Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

New Here, Computer very slow, viruses?

Slow Startup Slow Pc

  • Please log in to reply

#1
BudMiser74

BudMiser74

    New Member

  • Member
  • Pip
  • 1 posts

Thank you guys in advance for all of the fantastic and patient help that you give!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.01.2018
Ran by Administrator (administrator) on CODYSFRANKENSTE (04-01-2018 00:29:18)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Microsoft Windows 10 Pro Version 1703 15063.786 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AAHM\1.00.20\aaHMSvc.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files\MSI\MSI Gaming APP\GamingApp_Service.exe
() C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
() C:\WINDOWS\DAODx.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\WINDOWS\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(ASUSTek Computer Inc.) C:\Program Files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr32.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(The CefSharp Authors) C:\Users\Administrator\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\perfmon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Ptipbmf] => rundll32.exe ptipbmf.dll,SetWriteCacheMode
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6336216 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49904 2014-08-13] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\...\Policies\Explorer: [Start_ShowMyMusic] 0
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [48640 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [Google Update] => C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-14] (Google Inc.)
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [GenieFloater] => C:\Program Files\Genie Soft\Genie Cleaner\GenieFloater.exe
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [Chromium] => c:\users\administrator\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {03282ab9-f79f-11e6-a0c2-001d7dd754f2} - "G:\VZW_Software_upgrade_assistant.exe" 
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {4eb08fe4-535f-11e7-a134-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {8a14f838-db96-11e7-a18b-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b65f6-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b6800-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b6891-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b68ad-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {cde03d70-dbdf-11e7-a18e-7824af41fe7d} - "G:\windows\AutoRun.exe" 
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {fe9c73f8-38ff-11e7-a10c-001d7dd754f2} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [29184 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-12-08]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2017-06-17]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1551c533-c192-487f-9249-4b90c627e16c}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{fe484051-b62e-4f1e-90a6-2737dca78b80}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2687354919-3833027354-4174839480-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2687354919-3833027354-4174839480-500 -> {C5EAC4FA-2F97-45BB-8663-DC5213D614B4} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-05] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-28] (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-08] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-08] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2687354919-3833027354-4174839480-500 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-05] (Symantec Corporation)
 
FireFox:
========
FF DefaultProfile: uhrjpwem.default
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\uhrjpwem.default [2017-12-08]
FF Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\uhrjpwem.default\Extensions\[email protected] [2017-12-08]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF => not found
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn => not found
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-08] (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin HKU\S-1-5-21-2687354919-3833027354-4174839480-500: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2687354919-3833027354-4174839480-500: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-14] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2018-01-04]
CHR Extension: (Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-24]
CHR Extension: (Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-24]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-21]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-21]
CHR Extension: (Adblock Plus) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-12-24]
CHR Extension: (Adblock for Youtube™) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-12-24]
CHR Extension: (Yahoo Partner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\commhkacjheiacaopdonmodahaoadoln [2017-12-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-12-24]
CHR Extension: (Super Mario Cart Race Game) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchacooebbifcamhpejlbnedcddchbki [2017-12-21]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2017-12-24]
CHR Extension: (Yahoo Partner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoalfhodgifhbkgmbbdafcihjpdldpll [2017-12-21]
CHR Extension: (Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-24]
CHR Extension: (Best Rally Games) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhelhekcnhfhgbjpifkldehmhggbmpjb [2017-12-21]
CHR Extension: (Avira Browser Safety) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-22]
CHR Extension: (AdBlock) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-24]
CHR Extension: (Yahoo Partner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hikeppggmbhdgodhakicedaejpleoigm [2017-12-21]
CHR Extension: (Yahtzee) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihojcamicnohnlcgilfkliehaefbgmpf [2017-12-21]
CHR Extension: (Crazy Soccer Physics) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfafbfgnlpcgggnlpadfhpoajgfofhjc [2017-12-21]
CHR Extension: (Real Piano) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjcdeclblmjjmlmlhohjhffninphijdm [2017-12-21]
CHR Extension: (TubeTab) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce [2017-12-21]
CHR Extension: (Bowling Games) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmgapgkmkmjefgiidacjlmodndhgicje [2017-12-21]
CHR Extension: (Stickman Boxing KO Champion) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kflcgekgodiajbkkjpklckfpnebfndhf [2017-12-21]
CHR Extension: (Mini Golf) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmcdebhlldhklpbhnlmdehcemjaajbbc [2017-12-21]
CHR Extension: (WGT Golf Game) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2017-12-21]
CHR Extension: (Search Manager) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-12-21]
CHR Extension: (Goblin Run) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\njjbnkdjkgaeofckdengakadklacggpd [2017-12-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-24]
CHR Extension: (HowToSuite) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnljkamlkedffammjddflhjepplhnoj [2017-12-24]
CHR Extension: (Live Start Page - Living Wallpapers) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocggccaacacpienfcgmgcihoombokbbj [2017-12-24]
CHR Extension: (Search Swapper) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhflkcfkbgjpodgmcdcmkdpfabieode [2017-12-21]
CHR Extension: (Search Manager) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2017-12-21]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-24]
CHR Extension: (24/7 Spades) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmmplbpfbfloacpbolnageogpmodkhhi [2017-12-21]
CHR HKLM\...\Chrome\Extension: [commhkacjheiacaopdonmodahaoadoln] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eoalfhodgifhbkgmbbdafcihjpdldpll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hikeppggmbhdgodhakicedaejpleoigm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlhpijolpcimadhjingadnbcjncmjdce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ofhflkcfkbgjpodgmcdcmkdpfabieode] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2012-11-09] (ASUSTeK Computer Inc.) [File not signed]
R2 GamingApp_Service; C:\Program Files\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [171632 2013-01-02] (Intel Corporation)
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
S2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [466880 2017-12-15] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [466880 2017-12-15] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe [279256 2017-12-07] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe [86544 2017-12-07] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 PEVSystemStart; "C:\ComboFix\pev.3XE" EXEC /i "C:\ComboFix\HIDEC.3XE" "C:\ComboFix\SWREG.3XE" ACL "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Beep" /RESET /Q
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiChargerPlus; C:\WINDOWS\System32\drivers\AiChargerPlus.sys [13952 2013-01-28] (ASUSTek Computer Inc.)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2012-08-22] ()
R3 asmthub3; C:\WINDOWS\System32\drivers\asmthub3.sys [111360 2013-08-16] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\drivers\asmtxhci.sys [337152 2013-08-16] (ASMedia Technology Inc)
R1 AsUpIO; C:\WINDOWS\System32\drivers\AsUpIO.sys [11832 2013-01-14] ()
R3 ASUSFILTER; C:\WINDOWS\System32\drivers\ASUSFILTER.sys [37448 2011-09-19] (MCCI Corporation)
S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [23808 2013-03-28] (MCCI Corporation)
S3 ASUSumsc; C:\WINDOWS\System32\drivers\ASUSumsc.sys [126720 2013-03-28] (MCCI Corporation)
S3 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx86.sys [1097304 2013-09-25] (Symantec Corporation)
S3 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [156672 2003-06-10] (Promise Technology, Inc.)
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2017-06-19] (Windows ® 2000 DDK provider)
S3 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSVix86.sys [392792 2013-09-23] (Symantec Corporation)
S3 JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [48256 2020-02-01] (JMicron Technology Corp.) [File not signed]
S3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [52368 2015-06-17] (Logitech, Inc.)
S3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [20240 2015-06-17] (Logitech, Inc.)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [33328 2016-07-27] (Microsoft Corporation)
S3 mcdbus; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R1 MpKsle9029732; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{75DAF8C9-6624-46E8-9A7B-13FCCB3B9B13}\MpKsle9029732.sys [49504 2018-01-03] (Microsoft Corporation)
S3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [File not signed]
S3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\NAVENG.SYS [93272 2013-10-04] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\NAVEX15.SYS [1612376 2013-10-04] (Symantec Corporation)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [29256 2013-02-20] (NT Kernel Resources)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update\NTIOLib.sys [7680 2010-10-20] (MSI) [File not signed]
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_x86_230cd12899523d91\nvlddmkm.sys [14863632 2017-12-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-12-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [44992 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [50112 2017-12-15] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [748272 2015-09-10] (Realtek )
S3 SRTSP; C:\WINDOWS\system32\drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
S3 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [11232 2017-01-14] ()
S3 SymDS; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
S3 SymEFA; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-26] (Symantec Corporation)
S3 SymELAM; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMELAM.SYS [21520 2013-09-09] (Symantec Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2017-06-19] (Symantec Corporation)
S3 SymIRON; C:\WINDOWS\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
S3 SymNetS; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMNETS.SYS [446552 2013-09-25] (Symantec Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38904 2017-12-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [238160 2017-12-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [93776 2017-12-07] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-04 00:29 - 2018-01-04 00:30 - 000032773 _____ C:\Users\Administrator\Desktop\FRST.txt
2018-01-04 00:28 - 2018-01-04 00:29 - 000000000 ____D C:\FRST
2018-01-04 00:26 - 2018-01-04 00:26 - 001753600 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2018-01-02 18:42 - 2018-01-02 18:42 - 000003902 _____ C:\Users\Administrator\Desktop\New Text Document.txt
2018-01-02 15:20 - 2018-01-03 13:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-02 15:20 - 2018-01-02 15:21 - 000595836 _____ C:\WINDOWS\Minidump\010218-22875-01.dmp
2017-12-31 12:56 - 2017-12-31 12:57 - 000595972 _____ C:\WINDOWS\Minidump\123117-21156-01.dmp
2017-12-30 13:56 - 2017-12-30 13:56 - 008388608 ___SH C:\tmpgfile.sys
2017-12-30 13:36 - 2017-12-30 13:54 - 000000000 ____D C:\$Windows.~BT
2017-12-30 13:04 - 2017-12-30 13:05 - 000588436 _____ C:\WINDOWS\Minidump\123017-53000-01.dmp
2017-12-30 12:39 - 2017-12-30 12:39 - 000000000 _____ C:\WINDOWS\Minidump\123017-50921-01.dmp
2017-12-30 10:22 - 2017-12-30 13:56 - 000000000 ___HD C:\$SysReset
2017-12-29 13:18 - 2017-12-29 13:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2017-12-29 13:15 - 2017-12-29 13:17 - 000595820 _____ C:\WINDOWS\Minidump\122917-54281-01.dmp
2017-12-29 09:47 - 2017-12-29 09:47 - 000000000 ____D C:\Users\Administrator\Desktop\2018 New Support Convos
2017-12-28 23:20 - 2017-12-15 19:17 - 000974272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer32.dll
2017-12-28 23:19 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-28 23:19 - 2017-12-15 19:17 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2017-12-28 23:19 - 2017-12-15 19:17 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-12-28 23:18 - 2017-12-28 23:18 - 000000000 ____D C:\Program Files\VulkanRT
2017-12-28 23:18 - 2017-12-15 17:47 - 000143960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2017-12-28 23:18 - 2017-09-13 18:20 - 000798008 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-28 23:18 - 2017-09-13 18:20 - 000490296 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-28 23:17 - 2017-12-15 19:17 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-28 23:17 - 2017-12-15 17:34 - 003669392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 002093552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 001766704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000448496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000429360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000109880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000081296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-12-28 23:17 - 2017-12-14 01:06 - 007917671 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-12-28 23:16 - 2017-12-15 19:17 - 000438584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-12-28 23:14 - 2017-12-15 19:17 - 000050112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-12-28 23:13 - 2017-12-15 19:17 - 035157488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 029381936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 019040512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 011781912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 003817400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 003615032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 001097520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3238871.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3238871.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000944056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco3220103.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000933360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000183736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda32v.sys
2017-12-28 23:13 - 2017-12-15 19:17 - 000044992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad32v.sys
2017-12-28 23:13 - 2017-12-15 19:17 - 000041742 _____ C:\WINDOWS\system32\nvinfo.pb
2017-12-28 23:13 - 2017-12-15 19:17 - 000041584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap32.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000000669 _____ C:\WINDOWS\system32\nv-vk32.json
2017-12-28 21:32 - 2018-01-03 12:25 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-28 21:31 - 2017-12-29 13:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-28 21:31 - 2017-12-28 21:35 - 000000000 ____D C:\WINDOWS\LastGood
2017-12-28 21:16 - 2017-12-28 21:18 - 000558612 _____ C:\WINDOWS\Minidump\122817-21484-01.dmp
2017-12-28 20:16 - 2017-12-28 20:16 - 000006324 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2017-12-28 20:09 - 2017-12-28 20:09 - 000595692 _____ C:\WINDOWS\Minidump\122817-35906-01.dmp
2017-12-28 19:58 - 2017-12-28 19:59 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-12-28 19:32 - 2017-12-28 19:33 - 358995872 _____ (NVIDIA Corporation) C:\Users\Administrator\Downloads\388.71-desktop-win10-32bit-international-whql.exe
2017-12-28 15:26 - 2017-12-28 15:27 - 000595852 _____ C:\WINDOWS\Minidump\122817-55203-01.dmp
2017-12-24 14:15 - 2017-12-24 14:18 - 000595868 _____ C:\WINDOWS\Minidump\122417-61046-01.dmp
2017-12-21 18:20 - 2017-12-24 14:47 - 000002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-21 14:17 - 2017-12-21 14:17 - 000311858 _____ C:\Users\Administrator\Downloads\DoubleKiller.zip
2017-12-21 14:05 - 2017-12-21 14:05 - 000000000 ____D C:\Program Files\Nsasoft
2017-12-15 11:42 - 2017-12-15 11:42 - 000595724 _____ C:\WINDOWS\Minidump\121517-53765-01.dmp
2017-12-15 11:24 - 2017-12-15 11:24 - 000000000 ____D C:\SUPERDelete
2017-12-15 11:04 - 2017-12-15 11:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\DuplicateFinder
2017-12-15 10:45 - 2017-12-15 10:45 - 000000000 ____D C:\Users\Administrator\Documents\EasyDuplicateFinder
2017-12-15 10:45 - 2017-12-15 10:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\EasyDuplicateFinder
2017-12-15 10:45 - 2017-12-15 10:45 - 000000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-12-15 09:27 - 2017-12-16 13:03 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2017-12-15 08:31 - 2017-12-20 16:15 - 000000916 _____ C:\Users\Administrator\Desktop\Application Shorts.txt
2017-12-15 02:10 - 2017-12-15 02:10 - 000000499 _____ C:\Users\Administrator\grandma.xspf
2017-12-15 02:08 - 2017-12-15 02:08 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\dvdcss
2017-12-15 01:41 - 2017-12-15 15:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2017-12-15 01:41 - 2017-12-15 01:41 - 000001097 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-12-15 01:41 - 2017-12-15 01:41 - 000000000 ____D C:\Program Files\VideoLAN
2017-12-14 06:47 - 2017-12-14 06:47 - 001328479 _____ C:\Users\Administrator\Downloads\video-1513203410.mp4
2017-12-13 14:58 - 2017-12-13 14:58 - 000247907 _____ C:\Users\Administrator\Downloads\received_150365162273885.jpeg
2017-12-13 13:00 - 2017-12-13 13:02 - 000595700 _____ C:\WINDOWS\Minidump\121317-53031-01.dmp
2017-12-12 19:40 - 2017-12-12 19:42 - 000595852 _____ C:\WINDOWS\Minidump\121217-24156-01.dmp
2017-12-12 19:31 - 2017-12-12 19:31 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-12 19:12 - 2017-11-29 22:15 - 000034200 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-12-12 19:12 - 2017-11-29 22:04 - 005863320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-12 19:12 - 2017-11-29 22:04 - 000902896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-12 19:12 - 2017-11-29 22:04 - 000790816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-12 19:12 - 2017-11-29 21:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-12 19:12 - 2017-11-29 21:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-12 19:12 - 2017-11-29 21:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-12 19:12 - 2017-11-29 21:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-12 19:12 - 2017-11-29 21:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-12-12 19:11 - 2017-11-29 22:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-12 19:11 - 2017-11-29 21:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:11 - 2017-11-29 21:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-12 19:11 - 2017-11-29 21:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-12 19:11 - 2017-11-29 21:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-12 19:11 - 2017-11-29 21:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-12 19:11 - 2017-11-29 21:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-12 19:11 - 2017-11-29 21:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscript.ocx
2017-12-12 19:11 - 2017-11-29 21:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-12 19:11 - 2017-11-29 21:42 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-12 19:11 - 2017-11-29 21:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-12 19:11 - 2017-11-29 21:40 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-12 19:11 - 2017-11-29 21:40 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-12 19:11 - 2017-11-29 21:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-12 19:11 - 2017-11-29 21:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-12 19:11 - 2017-11-29 21:39 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-12-12 19:11 - 2017-11-29 21:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-12-12 19:11 - 2017-11-29 21:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-12-12 19:11 - 2017-11-29 21:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 002041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 001089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-12 19:11 - 2017-11-29 21:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-12 19:11 - 2017-11-17 04:32 - 000116120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-12-12 19:11 - 2017-11-17 04:31 - 001927064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-12-12 19:11 - 2017-11-17 04:31 - 001330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000518040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000497048 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000364440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000312216 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000158616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000060312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000030616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-12-12 19:11 - 2017-11-17 04:24 - 000550296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-12 19:11 - 2017-11-17 04:17 - 000410520 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-12-12 19:11 - 2017-11-17 04:00 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-12 19:11 - 2017-11-17 03:53 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-12 18:47 - 2017-12-12 18:49 - 000595900 _____ C:\WINDOWS\Minidump\121217-56500-01.dmp
2017-12-10 15:36 - 2017-10-15 09:46 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-12-10 15:36 - 2017-07-07 01:03 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
2017-12-10 15:36 - 2017-06-19 23:35 - 005141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2017-12-10 15:36 - 2017-04-19 00:30 - 002102272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2017-12-09 10:38 - 2017-12-09 10:40 - 000595812 _____ C:\WINDOWS\Minidump\120917-23609-01.dmp
2017-12-09 08:02 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE Handset USB Driver
2017-12-09 08:02 - 2017-12-09 10:33 - 000000000 ____D C:\Program Files\ZTE_Handset_USB_Driver
2017-12-09 08:02 - 2015-09-06 14:16 - 000068760 _____ (Google, inc) C:\WINDOWS\AdbWinUsbApi.dll
2017-12-09 08:02 - 2015-09-06 14:15 - 000104088 _____ (Google, inc) C:\WINDOWS\AdbWinApi.dll
2017-12-09 08:02 - 2015-09-06 14:09 - 001017496 _____ C:\WINDOWS\adb.exe
2017-12-09 08:02 - 2014-03-17 09:59 - 000117960 _____ (ZTE Corporation) C:\WINDOWS\system32\Drivers\zghsser.sys
2017-12-09 08:02 - 2013-09-11 14:28 - 000149696 _____ (ZTE Corporation) C:\WINDOWS\system32\Drivers\zghsnet.sys
2017-12-09 08:02 - 2012-11-09 15:12 - 000053000 _____ (VIA Telecom) C:\WINDOWS\system32\Drivers\viahsser.sys
2017-12-09 08:02 - 2012-10-31 16:02 - 000027016 _____ (Via Telecom, Inc.) C:\WINDOWS\system32\Drivers\viahsets.sys
2017-12-09 08:02 - 2012-06-20 11:51 - 000017672 _____ (HandSet Incorporated) C:\WINDOWS\system32\Drivers\massfilter_hs.sys
2017-12-08 22:35 - 2017-12-08 22:35 - 000001276 _____ C:\Users\Administrator\Desktop\Facebook Gameroom.lnk
2017-12-08 05:08 - 2017-12-08 05:08 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-12-08 05:08 - 2017-11-09 20:31 - 000053256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-12-08 05:08 - 2017-11-09 20:31 - 000037472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-12-08 05:06 - 2017-12-08 05:30 - 000000000 ____D C:\Program Files\Avira
2017-12-08 01:31 - 2017-12-08 01:31 - 000000000 ____D C:\Program Files\Common Files\Java
2017-12-08 00:42 - 2017-12-08 00:42 - 000000000 ____D C:\Users\Administrator\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2017-12-07 22:36 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2017-12-07 19:22 - 2017-12-07 19:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard Company
2017-12-07 19:14 - 2017-12-08 04:59 - 000000000 ____D C:\HP_LaserJet_200_color_M251
2017-12-07 19:10 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-12-07 19:10 - 2017-12-14 19:29 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\HpUpdate
2017-12-07 19:10 - 2017-12-07 19:22 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2017-12-07 19:08 - 2012-07-18 21:27 - 000238080 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbcoins32.dll
2017-12-07 19:08 - 2011-09-28 09:38 - 000291840 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpcpn117.dll
2017-12-07 19:07 - 2017-12-07 19:11 - 000000000 ____D C:\Program Files\HP
2017-12-07 19:06 - 2017-12-07 19:11 - 000000000 ____D C:\ProgramData\HP
2017-12-07 16:22 - 2017-12-07 16:23 - 000595780 _____ C:\WINDOWS\Minidump\120717-51703-01.dmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-02-01 19:02 - 2009-08-30 01:44 - 000048256 _____ (JMicron Technology Corp.) C:\WINDOWS\system32\Drivers\jraid.sys
2018-01-03 20:48 - 2017-06-11 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-03 11:28 - 2017-02-24 11:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2018-01-02 19:10 - 2017-06-11 15:13 - 000000000 ____D C:\Users\Administrator
2018-01-02 16:05 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-02 15:59 - 2017-03-18 13:23 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-02 15:41 - 2017-06-19 17:08 - 001048576 _____ C:\WINDOWS\PE_Rom.dll
2018-01-02 15:20 - 2017-06-16 12:24 - 000000000 ____D C:\WINDOWS\Minidump
2018-01-02 15:20 - 2017-06-11 15:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-31 18:41 - 2017-03-18 01:02 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-12-31 16:23 - 2017-01-14 00:38 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2017-12-31 14:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\registration
2017-12-30 14:32 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-30 13:55 - 2017-01-14 00:26 - 000008192 __RSH C:\BOOTSECT.BAK
2017-12-30 10:30 - 2017-03-18 13:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-30 10:14 - 2017-03-18 13:21 - 000000000 ____D C:\WINDOWS\INF
2017-12-30 09:34 - 2017-11-28 15:22 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2017-12-30 09:34 - 2017-06-20 00:45 - 000000000 ____D C:\WINDOWS\system32\LiveUpdate
2017-12-30 09:34 - 2017-06-19 20:45 - 000000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-30 09:34 - 2017-01-14 12:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-30 09:33 - 2017-12-02 03:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2017-12-30 09:33 - 2017-06-19 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-12-30 09:33 - 2017-06-19 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5
2017-12-30 09:33 - 2017-06-19 20:44 - 000000000 ____D C:\Program Files\Intel
2017-12-30 09:33 - 2017-06-19 09:02 - 000000000 ____D C:\ProgramData\Norton
2017-12-30 09:33 - 2017-06-17 17:42 - 000000000 ____D C:\Program Files\Realtek
2017-12-30 09:33 - 2017-06-17 01:37 - 000000000 ____D C:\Program Files\Common Files\LogiShrd
2017-12-30 09:33 - 2017-06-17 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Drivers Download Utility
2017-12-30 09:33 - 2017-06-17 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
2017-12-30 09:33 - 2017-06-11 15:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-30 09:33 - 2017-06-10 08:54 - 000000000 ____D C:\Program Files\UNP
2017-12-30 09:33 - 2017-03-18 13:25 - 000000000 ____D C:\WINDOWS\Setup
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\schemas
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\Help
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-30 09:33 - 2017-01-28 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMe Internet Printing
2017-12-30 09:33 - 2017-01-28 04:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-30 09:33 - 2017-01-14 07:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-30 09:33 - 2009-07-13 21:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-12-30 08:49 - 2017-06-11 12:51 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-30 08:36 - 2017-06-11 15:29 - 000055248 _____ C:\WINDOWS\diagwrn.xml
2017-12-30 08:36 - 2017-06-11 15:29 - 000055248 _____ C:\WINDOWS\diagerr.xml
2017-12-29 14:54 - 2017-03-18 01:02 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 09:46 - 2017-06-23 01:37 - 000000000 ___RD C:\Users\Administrator\Desktop\All PC [bleep]
2017-12-29 09:46 - 2017-01-15 18:51 - 000000000 ____D C:\Users\Administrator\Desktop\ALL Downloads
2017-12-29 04:21 - 2017-11-21 03:50 - 000266752 ___SH C:\Users\Administrator\Desktop\Thumbs.db
2017-12-28 23:19 - 2017-11-19 23:34 - 000000000 ____D C:\temp
2017-12-28 20:05 - 2017-06-11 15:12 - 002023132 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-24 16:37 - 2017-01-14 07:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2017-12-24 16:37 - 2017-01-14 01:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-12-24 16:37 - 2017-01-14 01:15 - 000000000 ____D C:\Program Files\Google
2017-12-24 14:47 - 2017-01-14 01:15 - 000002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-21 14:53 - 2017-01-14 08:04 - 000000000 ___RD C:\Users\Administrator\OneDrive
2017-12-15 19:17 - 2017-06-23 00:34 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap.dll
2017-12-15 11:24 - 2017-01-14 02:22 - 000000000 ____D C:\Users\Administrator\AppData\Local\SlimWare Utilities Inc
2017-12-13 15:29 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\rescache
2017-12-12 19:42 - 2017-06-11 15:08 - 000214432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-12 19:31 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-12 19:13 - 2017-11-29 05:50 - 130448288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-12 19:13 - 2017-01-14 12:44 - 130448288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-09 13:53 - 2017-06-19 17:13 - 000000000 _____ C:\WINDOWS\Path.idx
2017-12-09 10:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-09 10:33 - 2017-02-27 16:23 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2017-12-09 10:33 - 2017-01-27 07:59 - 000000000 ____D C:\Users\Administrator\.android
2017-12-08 05:30 - 2017-12-02 19:25 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-08 05:01 - 2017-12-02 19:31 - 000000000 ____D C:\Users\Administrator\AppData\Local\.IdentityService
2017-12-08 05:01 - 2017-12-02 02:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mobogenie
2017-12-08 05:01 - 2017-06-11 12:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\UNP
2017-12-08 05:01 - 2017-01-14 00:54 - 000000000 ___SD C:\ComboFix
2017-12-08 04:59 - 2017-03-18 13:23 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-08 04:58 - 2017-06-22 20:37 - 000000000 ____D C:\ProgramData\YTD Video Downloader
2017-12-08 01:31 - 2017-01-28 04:23 - 000000000 ____D C:\Program Files\Java
2017-12-08 01:31 - 2017-01-14 02:07 - 000000000 ____D C:\ProgramData\Oracle
2017-12-08 01:30 - 2017-01-28 04:24 - 000095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2017-12-07 22:36 - 2017-06-22 20:37 - 000001320 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
 
==================== Files in the root of some directories =======
 
2017-01-26 18:36 - 2017-06-23 03:57 - 000007603 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2017-01-27 06:15 - 2017-03-12 05:42 - 000000552 _____ () C:\Users\Administrator\AppData\Local\TroubleshooterConfig.json
 
Some files in TEMP:
====================
2017-12-04 16:13 - 2017-12-15 17:47 - 000759848 _____ (NVIDIA Corporation) C:\Users\Administrator\AppData\Local\Temp\nvSCPAPI.dll
2017-12-28 19:57 - 2017-10-27 11:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Administrator\AppData\Local\Temp\nvStInst.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-12-29 10:56
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.01.2018
Ran by Administrator (04-01-2018 00:31:01)
Running from C:\Users\Administrator\Desktop
Microsoft Windows 10 Pro Version 1703 15063.786 (X86) (2017-06-11 20:32:54)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2687354919-3833027354-4174839480-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2687354919-3833027354-4174839480-503 - Limited - Disabled)
Guest (S-1-5-21-2687354919-3833027354-4174839480-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2687354919-3833027354-4174839480-1001 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
32 Bit HP CIO Components Installer (HKLM\...\{6553F4A8-B67F-49BA-A882-FF499C83CF4B}) (Version: 8.1.4 - Hewlett-Packard) Hidden
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Reader 6.0.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A00000000001}) (Version: 006.000.001 - Adobe Systems Incorporated)
AI Suite II (HKLM\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Boot Setting (HKLM\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Asus Drivers Download Utility 3.6.1 (HKLM\...\{3E7C8168-166F-33BC-D659-3B4CFF633E35}_is1) (Version: 3.6.1 - LionSea Software)
CPUID ASUS CPU-Z 1.65 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.65 - CPUID, Inc.)
DriverTuner 3.5.0.2 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.5.0.2 - LionSea Software co., ltd)
eReg (HKLM\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Gameroom 1.11.6549.23876 (HKLM\...\{628CC5F4-CCF3-4093-9B96-008667D11498}) (Version: 1.11.6549.23876 - Facebook)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
Google Drive (HKLM\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 5.0.12200.1036 - Hewlett-Packard)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
hpbDSService (HKLM\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM251DSService (HKLM\...\{413E98C3-2CA1-4D04-AFC2-8D8D873A3178}) (Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (HKLM\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 020.021.004 - HP) Hidden
HPLJUTCore (HKLM\...\{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}) (Version: 004.005.0001 - HP) Hidden
HPLJUTM251 (HKLM\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM\...\{180D6813-95E0-415C-B58A-5B9493DE2DDA}) (Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}) (Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
LJDXPHelperUI (HKLM\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 020.021.004 - HP) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
MSI Gaming APP (HKLM\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 3.0.0.12 - MSI)
MSI Kombustor 2.5.9 (HKLM\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
Norton Internet Security (HKLM\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{8BE893D4-107C-4867-9B71-A3CF2C917C0E}) (Version: 1.0.13.0 - Microsoft Corporation)
YTD Video Downloader 5.8.7 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.7 - GreenTree Applications SRL) <==== ATTENTION
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll (Hewlett-Packard Company)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\PROGRAM FILES\\GOOGLE\UPDATE\1.3.32.7\PSUSER.DLL => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NavShExt.dll [2013-10-08] (Symantec Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NavShExt.dll [2013-10-08] (Symantec Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NavShExt.dll [2013-10-08] (Symantec Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1A421046-19A4-46C7-BEE6-A91D60AB2960} - System32\Tasks\ASUS\RunDAOD => C:\WINDOWS\DAODx.exe [2009-03-30] ()
Task: {23ACB89D-374D-48CD-8CFA-4E3D50B7954F} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {25248BBB-D79B-4706-8D74-0EF1FBFF58FD} - System32\Tasks\{DA4401F1-27D8-4A6B-A0EA-D482DD388E87} => C:\WINDOWS\system32\pcalua.exe -a D:\Utility\Gigabyte\Easytune5\_ISDel.exe -d D:\Utility\Gigabyte\Easytune5
Task: {357293A4-FFD3-4072-9223-8E7922DBBC3C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-15] (NVIDIA Corporation)
Task: {36CC6CA5-AA91-4EAF-BBCB-9D3CC6BD11A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-12-15] (NVIDIA Corporation)
Task: {44BDEA70-D4BD-4387-83F1-FD0881AE27E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {4B475C33-3440-48E8-996B-B458C190C3C3} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {4FFF1CD5-9456-4A69-AAF9-35043116171E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {5A6CD5FF-5BC3-4ECC-87D9-F414D33FA116} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {61DAF5E5-F7F0-40BD-9063-418C6544B913} - System32\Tasks\DriverTuner Startup => C:\Program Files\DriverTuner\DriverTuner.exe [2015-03-10] (LionSea)
Task: {7A9E13B9-C85D-4A42-80C6-9146E1FAEEC6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-12-15] (NVIDIA Corporation)
Task: {7E1D5E0A-25DC-44FE-AF01-368EB84AC287} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-12-15] (NVIDIA Corporation)
Task: {867F5562-7DDF-4EFC-8DC8-FBE156FA2756} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {8EECDB3E-47FE-4648-AAD8-D0758B518610} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {917AAB20-9B04-4E43-99DE-3D01509288A8} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [2012-06-14] (Hewlett Packard)
Task: {9BBE4844-C254-4DDC-BAF6-D6EFB1E4BD5A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation)
Task: {AD93A343-8656-4FEA-A25B-7AC8EF6605C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {B6423837-C675-4CE6-A7F6-2E56F522955D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-12-15] (NVIDIA Corporation)
Task: {BAE9DFDD-D949-4F44-8655-094D354B91B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-14] (Google Inc.)
Task: {C2D4F9A3-A290-403C-98D5-0A7468D4A040} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation)
Task: {D00068E1-5CD6-4C56-BFF7-993C2537BEAD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-12-15] (NVIDIA Corporation)
Task: {D7A1884C-66DE-414C-B8FB-9E56297CCCF6} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {DE5FB2EB-7504-45CA-B5A9-F50BEF814105} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {E3031A4A-E78C-476C-BF83-3B927073352D} - System32\Tasks\Motorola Device Manager Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {E52074DD-2EB9-46A6-9D25-7AA75676C596} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {ECF16BAD-67DD-46FC-A2D7-32AD5B417113} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2013-08-26] (ASUSTeK Computer Inc.)
Task: {FE27FFAA-0A68-4FCC-832B-4B7A4F7B03F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-14] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2687354919-3833027354-4174839480-500Core.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-12-28 23:17 - 2017-12-15 17:34 - 000122440 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-04-07 09:31 - 2014-04-07 09:31 - 000172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
2017-06-19 16:50 - 2013-09-17 05:58 - 000920736 ____N () C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe
2017-06-19 16:50 - 2018-01-02 15:20 - 000033792 _____ () C:\Program Files\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2017-06-19 16:50 - 2010-06-28 21:58 - 000104448 ____N () C:\Program Files\ASUS\AXSP\1.00.19\ATKEX.dll
2017-06-19 16:53 - 2012-01-12 15:44 - 000475136 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2017-06-19 16:55 - 2013-08-19 04:23 - 000043520 ____N () C:\Program Files\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2017-03-18 13:19 - 2017-03-18 13:19 - 000116824 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-06-19 16:53 - 2013-08-05 10:14 - 000176128 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2017-06-19 16:53 - 2012-05-02 17:04 - 000233472 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2017-06-19 16:53 - 2010-12-14 16:46 - 000067584 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2017-06-19 16:53 - 2013-06-11 11:06 - 000425984 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2017-06-19 16:53 - 2010-10-29 17:58 - 000221184 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\JpegCD.DLL
2017-06-19 16:53 - 2013-08-06 19:04 - 002502656 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\xH264E.DLL
2017-06-19 16:54 - 2013-06-13 16:37 - 000156160 _____ () C:\Program Files\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
2017-06-19 16:53 - 2013-03-21 18:38 - 000716800 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2017-06-19 16:53 - 2012-04-25 13:47 - 000659456 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2017-06-17 17:40 - 2009-03-30 01:32 - 000032768 _____ () C:\WINDOWS\DAODx.exe
2017-03-18 13:19 - 2017-03-18 15:23 - 001456128 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-19 16:55 - 2013-08-19 16:21 - 000253952 _____ () C:\Program Files\ASUS\AI Suite II\TurboV EVO\pngio.dll
2017-12-05 18:38 - 2017-12-05 18:38 - 003604192 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-06 09:15 - 2017-12-06 09:15 - 000748032 _____ () C:\Users\Administrator\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2017-12-06 09:15 - 2017-12-06 09:15 - 068178432 _____ () C:\Users\Administrator\AppData\Local\Facebook\Games\libcef.dll
2017-12-24 14:47 - 2017-12-13 21:21 - 003062104 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.108\libglesv2.dll
2017-12-24 14:47 - 2017-12-13 21:21 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.108\libegl.dll
2017-12-12 20:58 - 2017-12-12 20:58 - 017844736 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer32_28_0_0_126.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:04 - 2017-12-04 16:04 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Screenshot (42).png
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Memeo Instant Backup"
HKLM\...\StartupApproved\Run: => "ASUS AiChargerPlus Execute"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ASUS WiFi GO! FileTransfer Execute"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\Run: => "BlueStacks Agent"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{A7B8369A-D10F-47B1-B778-C882C38CD105}C:\program files\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files\gigabyte\@bios\gwflash.exe
FirewallRules: [TCP Query User{AF9F5E3A-30DC-412F-A82F-CFBAB1B1524D}C:\program files\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files\gigabyte\@bios\gwflash.exe
FirewallRules: [{4F7BDA0F-35BE-4A6B-831B-368345FE926F}] => (Block) C:\program files\gigabyte\et5\update.exe
FirewallRules: [{27601DB8-715C-46DA-80D2-96F199162734}] => (Block) C:\program files\gigabyte\et5\update.exe
FirewallRules: [UDP Query User{482B70BC-DDFC-49A2-BA96-D4621861DEE6}C:\program files\gigabyte\et5\update.exe] => (Allow) C:\program files\gigabyte\et5\update.exe
FirewallRules: [TCP Query User{43CEF587-6603-48CB-AAEC-A1AEFFC135FD}C:\program files\gigabyte\et5\update.exe] => (Allow) C:\program files\gigabyte\et5\update.exe
FirewallRules: [{A5821B24-1BCC-444F-AA5D-DBF11CF87B4C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FC3F4858-F80C-43B2-9269-710FAC0094F1}] => (Allow) LPort=2869
FirewallRules: [{5837BF69-51AE-40C1-8D55-C02F9D6DE3E9}] => (Allow) LPort=1900
FirewallRules: [{DD5D5476-88F3-4124-AA7D-3D000F75BA3A}] => (Allow) C:\Program Files\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{B4CA357E-581E-4264-8755-4F8B36043B88}] => (Allow) C:\Program Files\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{0AA6AFBA-5DC7-4397-8017-BB41000DB25D}] => (Allow) LPort=2869
FirewallRules: [{94AEA28E-E51D-495D-B960-0FFE601F55FD}] => (Allow) LPort=1900
FirewallRules: [{C3BBBDA7-3795-4E35-8F08-97007FF579A3}] => (Allow) C:\Program Files\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{5776DD4F-2A95-470D-8FFC-41DD0F8A6B2C}] => (Allow) C:\Program Files\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{4AD6A796-595F-4617-8EB6-A1DC6720BD01}] => (Allow) C:\Program Files\HP\HP LaserJet 200 color M251\Bin\HPNetworkCommunicator.exe
FirewallRules: [{F74E7E55-0161-4D7A-A03A-3B9AAA05A001}] => (Allow) C:\Program Files\HP\HP LaserJet 200 color M251\bin\EWSProxy.exe
FirewallRules: [TCP Query User{0B389F0C-7308-4CF2-9E1F-7BE47AFD397D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{E5A16483-0F1C-433B-BF9B-29F41D3F8F70}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{39228B9E-4E02-4F41-9C79-82838A220363}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{6190CF81-FBC1-4EF5-9EB2-39A42908B312}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E12AFCF0-DB13-4CDE-BD38-8FF553DE5307}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{782185FF-6E8B-433C-A03A-57F3940C2384}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{398B24BB-6AC6-46E5-8147-687D4BCE9CEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{94F8BE94-1C31-4D2E-9E6C-321AA8CF925F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14FA90D1-8BA0-41CE-8798-7552C84A8FB4}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{064110A2-B54E-4730-A50C-18D9B2069013}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{1DF3C5C4-91F4-4131-90EA-05187B846378}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
FirewallRules: [{0E928A55-8C68-45E6-B0BB-B3C6F93415E6}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/03/2018 03:33:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CODYSFRANKENSTE)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/03/2018 11:28:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Facebook Gameroom Browser.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 060B444D
 
Error: (01/03/2018 11:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Facebook Gameroom Browser.exe, version: 57.0.0.0, time stamp: 0x59850954
Faulting module name: fenix28.0.0.126.dll, version: 28.0.0.126, time stamp: 0x5a1c9c23
Exception code: 0xc0000005
Fault offset: 0x000b444d
Faulting process id: 0x474
Faulting application start time: 0x01d384690ee08084
Faulting application path: C:\Users\Administrator\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
Faulting module path: C:\Users\Administrator\AppData\Local\Facebook\Games\plugins\fenix28.0.0.126.dll
Report Id: f2d19dfc-3fa3-4e15-a6e0-12807acb8015
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/03/2018 11:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FacebookGameroom.exe, version: 1.11.6549.23876, time stamp: 0x5a285e09
Faulting module name: libcef.dll, version: 3.2987.1601.0, time stamp: 0x5984c1cd
Exception code: 0xc0000005
Fault offset: 0x022bd23e
Faulting process id: 0x23b4
Faulting application start time: 0x01d38468f7d3cfd3
Faulting application path: C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
Faulting module path: C:\Users\Administrator\AppData\Local\Facebook\Games\libcef.dll
Report Id: 1292950c-d40a-4965-8e52-6b33c2692752
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (01/03/2018 11:28:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FacebookGameroom.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 11B8D23E
Stack:
 
Error: (01/03/2018 02:18:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2017.39101.16720.0, time stamp: 0x5a2aeece
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.15063.674, time stamp: 0xa5f2f3a2
Exception code: 0xc000027b
Fault offset: 0x006f2e0c
Faulting process id: 0x474
Faulting application start time: 0x01d384630af5bad8
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 11fbae95-33ad-4fdc-90bf-bb590912c351
Faulting package full name: Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: App
 
Error: (01/03/2018 01:27:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2017.39101.16720.0, time stamp: 0x5a2aeece
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.15063.674, time stamp: 0xa5f2f3a2
Exception code: 0xc000027b
Fault offset: 0x006f2e0c
Faulting process id: 0x414
Faulting application start time: 0x01d3845bc4849a0d
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 746d9438-32e7-4d77-a129-57f3b1fbdd05
Faulting package full name: Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: App
 
Error: (01/02/2018 04:13:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (01/02/2018 03:56:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CODYSFRANKENSTE)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/02/2018 03:41:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
 
System errors:
=============
Error: (01/03/2018 03:33:05 PM) (Source: DCOM) (EventID: 10010) (User: CODYSFRANKENSTE)
Description: The server Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
 
Error: (01/03/2018 05:39:29 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (01/02/2018 03:56:05 PM) (Source: DCOM) (EventID: 10010) (User: CODYSFRANKENSTE)
Description: The server Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
 
Error: (01/02/2018 03:25:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Internet Security service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (01/02/2018 03:25:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Norton Internet Security service to connect.
 
Error: (01/02/2018 03:25:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
 
Error: (01/02/2018 03:25:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Downloaded Maps Manager service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (01/02/2018 03:21:52 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000007e (0xc0000094, 0x8668a35d, 0x8e0c7648, 0x8e0c7210). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 30e9355a-88b4-4c01-aa92-deacf30eacd8.
 
Error: (01/02/2018 03:21:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Tile Data model server service depends on the State Repository Service service which failed to start because of the following error: 
After starting, the service hung in a start-pending state.
 
Error: (01/02/2018 03:21:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The State Repository Service service hung on starting.
 
 
CodeIntegrity:
===================================
  Date: 2017-12-07 16:34:25.755
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-12-07 16:34:25.750
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-11-29 05:48:19.522
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
 
  Date: 2017-11-29 05:48:05.133
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
 
  Date: 2017-11-29 04:24:19.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
 
  Date: 2017-11-29 04:10:35.001
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
 
  Date: 2017-11-28 14:57:32.378
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-08-03 17:37:19.949
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-03 05:51:10.419
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
 
  Date: 2017-07-30 05:03:47.000
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-8350 Eight-Core Processor 
Percentage of memory in use: 68%
Total physical RAM: 3497.87 MB
Available physical RAM: 1098.61 MB
Total Virtual: 6116.4 MB
Available Virtual: 2684.64 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:73.65 GB) (Free:23.3 GB) NTFS ==>[drive with boot components (obtained from BCD)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.4 GB) (Disk ID: 2D42974C)
Partition 1: (Active) - (Size=73.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
==================== End of Addition.txt ============================
 

  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,971 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

First please uninstall this program
YTD Video Downloader 5.8.7

Next

Download AdwCleaner from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
iO5EZayK.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt

  • 0






Similar Topics


Also tagged with one or more of these keywords: Slow Startup, Slow Pc

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP