Thank you guys in advance for all of the fantastic and patient help that you give!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.01.2018
Ran by Administrator (administrator) on CODYSFRANKENSTE (04-01-2018 00:29:18)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Microsoft Windows 10 Pro Version 1703 15063.786 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AAHM\1.00.20\aaHMSvc.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files\MSI\MSI Gaming APP\GamingApp_Service.exe
() C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
() C:\WINDOWS\DAODx.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\WINDOWS\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(ASUSTek Computer Inc.) C:\Program Files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr32.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\AI Suite II\Remote GO!\AsDLNAServerReal.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(The CefSharp Authors) C:\Users\Administrator\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\perfmon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Ptipbmf] => rundll32.exe ptipbmf.dll,SetWriteCacheMode
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [6336216 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFile\WiFileTransfer.exe [1391416 2013-06-21] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49904 2014-08-13] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [StatusAlerts] => C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM\...\Policies\Explorer: [Start_ShowMyMusic] 0
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [48640 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [Google Update] => C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-14] (Google Inc.)
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [GenieFloater] => C:\Program Files\Genie Soft\Genie Cleaner\GenieFloater.exe
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\Run: [Chromium] => c:\users\administrator\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {03282ab9-f79f-11e6-a0c2-001d7dd754f2} - "G:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {4eb08fe4-535f-11e7-a134-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {8a14f838-db96-11e7-a18b-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b65f6-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b6800-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b6891-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {b15b68ad-d6ae-11e7-a183-7824af41fe7d} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {cde03d70-dbdf-11e7-a18e-7824af41fe7d} - "G:\windows\AutoRun.exe"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\MountPoints2: {fe9c73f8-38ff-11e7-a10c-001d7dd754f2} - "F:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [29184 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-12-08]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2017-06-17]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1551c533-c192-487f-9249-4b90c627e16c}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{fe484051-b62e-4f1e-90a6-2737dca78b80}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2687354919-3833027354-4174839480-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ubspmypc_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtC0DyB0D0DyByDyE0FtB0AyC0CtCtN0D0Tzu0StCzzyEtDtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StDtBtDyB0EyE0B0BtGyC0CyEyDtG0A0AzzzytGtC0DtD0CtG0B0CyD0DyByDyDtDtByD0DyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0DtBzy0FyC0EtG0CtBtDtDtGyEyD0D0BtG0B0A0A0EtGzyyBtA0CtD0EtD0E0AtDtCyE2QtN0A0LzutBtN1B2Z1V1T1S1NzutCtCyDyBtB%26cr%3D1308505912%26a%3Dwbf_ubspmypc_17_02%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2687354919-3833027354-4174839480-500 -> {C5EAC4FA-2F97-45BB-8663-DC5213D614B4} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03] (Adobe Systems Incorporated)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-05] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-28] (Symantec Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-08] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-08] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2687354919-3833027354-4174839480-500 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-05] (Symantec Corporation)
FireFox:
========
FF DefaultProfile: uhrjpwem.default
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\uhrjpwem.default [2017-12-08]
FF Extension: (No Name) - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\uhrjpwem.default\Extensions\[email protected] [2017-12-08]
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF => not found
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn => not found
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-08] (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-15] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-29] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin HKU\S-1-5-21-2687354919-3833027354-4174839480-500: @tools.google.com/Google Update;version=3 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2687354919-3833027354-4174839480-500: @tools.google.com/Google Update;version=9 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-14] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2018-01-04]
CHR Extension: (Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-24]
CHR Extension: (Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-24]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-21]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-21]
CHR Extension: (Adblock Plus) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-12-24]
CHR Extension: (Adblock for Youtube™) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-12-24]
CHR Extension: (Yahoo Partner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\commhkacjheiacaopdonmodahaoadoln [2017-12-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-12-24]
CHR Extension: (Super Mario Cart Race Game) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchacooebbifcamhpejlbnedcddchbki [2017-12-21]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2017-12-24]
CHR Extension: (Yahoo Partner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eoalfhodgifhbkgmbbdafcihjpdldpll [2017-12-21]
CHR Extension: (Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-24]
CHR Extension: (Best Rally Games) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhelhekcnhfhgbjpifkldehmhggbmpjb [2017-12-21]
CHR Extension: (Avira Browser Safety) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-22]
CHR Extension: (AdBlock) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-24]
CHR Extension: (Yahoo Partner) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hikeppggmbhdgodhakicedaejpleoigm [2017-12-21]
CHR Extension: (Yahtzee) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihojcamicnohnlcgilfkliehaefbgmpf [2017-12-21]
CHR Extension: (Crazy Soccer Physics) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfafbfgnlpcgggnlpadfhpoajgfofhjc [2017-12-21]
CHR Extension: (Real Piano) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjcdeclblmjjmlmlhohjhffninphijdm [2017-12-21]
CHR Extension: (TubeTab) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce [2017-12-21]
CHR Extension: (Bowling Games) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmgapgkmkmjefgiidacjlmodndhgicje [2017-12-21]
CHR Extension: (Stickman Boxing KO Champion) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kflcgekgodiajbkkjpklckfpnebfndhf [2017-12-21]
CHR Extension: (Mini Golf) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmcdebhlldhklpbhnlmdehcemjaajbbc [2017-12-21]
CHR Extension: (WGT Golf Game) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2017-12-21]
CHR Extension: (Search Manager) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-12-21]
CHR Extension: (Goblin Run) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\njjbnkdjkgaeofckdengakadklacggpd [2017-12-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-24]
CHR Extension: (HowToSuite) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnljkamlkedffammjddflhjepplhnoj [2017-12-24]
CHR Extension: (Live Start Page - Living Wallpapers) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocggccaacacpienfcgmgcihoombokbbj [2017-12-24]
CHR Extension: (Search Swapper) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhflkcfkbgjpodgmcdcmkdpfabieode [2017-12-21]
CHR Extension: (Search Manager) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2017-12-21]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-24]
CHR Extension: (24/7 Spades) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmmplbpfbfloacpbolnageogpmodkhhi [2017-12-21]
CHR HKLM\...\Chrome\Extension: [commhkacjheiacaopdonmodahaoadoln] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eoalfhodgifhbkgmbbdafcihjpdldpll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hikeppggmbhdgodhakicedaejpleoigm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlhpijolpcimadhjingadnbcjncmjdce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ofhflkcfkbgjpodgmcdcmkdpfabieode] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2687354919-3833027354-4174839480-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-09-17] ()
R2 asHmComSvc; C:\Program Files\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-09-17] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2012-11-09] (ASUSTeK Computer Inc.) [File not signed]
R2 GamingApp_Service; C:\Program Files\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [171632 2013-01-02] (Intel Corporation)
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
S2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [466880 2017-12-15] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [466880 2017-12-15] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-18] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe [279256 2017-12-07] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe [86544 2017-12-07] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 PEVSystemStart; "C:\ComboFix\pev.3XE" EXEC /i "C:\ComboFix\HIDEC.3XE" "C:\ComboFix\SWREG.3XE" ACL "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_Beep" /RESET /Q
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiChargerPlus; C:\WINDOWS\System32\drivers\AiChargerPlus.sys [13952 2013-01-28] (ASUSTek Computer Inc.)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2012-08-22] ()
R3 asmthub3; C:\WINDOWS\System32\drivers\asmthub3.sys [111360 2013-08-16] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\drivers\asmtxhci.sys [337152 2013-08-16] (ASMedia Technology Inc)
R1 AsUpIO; C:\WINDOWS\System32\drivers\AsUpIO.sys [11832 2013-01-14] ()
R3 ASUSFILTER; C:\WINDOWS\System32\drivers\ASUSFILTER.sys [37448 2011-09-19] (MCCI Corporation)
S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [23808 2013-03-28] (MCCI Corporation)
S3 ASUSumsc; C:\WINDOWS\System32\drivers\ASUSumsc.sys [126720 2013-03-28] (MCCI Corporation)
S3 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx86.sys [1097304 2013-09-25] (Symantec Corporation)
S3 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [156672 2003-06-10] (Promise Technology, Inc.)
S3 gdrv; C:\WINDOWS\gdrv.sys [17488 2017-06-19] (Windows ® 2000 DDK provider)
S3 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSVix86.sys [392792 2013-09-23] (Symantec Corporation)
S3 JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [48256 2020-02-01] (JMicron Technology Corp.) [File not signed]
S3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [52368 2015-06-17] (Logitech, Inc.)
S3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [20240 2015-06-17] (Logitech, Inc.)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [33328 2016-07-27] (Microsoft Corporation)
S3 mcdbus; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R1 MpKsle9029732; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{75DAF8C9-6624-46E8-9A7B-13FCCB3B9B13}\MpKsle9029732.sys [49504 2018-01-03] (Microsoft Corporation)
S3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] () [File not signed]
S3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\NAVENG.SYS [93272 2013-10-04] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\NAVEX15.SYS [1612376 2013-10-04] (Symantec Corporation)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [29256 2013-02-20] (NT Kernel Resources)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update\NTIOLib.sys [7680 2010-10-20] (MSI) [File not signed]
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_x86_230cd12899523d91\nvlddmkm.sys [14863632 2017-12-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-12-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [44992 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [50112 2017-12-15] (NVIDIA Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [748272 2015-09-10] (Realtek )
S3 SRTSP; C:\WINDOWS\system32\drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
S3 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\WINDOWS\System32\DRIVERS\SWDUMon.sys [11232 2017-01-14] ()
S3 SymDS; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
S3 SymEFA; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-26] (Symantec Corporation)
S3 SymELAM; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMELAM.SYS [21520 2013-09-09] (Symantec Corporation)
S3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2017-06-19] (Symantec Corporation)
S3 SymIRON; C:\WINDOWS\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
S3 SymNetS; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMNETS.SYS [446552 2013-09-25] (Symantec Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38904 2017-12-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [238160 2017-12-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [93776 2017-12-07] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-04 00:29 - 2018-01-04 00:30 - 000032773 _____ C:\Users\Administrator\Desktop\FRST.txt
2018-01-04 00:28 - 2018-01-04 00:29 - 000000000 ____D C:\FRST
2018-01-04 00:26 - 2018-01-04 00:26 - 001753600 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2018-01-02 18:42 - 2018-01-02 18:42 - 000003902 _____ C:\Users\Administrator\Desktop\New Text Document.txt
2018-01-02 15:20 - 2018-01-03 13:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-02 15:20 - 2018-01-02 15:21 - 000595836 _____ C:\WINDOWS\Minidump\010218-22875-01.dmp
2017-12-31 12:56 - 2017-12-31 12:57 - 000595972 _____ C:\WINDOWS\Minidump\123117-21156-01.dmp
2017-12-30 13:56 - 2017-12-30 13:56 - 008388608 ___SH C:\tmpgfile.sys
2017-12-30 13:36 - 2017-12-30 13:54 - 000000000 ____D C:\$Windows.~BT
2017-12-30 13:04 - 2017-12-30 13:05 - 000588436 _____ C:\WINDOWS\Minidump\123017-53000-01.dmp
2017-12-30 12:39 - 2017-12-30 12:39 - 000000000 _____ C:\WINDOWS\Minidump\123017-50921-01.dmp
2017-12-30 10:22 - 2017-12-30 13:56 - 000000000 ___HD C:\$SysReset
2017-12-29 13:18 - 2017-12-29 13:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2017-12-29 13:15 - 2017-12-29 13:17 - 000595820 _____ C:\WINDOWS\Minidump\122917-54281-01.dmp
2017-12-29 09:47 - 2017-12-29 09:47 - 000000000 ____D C:\Users\Administrator\Desktop\2018 New Support Convos
2017-12-28 23:20 - 2017-12-15 19:17 - 000974272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer32.dll
2017-12-28 23:19 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-28 23:19 - 2017-12-15 19:17 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2017-12-28 23:19 - 2017-12-15 19:17 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-12-28 23:18 - 2017-12-28 23:18 - 000000000 ____D C:\Program Files\VulkanRT
2017-12-28 23:18 - 2017-12-15 17:47 - 000143960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2017-12-28 23:18 - 2017-09-13 18:20 - 000798008 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-28 23:18 - 2017-09-13 18:20 - 000490296 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-28 23:17 - 2017-12-15 19:17 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-12-28 23:17 - 2017-12-15 17:34 - 003669392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 002093552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 001766704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000448496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000429360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000109880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-12-28 23:17 - 2017-12-15 17:34 - 000081296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-12-28 23:17 - 2017-12-14 01:06 - 007917671 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-12-28 23:16 - 2017-12-15 19:17 - 000438584 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-12-28 23:14 - 2017-12-15 19:17 - 000050112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-12-28 23:13 - 2017-12-15 19:17 - 035157488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 029381936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 019040512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 011781912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 003817400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 003615032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 001097520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3238871.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3238871.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000944056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco3220103.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000933360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000183736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda32v.sys
2017-12-28 23:13 - 2017-12-15 19:17 - 000044992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad32v.sys
2017-12-28 23:13 - 2017-12-15 19:17 - 000041742 _____ C:\WINDOWS\system32\nvinfo.pb
2017-12-28 23:13 - 2017-12-15 19:17 - 000041584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap32.dll
2017-12-28 23:13 - 2017-12-15 19:17 - 000000669 _____ C:\WINDOWS\system32\nv-vk32.json
2017-12-28 21:32 - 2018-01-03 12:25 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-28 21:31 - 2017-12-29 13:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-28 21:31 - 2017-12-28 21:35 - 000000000 ____D C:\WINDOWS\LastGood
2017-12-28 21:16 - 2017-12-28 21:18 - 000558612 _____ C:\WINDOWS\Minidump\122817-21484-01.dmp
2017-12-28 20:16 - 2017-12-28 20:16 - 000006324 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2017-12-28 20:09 - 2017-12-28 20:09 - 000595692 _____ C:\WINDOWS\Minidump\122817-35906-01.dmp
2017-12-28 19:58 - 2017-12-28 19:59 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-12-28 19:32 - 2017-12-28 19:33 - 358995872 _____ (NVIDIA Corporation) C:\Users\Administrator\Downloads\388.71-desktop-win10-32bit-international-whql.exe
2017-12-28 15:26 - 2017-12-28 15:27 - 000595852 _____ C:\WINDOWS\Minidump\122817-55203-01.dmp
2017-12-24 14:15 - 2017-12-24 14:18 - 000595868 _____ C:\WINDOWS\Minidump\122417-61046-01.dmp
2017-12-21 18:20 - 2017-12-24 14:47 - 000002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-21 14:17 - 2017-12-21 14:17 - 000311858 _____ C:\Users\Administrator\Downloads\DoubleKiller.zip
2017-12-21 14:05 - 2017-12-21 14:05 - 000000000 ____D C:\Program Files\Nsasoft
2017-12-15 11:42 - 2017-12-15 11:42 - 000595724 _____ C:\WINDOWS\Minidump\121517-53765-01.dmp
2017-12-15 11:24 - 2017-12-15 11:24 - 000000000 ____D C:\SUPERDelete
2017-12-15 11:04 - 2017-12-15 11:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\DuplicateFinder
2017-12-15 10:45 - 2017-12-15 10:45 - 000000000 ____D C:\Users\Administrator\Documents\EasyDuplicateFinder
2017-12-15 10:45 - 2017-12-15 10:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\EasyDuplicateFinder
2017-12-15 10:45 - 2017-12-15 10:45 - 000000000 ____D C:\ProgramData\Easy Duplicate Finder
2017-12-15 09:27 - 2017-12-16 13:03 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2017-12-15 08:31 - 2017-12-20 16:15 - 000000916 _____ C:\Users\Administrator\Desktop\Application Shorts.txt
2017-12-15 02:10 - 2017-12-15 02:10 - 000000499 _____ C:\Users\Administrator\grandma.xspf
2017-12-15 02:08 - 2017-12-15 02:08 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\dvdcss
2017-12-15 01:41 - 2017-12-15 15:02 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2017-12-15 01:41 - 2017-12-15 01:41 - 000001097 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-12-15 01:41 - 2017-12-15 01:41 - 000000000 ____D C:\Program Files\VideoLAN
2017-12-14 06:47 - 2017-12-14 06:47 - 001328479 _____ C:\Users\Administrator\Downloads\video-1513203410.mp4
2017-12-13 14:58 - 2017-12-13 14:58 - 000247907 _____ C:\Users\Administrator\Downloads\received_150365162273885.jpeg
2017-12-13 13:00 - 2017-12-13 13:02 - 000595700 _____ C:\WINDOWS\Minidump\121317-53031-01.dmp
2017-12-12 19:40 - 2017-12-12 19:42 - 000595852 _____ C:\WINDOWS\Minidump\121217-24156-01.dmp
2017-12-12 19:31 - 2017-12-12 19:31 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-12 19:12 - 2017-11-29 22:15 - 000034200 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-12-12 19:12 - 2017-11-29 22:04 - 005863320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-12 19:12 - 2017-11-29 22:04 - 000902896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-12 19:12 - 2017-11-29 22:04 - 000790816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-12 19:12 - 2017-11-29 21:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-12 19:12 - 2017-11-29 21:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-12 19:12 - 2017-11-29 21:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-12 19:12 - 2017-11-29 21:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-12 19:12 - 2017-11-29 21:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-12-12 19:11 - 2017-11-29 22:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-12 19:11 - 2017-11-29 21:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-12 19:11 - 2017-11-29 21:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-12 19:11 - 2017-11-29 21:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-12 19:11 - 2017-11-29 21:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-12 19:11 - 2017-11-29 21:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-12 19:11 - 2017-11-29 21:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-12 19:11 - 2017-11-29 21:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscript.ocx
2017-12-12 19:11 - 2017-11-29 21:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-12 19:11 - 2017-11-29 21:42 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-12 19:11 - 2017-11-29 21:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-12 19:11 - 2017-11-29 21:40 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-12 19:11 - 2017-11-29 21:40 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-12 19:11 - 2017-11-29 21:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-12 19:11 - 2017-11-29 21:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-12 19:11 - 2017-11-29 21:39 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-12-12 19:11 - 2017-11-29 21:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-12-12 19:11 - 2017-11-29 21:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-12-12 19:11 - 2017-11-29 21:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-12 19:11 - 2017-11-29 21:37 - 002041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 001089536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-12 19:11 - 2017-11-29 21:36 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-12 19:11 - 2017-11-29 21:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-12 19:11 - 2017-11-17 04:32 - 000116120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-12-12 19:11 - 2017-11-17 04:31 - 001927064 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-12-12 19:11 - 2017-11-17 04:31 - 001330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000518040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000497048 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000364440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000312216 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000158616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000060312 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-12-12 19:11 - 2017-11-17 04:31 - 000030616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-12-12 19:11 - 2017-11-17 04:24 - 000550296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-12 19:11 - 2017-11-17 04:17 - 000410520 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-12-12 19:11 - 2017-11-17 04:00 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-12 19:11 - 2017-11-17 03:53 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-12 18:47 - 2017-12-12 18:49 - 000595900 _____ C:\WINDOWS\Minidump\121217-56500-01.dmp
2017-12-10 15:36 - 2017-10-15 09:46 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-12-10 15:36 - 2017-07-07 01:03 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll
2017-12-10 15:36 - 2017-06-19 23:35 - 005141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2017-12-10 15:36 - 2017-04-19 00:30 - 002102272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2017-12-09 10:38 - 2017-12-09 10:40 - 000595812 _____ C:\WINDOWS\Minidump\120917-23609-01.dmp
2017-12-09 08:02 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZTE Handset USB Driver
2017-12-09 08:02 - 2017-12-09 10:33 - 000000000 ____D C:\Program Files\ZTE_Handset_USB_Driver
2017-12-09 08:02 - 2015-09-06 14:16 - 000068760 _____ (Google, inc) C:\WINDOWS\AdbWinUsbApi.dll
2017-12-09 08:02 - 2015-09-06 14:15 - 000104088 _____ (Google, inc) C:\WINDOWS\AdbWinApi.dll
2017-12-09 08:02 - 2015-09-06 14:09 - 001017496 _____ C:\WINDOWS\adb.exe
2017-12-09 08:02 - 2014-03-17 09:59 - 000117960 _____ (ZTE Corporation) C:\WINDOWS\system32\Drivers\zghsser.sys
2017-12-09 08:02 - 2013-09-11 14:28 - 000149696 _____ (ZTE Corporation) C:\WINDOWS\system32\Drivers\zghsnet.sys
2017-12-09 08:02 - 2012-11-09 15:12 - 000053000 _____ (VIA Telecom) C:\WINDOWS\system32\Drivers\viahsser.sys
2017-12-09 08:02 - 2012-10-31 16:02 - 000027016 _____ (Via Telecom, Inc.) C:\WINDOWS\system32\Drivers\viahsets.sys
2017-12-09 08:02 - 2012-06-20 11:51 - 000017672 _____ (HandSet Incorporated) C:\WINDOWS\system32\Drivers\massfilter_hs.sys
2017-12-08 22:35 - 2017-12-08 22:35 - 000001276 _____ C:\Users\Administrator\Desktop\Facebook Gameroom.lnk
2017-12-08 05:08 - 2017-12-08 05:08 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-12-08 05:08 - 2017-11-09 20:31 - 000053256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-12-08 05:08 - 2017-11-09 20:31 - 000037472 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-12-08 05:06 - 2017-12-08 05:30 - 000000000 ____D C:\Program Files\Avira
2017-12-08 01:31 - 2017-12-08 01:31 - 000000000 ____D C:\Program Files\Common Files\Java
2017-12-08 00:42 - 2017-12-08 00:42 - 000000000 ____D C:\Users\Administrator\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2017-12-07 22:36 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2017-12-07 19:22 - 2017-12-07 19:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard Company
2017-12-07 19:14 - 2017-12-08 04:59 - 000000000 ____D C:\HP_LaserJet_200_color_M251
2017-12-07 19:10 - 2017-12-30 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-12-07 19:10 - 2017-12-14 19:29 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\HpUpdate
2017-12-07 19:10 - 2017-12-07 19:22 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2017-12-07 19:08 - 2012-07-18 21:27 - 000238080 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpbcoins32.dll
2017-12-07 19:08 - 2011-09-28 09:38 - 000291840 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpcpn117.dll
2017-12-07 19:07 - 2017-12-07 19:11 - 000000000 ____D C:\Program Files\HP
2017-12-07 19:06 - 2017-12-07 19:11 - 000000000 ____D C:\ProgramData\HP
2017-12-07 16:22 - 2017-12-07 16:23 - 000595780 _____ C:\WINDOWS\Minidump\120717-51703-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-01 19:02 - 2009-08-30 01:44 - 000048256 _____ (JMicron Technology Corp.) C:\WINDOWS\system32\Drivers\jraid.sys
2018-01-03 20:48 - 2017-06-11 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-03 11:28 - 2017-02-24 11:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\CrashDumps
2018-01-02 19:10 - 2017-06-11 15:13 - 000000000 ____D C:\Users\Administrator
2018-01-02 16:05 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-02 15:59 - 2017-03-18 13:23 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-02 15:41 - 2017-06-19 17:08 - 001048576 _____ C:\WINDOWS\PE_Rom.dll
2018-01-02 15:20 - 2017-06-16 12:24 - 000000000 ____D C:\WINDOWS\Minidump
2018-01-02 15:20 - 2017-06-11 15:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-31 18:41 - 2017-03-18 01:02 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-12-31 16:23 - 2017-01-14 00:38 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2017-12-31 14:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\registration
2017-12-30 14:32 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-30 13:55 - 2017-01-14 00:26 - 000008192 __RSH C:\BOOTSECT.BAK
2017-12-30 10:30 - 2017-03-18 13:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-30 10:14 - 2017-03-18 13:21 - 000000000 ____D C:\WINDOWS\INF
2017-12-30 09:34 - 2017-11-28 15:22 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2017-12-30 09:34 - 2017-06-20 00:45 - 000000000 ____D C:\WINDOWS\system32\LiveUpdate
2017-12-30 09:34 - 2017-06-19 20:45 - 000000000 __SHD C:\WINDOWS\system32\AI_RecycleBin
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-30 09:34 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-30 09:34 - 2017-01-14 12:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-30 09:33 - 2017-12-02 03:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2017-12-30 09:33 - 2017-06-19 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-12-30 09:33 - 2017-06-19 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5
2017-12-30 09:33 - 2017-06-19 20:44 - 000000000 ____D C:\Program Files\Intel
2017-12-30 09:33 - 2017-06-19 09:02 - 000000000 ____D C:\ProgramData\Norton
2017-12-30 09:33 - 2017-06-17 17:42 - 000000000 ____D C:\Program Files\Realtek
2017-12-30 09:33 - 2017-06-17 01:37 - 000000000 ____D C:\Program Files\Common Files\LogiShrd
2017-12-30 09:33 - 2017-06-17 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Drivers Download Utility
2017-12-30 09:33 - 2017-06-17 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner
2017-12-30 09:33 - 2017-06-11 15:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-30 09:33 - 2017-06-10 08:54 - 000000000 ____D C:\Program Files\UNP
2017-12-30 09:33 - 2017-03-18 13:25 - 000000000 ____D C:\WINDOWS\Setup
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\schemas
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\Help
2017-12-30 09:33 - 2017-03-18 13:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-30 09:33 - 2017-01-28 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintMe Internet Printing
2017-12-30 09:33 - 2017-01-28 04:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-30 09:33 - 2017-01-14 07:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-30 09:33 - 2009-07-13 21:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-12-30 08:49 - 2017-06-11 12:51 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-30 08:36 - 2017-06-11 15:29 - 000055248 _____ C:\WINDOWS\diagwrn.xml
2017-12-30 08:36 - 2017-06-11 15:29 - 000055248 _____ C:\WINDOWS\diagerr.xml
2017-12-29 14:54 - 2017-03-18 01:02 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 09:46 - 2017-06-23 01:37 - 000000000 ___RD C:\Users\Administrator\Desktop\All PC [bleep]
2017-12-29 09:46 - 2017-01-15 18:51 - 000000000 ____D C:\Users\Administrator\Desktop\ALL Downloads
2017-12-29 04:21 - 2017-11-21 03:50 - 000266752 ___SH C:\Users\Administrator\Desktop\Thumbs.db
2017-12-28 23:19 - 2017-11-19 23:34 - 000000000 ____D C:\temp
2017-12-28 20:05 - 2017-06-11 15:12 - 002023132 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-24 16:37 - 2017-01-14 07:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\VirtualStore
2017-12-24 16:37 - 2017-01-14 01:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-12-24 16:37 - 2017-01-14 01:15 - 000000000 ____D C:\Program Files\Google
2017-12-24 14:47 - 2017-01-14 01:15 - 000002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-21 14:53 - 2017-01-14 08:04 - 000000000 ___RD C:\Users\Administrator\OneDrive
2017-12-15 19:17 - 2017-06-23 00:34 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap.dll
2017-12-15 11:24 - 2017-01-14 02:22 - 000000000 ____D C:\Users\Administrator\AppData\Local\SlimWare Utilities Inc
2017-12-13 15:29 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\rescache
2017-12-12 19:42 - 2017-06-11 15:08 - 000214432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-12 19:31 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-12 19:13 - 2017-11-29 05:50 - 130448288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-12 19:13 - 2017-01-14 12:44 - 130448288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-09 13:53 - 2017-06-19 17:13 - 000000000 _____ C:\WINDOWS\Path.idx
2017-12-09 10:33 - 2017-03-18 13:23 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-09 10:33 - 2017-02-27 16:23 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2017-12-09 10:33 - 2017-01-27 07:59 - 000000000 ____D C:\Users\Administrator\.android
2017-12-08 05:30 - 2017-12-02 19:25 - 000000000 ____D C:\ProgramData\Package Cache
2017-12-08 05:01 - 2017-12-02 19:31 - 000000000 ____D C:\Users\Administrator\AppData\Local\.IdentityService
2017-12-08 05:01 - 2017-12-02 02:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mobogenie
2017-12-08 05:01 - 2017-06-11 12:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\UNP
2017-12-08 05:01 - 2017-01-14 00:54 - 000000000 ___SD C:\ComboFix
2017-12-08 04:59 - 2017-03-18 13:23 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-08 04:58 - 2017-06-22 20:37 - 000000000 ____D C:\ProgramData\YTD Video Downloader
2017-12-08 01:31 - 2017-01-28 04:23 - 000000000 ____D C:\Program Files\Java
2017-12-08 01:31 - 2017-01-14 02:07 - 000000000 ____D C:\ProgramData\Oracle
2017-12-08 01:30 - 2017-01-28 04:24 - 000095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2017-12-07 22:36 - 2017-06-22 20:37 - 000001320 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
==================== Files in the root of some directories =======
2017-01-26 18:36 - 2017-06-23 03:57 - 000007603 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2017-01-27 06:15 - 2017-03-12 05:42 - 000000552 _____ () C:\Users\Administrator\AppData\Local\TroubleshooterConfig.json
Some files in TEMP:
====================
2017-12-04 16:13 - 2017-12-15 17:47 - 000759848 _____ (NVIDIA Corporation) C:\Users\Administrator\AppData\Local\Temp\nvSCPAPI.dll
2017-12-28 19:57 - 2017-10-27 11:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Administrator\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-12-29 10:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.01.2018
Ran by Administrator (04-01-2018 00:31:01)
Running from C:\Users\Administrator\Desktop
Microsoft Windows 10 Pro Version 1703 15063.786 (X86) (2017-06-11 20:32:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2687354919-3833027354-4174839480-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2687354919-3833027354-4174839480-503 - Limited - Disabled)
Guest (S-1-5-21-2687354919-3833027354-4174839480-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2687354919-3833027354-4174839480-1001 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (HKLM\...\{6553F4A8-B67F-49BA-A882-FF499C83CF4B}) (Version: 8.1.4 - Hewlett-Packard) Hidden
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Reader 6.0.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A00000000001}) (Version: 006.000.001 - Adobe Systems Incorporated)
AI Suite II (HKLM\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Boot Setting (HKLM\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)
Asus Drivers Download Utility 3.6.1 (HKLM\...\{3E7C8168-166F-33BC-D659-3B4CFF633E35}_is1) (Version: 3.6.1 - LionSea Software)
CPUID ASUS CPU-Z 1.65 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.65 - CPUID, Inc.)
DriverTuner 3.5.0.2 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.5.0.2 - LionSea Software co., ltd)
eReg (HKLM\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Gameroom 1.11.6549.23876 (HKLM\...\{628CC5F4-CCF3-4093-9B96-008667D11498}) (Version: 1.11.6549.23876 - Facebook)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.108 - Google Inc.)
Google Drive (HKLM\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP LaserJet 200 color M251 (HKLM\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 5.0.12200.1036 - Hewlett-Packard)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
hpbDSService (HKLM\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM251DSService (HKLM\...\{413E98C3-2CA1-4D04-AFC2-8D8D873A3178}) (Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (HKLM\...\{6BA4598F-9ECC-453D-B6F7-ABAEEFA35561}) (Version: 3.0.26.12 - HP) Hidden
HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (HKLM\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 020.021.004 - HP) Hidden
HPLJUTCore (HKLM\...\{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}) (Version: 004.005.0001 - HP) Hidden
HPLJUTM251 (HKLM\...\{663A3950-CA55-4541-8B46-646BD548641D}) (Version: 3.00.0003 - HP) Hidden
hppLaserJetService (HKLM\...\{180D6813-95E0-415C-B58A-5B9493DE2DDA}) (Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM251LaserJetService (HKLM\...\{09C0DA15-AB94-43BC-9B02-57DF3FEB469F}) (Version: 001.019.00639 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}) (Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM251 (HKLM\...\{A1EF28FB-74A8-4157-91E9-9C164CAB10F8}) (Version: 050.034.00131 - Hewlett-Packard) Hidden
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
LJDXPHelperUI (HKLM\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 020.021.004 - HP) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
MSI Gaming APP (HKLM\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 3.0.0.12 - MSI)
MSI Kombustor 2.5.9 (HKLM\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
Norton Internet Security (HKLM\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{8BE893D4-107C-4867-9B71-A3CF2C917C0E}) (Version: 1.0.13.0 - Microsoft Corporation)
YTD Video Downloader 5.8.7 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.7 - GreenTree Applications SRL) <==== ATTENTION
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{53B5243F-8302-4DAD-BE8F-1D0665E8225E}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO3.dll (Hewlett-Packard Company)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\PROGRAM FILES\\GOOGLE\UPDATE\1.3.32.7\PSUSER.DLL => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.32.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2687354919-3833027354-4174839480-500_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.33.5\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2017-11-10] (Google)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NavShExt.dll [2013-10-08] (Symantec Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NavShExt.dll [2013-10-08] (Symantec Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2017-11-10] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NavShExt.dll [2013-10-08] (Symantec Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1A421046-19A4-46C7-BEE6-A91D60AB2960} - System32\Tasks\ASUS\RunDAOD => C:\WINDOWS\DAODx.exe [2009-03-30] ()
Task: {23ACB89D-374D-48CD-8CFA-4E3D50B7954F} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {25248BBB-D79B-4706-8D74-0EF1FBFF58FD} - System32\Tasks\{DA4401F1-27D8-4A6B-A0EA-D482DD388E87} => C:\WINDOWS\system32\pcalua.exe -a D:\Utility\Gigabyte\Easytune5\_ISDel.exe -d D:\Utility\Gigabyte\Easytune5
Task: {357293A4-FFD3-4072-9223-8E7922DBBC3C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-15] (NVIDIA Corporation)
Task: {36CC6CA5-AA91-4EAF-BBCB-9D3CC6BD11A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-12-15] (NVIDIA Corporation)
Task: {44BDEA70-D4BD-4387-83F1-FD0881AE27E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {4B475C33-3440-48E8-996B-B458C190C3C3} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2013-02-07] (ASUSTeK Computer Inc.)
Task: {4FFF1CD5-9456-4A69-AAF9-35043116171E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {5A6CD5FF-5BC3-4ECC-87D9-F414D33FA116} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {61DAF5E5-F7F0-40BD-9063-418C6544B913} - System32\Tasks\DriverTuner Startup => C:\Program Files\DriverTuner\DriverTuner.exe [2015-03-10] (LionSea)
Task: {7A9E13B9-C85D-4A42-80C6-9146E1FAEEC6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-12-15] (NVIDIA Corporation)
Task: {7E1D5E0A-25DC-44FE-AF01-368EB84AC287} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2017-12-15] (NVIDIA Corporation)
Task: {867F5562-7DDF-4EFC-8DC8-FBE156FA2756} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {8EECDB3E-47FE-4648-AAD8-D0758B518610} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {917AAB20-9B04-4E43-99DE-3D01509288A8} - System32\Tasks\HPLJCustParticipation => C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe [2012-06-14] (Hewlett Packard)
Task: {9BBE4844-C254-4DDC-BAF6-D6EFB1E4BD5A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation)
Task: {AD93A343-8656-4FEA-A25B-7AC8EF6605C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {B6423837-C675-4CE6-A7F6-2E56F522955D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-12-15] (NVIDIA Corporation)
Task: {BAE9DFDD-D949-4F44-8655-094D354B91B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-14] (Google Inc.)
Task: {C2D4F9A3-A290-403C-98D5-0A7468D4A040} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-15] (NVIDIA Corporation)
Task: {D00068E1-5CD6-4C56-BFF7-993C2537BEAD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-12-15] (NVIDIA Corporation)
Task: {D7A1884C-66DE-414C-B8FB-9E56297CCCF6} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {DE5FB2EB-7504-45CA-B5A9-F50BEF814105} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {E3031A4A-E78C-476C-BF83-3B927073352D} - System32\Tasks\Motorola Device Manager Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {E52074DD-2EB9-46A6-9D25-7AA75676C596} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MpCmdRun.exe [2017-12-07] (Microsoft Corporation)
Task: {ECF16BAD-67DD-46FC-A2D7-32AD5B417113} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe [2013-08-26] (ASUSTeK Computer Inc.)
Task: {FE27FFAA-0A68-4FCC-832B-4B7A4F7B03F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-14] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2687354919-3833027354-4174839480-500Core.job => C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-12-28 23:17 - 2017-12-15 17:34 - 000122440 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-04-07 09:31 - 2014-04-07 09:31 - 000172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
2017-06-19 16:50 - 2013-09-17 05:58 - 000920736 ____N () C:\Program Files\ASUS\AXSP\1.00.19\atkexComSvc.exe
2017-06-19 16:50 - 2018-01-02 15:20 - 000033792 _____ () C:\Program Files\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2017-06-19 16:50 - 2010-06-28 21:58 - 000104448 ____N () C:\Program Files\ASUS\AXSP\1.00.19\ATKEX.dll
2017-06-19 16:53 - 2012-01-12 15:44 - 000475136 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFiGO_HookKey.dll
2017-06-19 16:55 - 2013-08-19 04:23 - 000043520 ____N () C:\Program Files\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2017-03-18 13:19 - 2017-03-18 13:19 - 000116824 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-06-19 16:53 - 2013-08-05 10:14 - 000176128 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\DLCapPP.dll
2017-06-19 16:53 - 2012-05-02 17:04 - 000233472 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\AudioProjection.dll
2017-06-19 16:53 - 2010-12-14 16:46 - 000067584 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\CoreAudioCap.dll
2017-06-19 16:53 - 2013-06-11 11:06 - 000425984 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\awiscale.DLL
2017-06-19 16:53 - 2010-10-29 17:58 - 000221184 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\JpegCD.DLL
2017-06-19 16:53 - 2013-08-06 19:04 - 002502656 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\xH264E.DLL
2017-06-19 16:54 - 2013-06-13 16:37 - 000156160 _____ () C:\Program Files\InstallShield Installation Information\{104BE4B8-D1DB-4170-977B-364960893DC8}\CloudAPI\CloudAPI.dll
2017-06-19 16:53 - 2013-03-21 18:38 - 000716800 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiMoveHelp.dll
2017-06-19 16:53 - 2012-04-25 13:47 - 000659456 _____ () C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\PhoneCtrlAPI.dll
2017-06-17 17:40 - 2009-03-30 01:32 - 000032768 _____ () C:\WINDOWS\DAODx.exe
2017-03-18 13:19 - 2017-03-18 15:23 - 001456128 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-19 16:55 - 2013-08-19 16:21 - 000253952 _____ () C:\Program Files\ASUS\AI Suite II\TurboV EVO\pngio.dll
2017-12-05 18:38 - 2017-12-05 18:38 - 003604192 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-12-06 09:15 - 2017-12-06 09:15 - 000748032 _____ () C:\Users\Administrator\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2017-12-06 09:15 - 2017-12-06 09:15 - 068178432 _____ () C:\Users\Administrator\AppData\Local\Facebook\Games\libcef.dll
2017-12-24 14:47 - 2017-12-13 21:21 - 003062104 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.108\libglesv2.dll
2017-12-24 14:47 - 2017-12-13 21:21 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.108\libegl.dll
2017-12-12 20:58 - 2017-12-12 20:58 - 017844736 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer32_28_0_0_126.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:04 - 2017-12-04 16:04 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Screenshot (42).png
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Memeo Instant Backup"
HKLM\...\StartupApproved\Run: => "ASUS AiChargerPlus Execute"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ASUS WiFi GO! FileTransfer Execute"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2687354919-3833027354-4174839480-500\...\StartupApproved\Run: => "BlueStacks Agent"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{A7B8369A-D10F-47B1-B778-C882C38CD105}C:\program files\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files\gigabyte\@bios\gwflash.exe
FirewallRules: [TCP Query User{AF9F5E3A-30DC-412F-A82F-CFBAB1B1524D}C:\program files\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files\gigabyte\@bios\gwflash.exe
FirewallRules: [{4F7BDA0F-35BE-4A6B-831B-368345FE926F}] => (Block) C:\program files\gigabyte\et5\update.exe
FirewallRules: [{27601DB8-715C-46DA-80D2-96F199162734}] => (Block) C:\program files\gigabyte\et5\update.exe
FirewallRules: [UDP Query User{482B70BC-DDFC-49A2-BA96-D4621861DEE6}C:\program files\gigabyte\et5\update.exe] => (Allow) C:\program files\gigabyte\et5\update.exe
FirewallRules: [TCP Query User{43CEF587-6603-48CB-AAEC-A1AEFFC135FD}C:\program files\gigabyte\et5\update.exe] => (Allow) C:\program files\gigabyte\et5\update.exe
FirewallRules: [{A5821B24-1BCC-444F-AA5D-DBF11CF87B4C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{FC3F4858-F80C-43B2-9269-710FAC0094F1}] => (Allow) LPort=2869
FirewallRules: [{5837BF69-51AE-40C1-8D55-C02F9D6DE3E9}] => (Allow) LPort=1900
FirewallRules: [{DD5D5476-88F3-4124-AA7D-3D000F75BA3A}] => (Allow) C:\Program Files\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{B4CA357E-581E-4264-8755-4F8B36043B88}] => (Allow) C:\Program Files\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{0AA6AFBA-5DC7-4397-8017-BB41000DB25D}] => (Allow) LPort=2869
FirewallRules: [{94AEA28E-E51D-495D-B960-0FFE601F55FD}] => (Allow) LPort=1900
FirewallRules: [{C3BBBDA7-3795-4E35-8F08-97007FF579A3}] => (Allow) C:\Program Files\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{5776DD4F-2A95-470D-8FFC-41DD0F8A6B2C}] => (Allow) C:\Program Files\Mobogenie3\mobogenieP2sp.exe
FirewallRules: [{4AD6A796-595F-4617-8EB6-A1DC6720BD01}] => (Allow) C:\Program Files\HP\HP LaserJet 200 color M251\Bin\HPNetworkCommunicator.exe
FirewallRules: [{F74E7E55-0161-4D7A-A03A-3B9AAA05A001}] => (Allow) C:\Program Files\HP\HP LaserJet 200 color M251\bin\EWSProxy.exe
FirewallRules: [TCP Query User{0B389F0C-7308-4CF2-9E1F-7BE47AFD397D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{E5A16483-0F1C-433B-BF9B-29F41D3F8F70}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{39228B9E-4E02-4F41-9C79-82838A220363}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{6190CF81-FBC1-4EF5-9EB2-39A42908B312}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E12AFCF0-DB13-4CDE-BD38-8FF553DE5307}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{782185FF-6E8B-433C-A03A-57F3940C2384}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{398B24BB-6AC6-46E5-8147-687D4BCE9CEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{94F8BE94-1C31-4D2E-9E6C-321AA8CF925F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14FA90D1-8BA0-41CE-8798-7552C84A8FB4}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{064110A2-B54E-4730-A50C-18D9B2069013}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{1DF3C5C4-91F4-4131-90EA-05187B846378}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
FirewallRules: [{0E928A55-8C68-45E6-B0BB-B3C6F93415E6}] => (Allow) C:\Program Files\ASUS\AI Suite II\Remote GO!\ASUSDMS.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/03/2018 03:33:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CODYSFRANKENSTE)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/03/2018 11:28:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Facebook Gameroom Browser.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 060B444D
Error: (01/03/2018 11:28:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Facebook Gameroom Browser.exe, version: 57.0.0.0, time stamp: 0x59850954
Faulting module name: fenix28.0.0.126.dll, version: 28.0.0.126, time stamp: 0x5a1c9c23
Exception code: 0xc0000005
Fault offset: 0x000b444d
Faulting process id: 0x474
Faulting application start time: 0x01d384690ee08084
Faulting application path: C:\Users\Administrator\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
Faulting module path: C:\Users\Administrator\AppData\Local\Facebook\Games\plugins\fenix28.0.0.126.dll
Report Id: f2d19dfc-3fa3-4e15-a6e0-12807acb8015
Faulting package full name:
Faulting package-relative application ID:
Error: (01/03/2018 11:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FacebookGameroom.exe, version: 1.11.6549.23876, time stamp: 0x5a285e09
Faulting module name: libcef.dll, version: 3.2987.1601.0, time stamp: 0x5984c1cd
Exception code: 0xc0000005
Fault offset: 0x022bd23e
Faulting process id: 0x23b4
Faulting application start time: 0x01d38468f7d3cfd3
Faulting application path: C:\Users\Administrator\AppData\Local\Facebook\Games\FacebookGameroom.exe
Faulting module path: C:\Users\Administrator\AppData\Local\Facebook\Games\libcef.dll
Report Id: 1292950c-d40a-4965-8e52-6b33c2692752
Faulting package full name:
Faulting package-relative application ID:
Error: (01/03/2018 11:28:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FacebookGameroom.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 11B8D23E
Stack:
Error: (01/03/2018 02:18:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2017.39101.16720.0, time stamp: 0x5a2aeece
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.15063.674, time stamp: 0xa5f2f3a2
Exception code: 0xc000027b
Fault offset: 0x006f2e0c
Faulting process id: 0x474
Faulting application start time: 0x01d384630af5bad8
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 11fbae95-33ad-4fdc-90bf-bb590912c351
Faulting package full name: Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (01/03/2018 01:27:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2017.39101.16720.0, time stamp: 0x5a2aeece
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.15063.674, time stamp: 0xa5f2f3a2
Exception code: 0xc000027b
Fault offset: 0x006f2e0c
Faulting process id: 0x414
Faulting application start time: 0x01d3845bc4849a0d
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 746d9438-32e7-4d77-a129-57f3b1fbdd05
Faulting package full name: Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (01/02/2018 04:13:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (01/02/2018 03:56:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CODYSFRANKENSTE)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/02/2018 03:41:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
System errors:
=============
Error: (01/03/2018 03:33:05 PM) (Source: DCOM) (EventID: 10010) (User: CODYSFRANKENSTE)
Description: The server Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
Error: (01/03/2018 05:39:29 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (01/02/2018 03:56:05 PM) (Source: DCOM) (EventID: 10010) (User: CODYSFRANKENSTE)
Description: The server Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
Error: (01/02/2018 03:25:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Norton Internet Security service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (01/02/2018 03:25:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Norton Internet Security service to connect.
Error: (01/02/2018 03:25:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (01/02/2018 03:25:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 1 time(s).
Error: (01/02/2018 03:21:52 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000094, 0x8668a35d, 0x8e0c7648, 0x8e0c7210). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: 30e9355a-88b4-4c01-aa92-deacf30eacd8.
Error: (01/02/2018 03:21:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Tile Data model server service depends on the State Repository Service service which failed to start because of the following error:
After starting, the service hung in a start-pending state.
Error: (01/02/2018 03:21:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The State Repository Service service hung on starting.
CodeIntegrity:
===================================
Date: 2017-12-07 16:34:25.755
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-07 16:34:25.750
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-11-29 05:48:19.522
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
Date: 2017-11-29 05:48:05.133
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
Date: 2017-11-29 04:24:19.205
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
Date: 2017-11-29 04:10:35.001
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
Date: 2017-11-28 14:57:32.378
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll that did not meet the Microsoft signing level requirements.
Date: 2017-08-03 17:37:19.949
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
Date: 2017-08-03 05:51:10.419
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
Date: 2017-07-30 05:03:47.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: AMD FX-8350 Eight-Core Processor
Percentage of memory in use: 68%
Total physical RAM: 3497.87 MB
Available physical RAM: 1098.61 MB
Total Virtual: 6116.4 MB
Available Virtual: 2684.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:73.65 GB) (Free:23.3 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.4 GB) (Disk ID: 2D42974C)
Partition 1: (Active) - (Size=73.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================