe                      892 KeyIso, SamSs, VaultSvc                     
svchost.exe                    988 PlugPlay                                    
svchost.exe                   1000 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
fontdrvhost.exe               1008 N/A                                         
svchost.exe                    300 RpcEptMapper, RpcSs                         
svchost.exe                    672 LSM                                         
winlogon.exe                   936 N/A                                         
fontdrvhost.exe               1052 N/A                                         
dwm.exe                       1132 N/A                                         
svchost.exe                   1192 NcbService                                  
svchost.exe                   1200 TimeBrokerSvc                               
svchost.exe                   1240 hidserv                                     
svchost.exe                   1268 EventLog                                    
svchost.exe                   1368 SEMgrSvc                                    
svchost.exe                   1392 nsi                                         
svchost.exe                   1436 ProfSvc                                     
svchost.exe                   1444 Themes                                      
svchost.exe                   1452 EventSystem                                 
svchost.exe                   1464 Dhcp                                        
svchost.exe                   1476 SysMain                                     
svchost.exe                   1524 SENS                                        
Memory Compression            1560 N/A                                         
svchost.exe                   1600 AudioEndpointBuilder                        
svchost.exe                   1608 FontCache                                   
svchost.exe                   1640 NlaSvc                                      
svchost.exe                   1708 Audiosrv                                    
svchost.exe                   1784 netprofm                                    
svchost.exe                   1800 StateRepository                             
svchost.exe                   1884 Schedule                                    
svchost.exe                   1900 Dnscache                                    
svchost.exe                   1908 DusmSvc                                     
svchost.exe                   1916 Wcmsvc                                      
svchost.exe                   1996 UserManager                                 
svchost.exe                   2004 WinHttpAutoProxySvc                         
svchost.exe                   2044 lfsvc                                       
svchost.exe                   2068 WlanSvc                                     
svchost.exe                   2096 BFE, CoreMessagingRegistrar, MpsSvc         
AvastSvc.exe                  2112 avast! Antivirus                            
svchost.exe                   2120 ShellHWDetection                            
spoolsv.exe                   2356 Spooler                                     
svchost.exe                   2444 LanmanWorkstation                           
AsusWSWinService.exe          2476 Asus WebStorage Windows Service             
mDNSResponder.exe             2484 Bonjour Service                             
BTDevMgr.exe                  2492 BTDevManager                                
svchost.exe                   2512 CryptSvc                                    
svchost.exe                   2520 DPS                                         
AppleMobileDeviceService.     2528 Apple Mobile Device Service                 
svchost.exe                   2544 Winmgmt                                     
svchost.exe                   2568 DiagTrack                                   
wlanext.exe                   2588 N/A                                         
svchost.exe                   2608 DeviceAssociationService                    
nvcontainer.exe               2660 NvContainerLocalSystem                      
NVDisplay.Container.exe       2668 NVDisplay.ContainerLocalSystem              
NvTelemetryContainer.exe      2688 NvTelemetryContainer                        
svchost.exe                   2700 SstpSvc                                     
SecurityHealthService.exe     2720 SecurityHealthService                       
svchost.exe                   2756 stisvc                                      
svchost.exe                   2792 TrkWks                                      
SearchIndexer.exe             2820 WSearch                                     
svchost.exe                   2836 WpnService                                  
svchost.exe                   2976 WdiServiceHost                              
dasHost.exe                   1952 N/A                                         
MBAMService.exe               3160 MBAMService                                 
svchost.exe                   3168 iphlpsvc                                    
conhost.exe                   3200 N/A                                         
svchost.exe                   3212 LanmanServer                                
svchost.exe                   3532 SSDPSRV                                     
nvxdsync.exe                  3652 N/A                                         
WmiPrvSE.exe                  3852 N/A                                         
svchost.exe                   4176 RasMan, wuauserv                            
wmpnetwk.exe                  4468 WMPNetworkSvc                               
svchost.exe                   4784 PcaSvc                                      
svchost.exe                   4908 upnphost                                    
WmiPrvSE.exe                  4932 N/A                                         
svchost.exe                   5292 fdPHost                                     
svchost.exe                   5300 NcdAutoSetup                                
svchost.exe                   5320 FDResPub                                    
svchost.exe                   5404 HomeGroupProvider                           
svchost.exe                   5580 Browser                                     
svchost.exe                   5952 CDPSvc                                      
mbamtray.exe                  5776 N/A                                         
svchost.exe                   5872 CDPUserSvc_59ec2                            
nvcontainer.exe               5988 N/A                                         
sihost.exe                    5616 N/A                                         
svchost.exe                   4188 WpnUserService_59ec2                        
svchost.exe                   3880 TokenBroker                                 
AEGIS_II_AsSysLevelUpSrc.     6156 N/A                                         
taskhostw.exe                 6180 N/A                                         
AEGIS_II_AlertService.exe     6224 N/A                                         
svchost.exe                   6312 TabletInputService                          
CheckCD_RomLighting.exe       6324 N/A                                         
AEGIS_II_AsToastHelper.ex     6332 N/A                                         
SecureDeleteBackground.ex     6344 N/A                                         
BLMonitor.exe                 6424 N/A                                         
AsHKService.exe               6440 N/A                                         
ctfmon.exe                    6456 N/A                                         
Ai_ChargerII_TrayIcon(ASU     6464 N/A                                         
AEGIS_II_SysMode.exe          6472 N/A                                         
AiChargerDT.exe               6480 N/A                                         
explorer.exe                  6748 N/A                                         
svchost.exe                   6824 wscsvc                                      
svchost.exe                   7188 NgcSvc                                      
svchost.exe                   7220 NgcCtnrSvc                                  
ShellExperienceHost.exe       7768 N/A                                         
SearchUI.exe                  7900 N/A                                         
RuntimeBroker.exe             8068 N/A                                         
RuntimeBroker.exe             7856 N/A                                         
svchost.exe                   7928 LicenseManager                              
SkypeHost.exe                 8420 N/A                                         
atkexComSvc.exe               9268 asComSvc                                    
svchost.exe                   9516 Netman                                      
MSASCuiL.exe                  9896 N/A                                         
RuntimeBroker.exe             9928 N/A                                         
CastSrv.exe                   9964 N/A                                         
RuntimeBroker.exe            10236 N/A                                         
unsecapp.exe                  9684 N/A                                         
RtkNGUI64.exe                 7524 N/A                                         
aswidsagenta.exe             10288 aswbIDSAgent                                
AvastUI.exe                  10568 N/A                                         
Discord.exe                  10640 N/A                                         
nvspcaps64.exe               10664 N/A                                         
Steam.exe                    10788 N/A                                         
robotaskbaricon.exe          10860 N/A                                         
Discord.exe                  11168 N/A                                         
nvsphelper64.exe              7780 N/A                                         
NVIDIA Share.exe              6732 N/A                                         
NVIDIA Share.exe              4880 N/A                                         
BrStMonW.exe                  6488 N/A                                         
BrCtrlCntr.exe                6640 N/A                                         
NVIDIA Web Helper.exe         3972 N/A                                         
BrYNSvc.exe                   3316 BrYNSvc                                     
conhost.exe                   6300 N/A                                         
Discord.exe                   6944 N/A                                         
BrCcUxSys.exe                 8984 N/A                                         
IAStorIcon.exe               11376 N/A                                         
RuntimeBroker.exe            12016 N/A                                         
steamwebhelper.exe           12068 N/A                                         
steamwebhelper.exe           12136 N/A                                         
SteamService.exe             12156 Steam Client Service                        
svchost.exe                  12240 OneSyncSvc_59ec2,                           
                                   PimIndexMaintenanceSvc_59ec2,               
                                   UnistoreSvc_59ec2, UserDataSvc_59ec2        
svchost.exe                  10592 DoSvc                                       
IAStorDataMgrSvc.exe         11864 IAStorDataMgrSvc                            
jhi_service.exe              11848 jhi_service                                 
svchost.exe                   6372 StorSvc                                     
LMS.exe                       6220 LMS                                         
svchost.exe                  12768 SharedAccess                                
WmiPrvSE.exe                 13072 N/A                                         
ApplicationFrameHost.exe     12132 N/A                                         
WinStore.App.exe             10024 N/A                                         
WWAHost.exe                   9076 N/A                                         
RuntimeBroker.exe             7628 N/A                                         
SystemSettings.exe           12468 N/A                                         
AsusWSPanel.exe              12544 N/A                                         
isa.exe                       2220 Intel® Security Assist                    
SettingSyncHost.exe           9176 N/A                                         
svchost.exe                   4884 DsSvc                                       
svchost.exe                   8620 lmhosts                                     
svchost.exe                   7664 ClipSVC                                     
svchost.exe                  12400 WdiSystemHost                               
firefox.exe                  12504 N/A                                         
firefox.exe                  11044 N/A                                         
firefox.exe                   1096 N/A                                         
firefox.exe                  10432 N/A                                         
robotaskbaricon-x64.exe       5780 N/A                                         
firefox.exe                  10064 N/A                                         
rf-chrome-nm-host.exe         3980 N/A                                         
conhost.exe                   7748 N/A                                         
svchost.exe                  12052 BITS                                        
dllhost.exe                   5932 N/A                                         
audiodg.exe                    408 N/A                                         
smartscreen.exe               2788 N/A                                         
svchost.exe                  10484 Appinfo                                     
svchost.exe                   4236 tiledatamodelsvc                            
Taskmgr.exe                   6660 N/A                                         
SearchProtocolHost.exe        7096 N/A                                         
SearchFilterHost.exe          3848 N/A                                         
cmd.exe                       7380 N/A                                         
conhost.exe                   9292 N/A                                         
tasklist.exe                  7800 N/A                                         
 


  • 0

#6
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

speccy summary sans serial number

Attached Files

  • Attached File  My.txt   125.39KB   37 downloads

  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Doesn't look like an infection.  I was going to say the WiFi is getting some interference since you have them all 6 on the same channel  but even tho you have WiFi turned on you are probably using the wired Ethernet connection

 

Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC
                            Connection-specific DNS Suffix    hsd1.ut.comcast.net
                            Connection Name    Wi-Fi
                            NetBIOS over TCPIP    Yes
                            DHCP enabled    Yes
                            MAC Address    B0-C0-90-C0-88-47
                            IP Address    10.0.0.197
                            Subnet mask    255.255.255.0
                            Gateway server    10.0.0.1
                            DHCP    10.0.0.1
                            DNS Server    75.75.75.75
                            75.75.76.76

 

 

since it's the only one with a gateway and DNS Server assigned.  Why is the Wifi turned on?  Are you letting the PC act as a router?  If not turn off the WiFi so it doesn't confuse things.

 

Speccy also says
 

Motherboard
            ASUSTeK COMPUTER INC. G11CD (LGA1151)    122 °C

 

 

 

which is probably an error but would be very bad if true.

 

Let's get a second opinion:

 

http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).

It will tell you your temps in real time.  What is the highest it reports?

 

 

 

Let's check your system files:

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

If you open an elevated command prompt it will by default open in c:\Windows\system32

Once you have an elevated command prompt:

Type:
 

 DISM  /Online  /Cleanup-Image  /RestoreHealth


 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 

sfc  /scannow




This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get anything but the first result then type:
 

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt


Hit Enter.  Then type::

 

notepad  \junk.txt


Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 


  • 0

#8
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

I do not have an Ethernet connection. Only the Wifi. It will be changing in the near future that is for sure.

 

I will air out my computer tomorrow. It may be dirty. It is saying 120 C right now. I think I need to shut her down for the night and clean her out in the morning. hopefully that will help. I was infected with some kind of malware but I used Malwarebytes and avast to get rid of it. This is why I don't give my password to my children. But I was worried that something may have been amiss because it didn't seem to resolve the other issues.

 

I will still run the boot check and then I will have it auto shut down when it is done. Then tomorrow after cleaning it I will do the rest of the items you have here and fingers crossed everything checks out.

 

Thank you again for your help :)


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Oops.  Misread Speccy.  Guess I needed some sleep.

 

Available access points count    6
                Wi-Fi ()
                    SSID
                    Frequency    5805000 kHz
                    Channel Number    161
                    Name    No name
                    Signal Strength/Quality    100
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i Robust Security Network Association (RSNA) algorithm (WPA2 is one such algorithm)
                Wi-Fi (Flyest Wifi 5)
                    SSID    Flyest Wifi 5
                    Frequency    5805000 kHz
                    Channel Number    161
                    Name    Flyest Wifi 5
                    Signal Strength/Quality    65
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK
                Wi-Fi (Ivie)
                    SSID    Ivie
                    Frequency    5805000 kHz
                    Channel Number    161
                    Name    Ivie
                    Signal Strength/Quality    55
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK
                Wi-Fi (Pizza is Awesome)
                    SSID    Pizza is Awesome
                    Frequency    5805000 kHz
                    Channel Number    161
                    Name    Pizza is Awesome
                    Signal Strength/Quality    65
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK
                Wi-Fi (xfinitywifi)
                    SSID    xfinitywifi
                    Frequency    5805000 kHz
                    Channel Number    161
                    Name    xfinitywifi
                    Signal Strength/Quality    100
                    Security    Disabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    There is a profile for this network
                    Cipher Algorithm to be used when joining this network    No Cipher algorithm is enabled/supported
                    Default Auth used to join this network for the first time    IEEE 802.11 Open System authentication algorithm
                Wi-Fi (zugzug5g)
                    SSID    zugzug5g
                    Frequency    5805000 kHz
                    Channel Number    161
                    Name    zugzug5g
                    Signal Strength/Quality    100
                    Security    Enabled
                    State    The interface is connected to a network
                    Dot11 Type    Infrastructure BSS network
                    Network    Connectible
                    Network Flags    Currently Connected to this network
                    Cipher Algorithm to be used when joining this network    AES-CCMP algorithm
                    Default Auth used to join this network for the first time    802.11i RSNA algorithm that uses PSK

 

 

As you can see from the above all 6 access points are using the same channel 161.  One of them is just as strong as the one you are using so it's hard for your WiFi to tell them apart.  Get:

 

inssider

http://www.techspot....6-inssider.html
Double click to install it. Then run it by right click and Run As Admni.

It will show you a graph in the bottom right that has your signal in blue and competing signals in orange and yellow.  It may also recommend a different channel which might have less interference.

Moving to a different channel (by logging on to your router) can drastically improve performance.

 

 

 

Hopefully you do have access to your router.  If you need help logging on to it tell me the make and model number.


  • 0

#10
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

I have an xfiniti (comcast) router. What settings once I get in there do I change so that it doesn't get confused anymore. Because all of these houses have the exact same internet. So same routers. All secured. so I can't use theirs even if it is better. lol


  • 0

Advertisements


#11
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

and when I tried to download the program you just suggested Mozilla said its not configured right so they wont connect to it. then malware said it wouldn't download it either.


  • 0

#12
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Your connection is not secure

The owner of files.metageek.net has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Learn more…

Report errors like this to help Mozilla identify and block malicious sites


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

Yes, routers all claim that they automatically pick the best channel but in practice all of the same make just seem to grab the same channel.  In your router under Wireless or WiFi you will something about Channel.  It will be set to Auto.  You have to change it to Manual then it will let you select a different channel.  There are two bands.  The older band runs from channels 1 to 12 or so.  The newer band has 25 channels but uses a different number scale.

 

I tried the download in Chrome and it didn't complain.  In FF it complained but I hit Advanced then allowed an exception and it did finish the download. 

 

Comcast often puts the password on a label on the bottom or the back of the router.  Just open a browser and go to the

10.0.0.1 and it  should give you a login prompt.


  • 0

#14
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

I changed the channel. And I downloaded the inssider from a different location. I figured out the best channel to use. and have changed it. I may run speccy again but there are so many connections on the same stupid router system as I am and they only give us access to change it to six different ones and each and every one has between 3 and 6 on them.

 

 

Boot scan came back nothing on it.

 

cleaned out the dirt and it seems to be happier has stayed at around 30C all morning.

SFC is currently running.

 

Thank you so much for helping me figure this out. I think something was screwing with it and made it angry enough for me to figure out that the motherboard was wearing a fur coat. lol

 


  • 0

#15
mythica

mythica

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

the last one wont create the document. It says it can't find the document would you like to create it. and when I clicked yes it was blank.

 

The sfc showed nothing wrong.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP