Hi, I really need some help here. My computer suddenly decided to turn off my anti-virus and just about anything that i want to play games from. (Steam and ARC) I have just installed a new graphics card that was sealed when I got it so I believe it was new and not the possible infection route. I can use a computer but also spend plenty of time playing games on my computer but I may have watched or clicked on the clickbait vids on FB at the moment (stupid I know as i keep telling all my friends not to do it) Anyways I have tried to update/ re-install my anti-virus and have tried Malwarebytes and othe AV programs. All of these will download to my computer but will not run. I have completed the Farbar scan and these are the logs. Btw these all happened about 2 days before I went on holiday for a week and while I should have asked for help then I didn't (my bad). I'm hoping someone can help me as I really don't know if i can get a clean install of these computer again. (my dad used to build them and then sold all his computers and stuff so I don't even know if he has kept the discs)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by robin (administrator) on ROBIN-PC (10-07-2018 20:08:49)
Running from C:\Users\robin\Desktop\Free tools
Loaded Profiles: robin (Available Profiles: robin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [64096 2018-03-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-05-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3752768 2018-06-18] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Run: [f.lux] => C:\Users\robin\AppData\Local\FluxSoftware\Flux\flux.exe [1682936 2018-01-17] (f.lux Software LLC)
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46139776 2018-03-15] ()
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Run: [Spotify Web Helper] => C:\Users\robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-05-12] (Spotify Ltd)
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-09] (Valve Corporation)
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\MountPoints2: {2746c5cc-0f46-11e7-884e-90e6ba4f7032} - E:\Setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{74134C22-B139-4950-A9F4-BEEFD0288E23}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9C1F6614-1893-45D7-9C93-B71051A292FD}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E34654FF-2966-4B38-A6DD-8C8A5B581BEF}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.sky.com/
SearchScopes: HKU\S-1-5-21-1842024429-2714170209-1629358381-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D7B0D661-1F0E-4026-8CF9-771B143800A5}&mid=3e24702b1e7047cd90ae41affcab99c1-7c8f98919273630b2f1b9f57a2c9093ee4e299f0&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516avz&pr=fr&d=2016-05-16 12:06:18&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-07-14] (LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\plugins\ArcPluginIE.dll [2017-07-28] (Perfect World Entertainment Inc)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-07-14] (LastPass)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-07-14] (LastPass)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-07-14] (LastPass)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-1842024429-2714170209-1629358381-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
IE Session Restore: HKU\S-1-5-21-1842024429-2714170209-1629358381-1001 -> is enabled.
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
FireFox:
========
FF DefaultProfile:
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-07-14] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-12-01] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-07-14] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\plugins\npArcPluginFF.dll [2017-07-28] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.facebook.com/login.php"
CHR NewTab: Default -> Active:"chrome-extension://ojhmphdkpgbibohbnpbfiefkgieacjmh/app/index.html"
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> lp
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default [2018-07-10]
CHR Extension: (Slides) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (IBM Security Rapport) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2018-03-14]
CHR Extension: (YouTube) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-16]
CHR Extension: (Google Search) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-15]
CHR Extension: (Iron Man 3) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkgohjhkmajdealpbnfimnchjepjmii [2015-07-17]
CHR Extension: (Mahjongg) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegpopcingfghbompjfejakfeaolmbop [2015-07-17]
CHR Extension: (minerBlock) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikbbbebcdfohonlaifafnoanocnebl [2018-07-10]
CHR Extension: (Sheets) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-07-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-04-02]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-01-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Picky Wallpapers) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj [2015-08-18]
CHR Extension: (Currently) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh [2016-07-17]
CHR Extension: (Weather Underground) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2015-07-17]
CHR Extension: (Gmail) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-30]
CHR Profile: C:\Users\robin\AppData\Local\Google\Chrome\User Data\System Profile [2018-06-30]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-06-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-06-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-06-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1164808 2018-06-20] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [87064 2017-07-28] (Perfect World Entertainment Inc)
S3 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [452352 2018-05-30] (Avira Operations GmbH & Co. KG)
S2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2940584 2018-03-16] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [346528 2018-05-17] (Avira Operations GmbH & Co. KG)
S2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [103328 2018-06-15] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-30] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-06-18] (Dropbox, Inc.)
S3 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-12-11] (Foxit Software Inc.)
S3 ImDskSvc; C:\Windows\system32\imdsksvc.exe [25720 2017-02-17] (Olof Lagerkvist)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [3878728 2017-02-25] (Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2201920 2018-06-12] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3072328 2018-06-12] (Electronic Arts)
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5253624 2018-05-23] (IBM Corp.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software) [File not signed]
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [466096 2018-04-24] (Windscribe Limited)
S3 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
S2 AdvancedSystemCareService11; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-09-23] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199912 2018-05-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153552 2018-05-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-09-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-09-23] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2017-09-23] (Avira Operations GmbH & Co. KG)
R2 ImDisk; C:\Windows\System32\DRIVERS\imdisk.sys [95376 2017-02-28] (Olof Lagerkvist)
S3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
S3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [22416 2018-01-11] (IObit.com)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-10] (Malwarebytes)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [68112 2018-06-01] (NVIDIA Corporation)
S3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2017-10-25] (The OpenVPN Project)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [496744 2018-05-23] (IBM Corp.)
R1 RapportCerberus_1919106; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1919106.sys [1645288 2018-06-12] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [712488 2018-05-23] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [340904 2018-05-23] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [605160 2018-05-23] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [751976 2018-05-23] (IBM Corp.)
R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-02-01] (The OpenVPN Project)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-10-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-10-08] (Zemana Ltd.)
S3 GLCKIO; \??\C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-10 19:57 - 2018-07-10 19:57 - 000947200 _____ C:\Users\robin\Desktop\avcertclean_1.2.0.exe
2018-07-10 19:51 - 2018-07-10 19:51 - 000002984 _____ C:\Windows\System32\Tasks\{282CA983-1786-4B1A-9AAE-2F92F8EBEF32}
2018-07-10 19:49 - 2018-07-10 19:49 - 005414912 _____ (Avira Operations GmbH & Co. KG) C:\Users\robin\Desktop\avira_en_fass0_5b44ff778f8d6__ws.exe
2018-06-30 17:24 - 2018-06-30 17:25 - 010393048 _____ (COMODO) C:\Users\robin\Desktop\ccav_installer_chid33220011.exe
2018-06-30 07:59 - 2018-07-10 20:08 - 000000000 ____D C:\FRST
2018-06-30 07:50 - 2018-06-30 07:50 - 002526736 _____ (Trend Micro Inc.) C:\Users\robin\Downloads\HousecallLauncher64.exe
2018-06-30 07:50 - 2018-06-30 07:50 - 000000036 _____ C:\Users\robin\AppData\Local\housecall.guid.cache
2018-06-30 07:26 - 2018-06-30 07:26 - 000002942 _____ C:\Windows\System32\Tasks\{1B7BAF58-7C42-47F2-96B9-BA0CF07AF434}
2018-06-29 13:22 - 2018-07-10 19:42 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-29 13:17 - 2018-06-29 13:17 - 005376592 _____ (Avira Operations GmbH & Co. KG) C:\Users\robin\Downloads\avira_en_av_59db815d90804__ws.exe
2018-06-21 14:47 - 2018-06-21 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-06-19 22:42 - 2018-06-19 22:42 - 002673793 _____ C:\Users\robin\Downloads\SSE_Airtricity_Domestic_Tariff_Table_effective_from_01_Apr_2018.pdf
2018-06-19 01:47 - 2018-06-19 01:47 - 000000222 _____ C:\Users\robin\Desktop\Neverwinter.url
2018-06-18 11:23 - 2018-06-18 11:23 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-06-18 11:23 - 2018-06-18 11:23 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-06-18 11:23 - 2018-06-18 11:23 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-06-18 11:23 - 2018-06-18 11:23 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-06-13 15:15 - 2018-06-13 15:15 - 000000000 ____D C:\ProgramData\PopCap Games
2018-06-12 18:52 - 2018-06-12 18:52 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-06-12 18:52 - 2018-06-01 09:47 - 000132680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-06-12 18:51 - 2018-06-12 18:51 - 000000000 ____D C:\Windows\system32\unknown
2018-06-12 18:51 - 2018-06-12 18:51 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-06-12 18:50 - 2018-06-02 04:06 - 040090152 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-06-12 18:50 - 2018-06-02 04:06 - 032360304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-06-12 18:50 - 2018-06-02 04:06 - 016999360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-06-12 18:50 - 2018-06-02 04:06 - 001419200 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-06-12 18:50 - 2018-06-02 04:06 - 001092008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-06-12 18:50 - 2018-06-02 04:06 - 000627240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-06-12 18:50 - 2018-06-02 04:06 - 000517544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 040346536 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 035250624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 031276296 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 013727800 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 003964328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 003497024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 002014144 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439811.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 001562208 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 001468272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439811.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 001216448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 001157216 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 000420008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 000182600 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 000165136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 000159712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-06-12 18:50 - 2018-06-02 04:05 - 000142824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-06-12 18:50 - 2018-06-02 04:04 - 019081176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-06-12 18:50 - 2018-06-02 04:04 - 017782576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-06-12 18:50 - 2018-06-01 11:27 - 000227928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-06-12 18:50 - 2018-06-01 11:27 - 000068112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-06-12 18:50 - 2018-06-01 11:27 - 000047648 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-06-12 18:50 - 2018-06-01 11:27 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-06-12 18:50 - 2018-06-01 11:27 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-06-12 18:40 - 2018-06-12 18:40 - 000003922 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2018-06-12 18:40 - 000000000 ____D C:\Users\robin\ansel
2018-06-12 18:40 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-06-12 18:34 - 2018-06-25 13:33 - 000000022 _____ C:\Windows\GPU-Z.INI
2018-06-12 18:30 - 2018-06-26 22:05 - 000002978 _____ C:\Windows\System32\Tasks\GPU Tweak II
2018-06-12 18:30 - 2018-06-12 18:30 - 000001067 _____ C:\Users\Public\Desktop\ASUS GPU TweakII.lnk
2018-06-12 18:30 - 2018-06-12 18:30 - 000000000 ____D C:\Windows\Downloaded Installations
2018-06-12 18:30 - 2018-06-12 18:30 - 000000000 ____D C:\Users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2018-06-12 18:30 - 2018-06-12 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-06-12 18:30 - 2018-06-12 18:30 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-06-12 18:29 - 2018-06-01 11:27 - 001688848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-06-12 18:29 - 2018-06-01 09:39 - 000634152 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-06-12 18:29 - 2018-06-01 09:39 - 000083528 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-06-12 18:28 - 2017-05-11 21:43 - 001988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438223.dll
2018-06-12 18:28 - 2017-05-11 21:43 - 001589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438223.dll
2018-06-12 18:27 - 2018-06-02 04:05 - 025990104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-06-12 18:27 - 2018-06-02 04:05 - 023298224 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-06-12 18:27 - 2018-06-02 04:05 - 020323576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-06-12 18:27 - 2018-06-02 04:05 - 011272944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-06-12 18:27 - 2018-06-02 04:05 - 000904720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-06-12 18:27 - 2018-06-02 04:05 - 000505928 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-06-12 18:27 - 2018-06-02 04:04 - 015691144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-06-12 18:27 - 2018-06-02 04:04 - 015192816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-06-12 18:26 - 2018-06-02 04:04 - 004613600 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-06-12 18:26 - 2018-06-02 04:04 - 004081440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-06-12 13:02 - 2018-06-12 13:05 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-12 13:02 - 2018-06-12 13:02 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-12 13:02 - 2018-06-12 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-11 19:15 - 2018-06-11 19:15 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-10 20:08 - 2017-10-08 00:25 - 000067459 _____ C:\Windows\ZAM.krnl.trace
2018-07-10 20:08 - 2017-10-08 00:25 - 000038386 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-07-10 20:08 - 2017-05-14 17:31 - 000000000 ____D C:\Users\robin\Desktop\Free tools
2018-07-10 19:56 - 2009-07-14 05:45 - 000017760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-10 19:56 - 2009-07-14 05:45 - 000017760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-10 19:51 - 2015-07-12 09:46 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-10 19:49 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-10 19:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-07-10 19:45 - 2017-05-30 14:16 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-07-10 19:41 - 2017-05-30 14:16 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-07-10 19:40 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-29 13:20 - 2015-07-12 09:46 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-06-29 13:19 - 2018-05-15 16:38 - 000000000 ____D C:\Program Files (x86)\Steam
2018-06-29 13:18 - 2017-05-08 16:11 - 000000000 ____D C:\Users\robin\AppData\Local\CrashDumps
2018-06-29 13:14 - 2016-12-07 20:54 - 000000000 ____D C:\Users\robin\AppData\Roaming\Origin
2018-06-22 11:01 - 2017-10-05 11:36 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-06-21 14:47 - 2017-05-30 14:16 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-06-20 14:36 - 2017-10-05 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-06-19 01:47 - 2018-05-15 16:51 - 000000000 ____D C:\Users\robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-06-18 19:44 - 2017-10-05 11:34 - 000000000 ____D C:\Program Files (x86)\Avira
2018-06-15 16:17 - 2015-07-12 09:42 - 000000000 ____D C:\Windows\system32\MRT
2018-06-15 16:14 - 2017-10-12 03:05 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-15 16:14 - 2015-07-12 09:42 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-13 14:27 - 2016-12-07 20:52 - 000000000 ____D C:\ProgramData\Origin
2018-06-12 19:22 - 2016-12-07 21:05 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-06-12 19:22 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-06-12 19:04 - 2016-12-07 20:53 - 000000000 ____D C:\Program Files (x86)\Origin
2018-06-12 18:52 - 2015-07-12 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-06-12 18:52 - 2015-07-12 09:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-06-12 18:52 - 2015-07-12 09:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-06-12 18:51 - 2016-11-21 20:11 - 000000000 ____D C:\Users\robin\AppData\Roaming\NVIDIA
2018-06-12 18:40 - 2017-08-27 13:29 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2017-03-22 17:17 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2017-03-22 17:17 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2017-03-22 17:17 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2017-03-22 17:17 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2017-03-22 17:17 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2017-03-22 17:17 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-12 18:40 - 2017-03-22 17:17 - 000001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-06-12 18:40 - 2015-07-12 09:39 - 000000000 ____D C:\Users\robin
2018-06-12 18:39 - 2017-03-22 17:17 - 000000000 ____D C:\Users\robin\AppData\Local\NVIDIA Corporation
2018-06-12 18:32 - 2018-03-26 17:58 - 000000000 ____D C:\Users\Public\Speedup Sessions
2018-06-12 18:30 - 2015-07-13 11:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-12 18:22 - 2016-11-09 11:11 - 000000000 ____D C:\ProgramData\ProductData
2018-06-12 18:22 - 2015-11-19 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2018-06-11 19:15 - 2015-07-12 22:34 - 000000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2015-07-14 19:22 - 2015-07-14 19:22 - 016581656 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2018-06-30 07:50 - 2018-06-30 07:50 - 000000036 _____ () C:\Users\robin\AppData\Local\housecall.guid.cache
2017-06-01 14:49 - 2017-06-01 14:49 - 000002169 _____ () C:\Users\robin\AppData\Local\recently-used.xbel
2017-03-19 18:13 - 2017-10-04 12:52 - 000007613 _____ () C:\Users\robin\AppData\Local\resmon.resmoncfg
2015-08-03 00:19 - 2015-08-03 00:19 - 000000000 _____ () C:\Users\robin\AppData\Local\{1CDDFEFE-2396-4356-9F17-7D3511F8B3BB}
2015-08-05 23:53 - 2015-08-05 23:53 - 000000000 _____ () C:\Users\robin\AppData\Local\{5C712DF7-A97E-4A15-ABB6-FC693BC721FF}
2015-07-31 15:18 - 2015-07-31 15:18 - 000000000 _____ () C:\Users\robin\AppData\Local\{660DCC4B-0A28-4AE3-902D-BF3558E7BDC0}
2015-08-09 04:48 - 2015-08-09 04:48 - 000000000 _____ () C:\Users\robin\AppData\Local\{A3E00A1E-B47F-4DD3-88D1-6BEF3A159611}
2017-10-11 15:04 - 2017-10-11 15:04 - 000000000 _____ () C:\Users\robin\AppData\Local\{D4A2EB80-4AF0-472D-9C97-C07DFD97709D}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-17 20:30
==================== End of FRST.txt ============================
Addition text
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by robin (10-07-2018 20:09:21)
Running from C:\Users\robin\Desktop\Free tools
Windows 7 Ultimate Service Pack 1 (X64) (2015-07-12 08:39:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1842024429-2714170209-1629358381-500 - Administrator - Disabled)
Guest (S-1-5-21-1842024429-2714170209-1629358381-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1842024429-2714170209-1629358381-1002 - Limited - Enabled)
robin (S-1-5-21-1842024429-2714170209-1629358381-1001 - Administrator - Enabled) => C:\Users\robin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Out of date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Out of date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Amazon Kindle) (Version: 1.21.0.48017 - Amazon)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.)
AVG Zen (HKLM\...\{6DDF7DAF-58CC-44EC-B172-22CC5886E472}) (Version: 1.111.9 - AVG Technologies) Hidden
Avira (HKLM-x32\...\{606c7b25-e58d-4e72-82dd-4a0e4e163086}) (Version: 1.2.114.16977 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C7FA948A-FC14-4316-92DC-23AF70C55A10}) (Version: 1.2.114.16977 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.36.200 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.14.1.26975 - Avira Operations GmbH & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{14E3F849-589B-42DB-83C4-D856CFE94BCC}) (Version: 1.0.67.2779 - Avira Operations Gmbh & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{9158dccb-03a7-493c-b07e-f47b9784425c}) (Version: 1.0.65.2672 - Avira Operations Gmbh & Co. KG) Hidden
Avira Software Updater (HKLM-x32\...\{A7F41426-5F75-4695-BE5D-B011821079A3}) (Version: 2.0.5.48230 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.8.0.7455 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{4B7277C7-9CEE-45FC-B36B-19AD28281B9C}) (Version: 3.40.8921.5350 - Google, Inc.)
BBC iPlayer Downloads (HKLM-x32\...\{148784F3-3B6E-4DFA-B7A1-3400B277DAF3}) (Version: 1.14.2 - BBC)
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 52.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
f.lux (HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Flux) (Version: - f.lux Software LLC)
FastStone Image Viewer 6.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.2 - FastStone Soft)
FMW 1 (HKLM\...\{1C3364DF-40B5-4DA4-9810-652A9A792FB1}) (Version: 1.132.1 - AVG Technologies) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
GXTool (HKLM-x32\...\93D383D2-DFB3-46F1-8A08-AA6113AB39DE) (Version: 1.0 - Trust International BV)
Icecream Ebook Reader version 5.07 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.07 - Icecream Apps)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Macrium Reflect Free Edition (HKLM\...\{595B8A7B-253D-4A4E-95C2-A823EDDD5496}) (Version: 6.3.1745 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.3 - Paramount Software (UK) Ltd.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.20.63112 - Electronic Arts, Inc.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1919.126 - Trusteer) Hidden
Serif PagePlus X7 (HKLM\...\{CB487BBA-A1AC-4B2B-80AC-DED349C897C5}) (Version: 17.0.3.28 - Serif (Europe) Ltd)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.9.201506301709 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SysGauge 2.3.18 (HKLM-x32\...\SysGauge) (Version: 2.3.18 - Flexense Computing Systems Ltd.)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1919.126 - Trusteer)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.81 Build 44 - Windscribe Limited)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-03-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-03-15] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-03-15] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-08] ()
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-03-15] (Google)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-06-20] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-03-15] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-06-18] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-10-08] ()
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-06-20] (Avira Operations GmbH & Co. KG)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12154847-6015-4A4A-A8E0-0BC14A6D9C8A} - System32\Tasks\{E745508C-7C48-4833-8CD1-FBF2DFACAA52} => C:\Program Files (x86)\Arc\ArcLauncher.exe [2017-07-28] (Perfect World Entertainment)
Task: {24021360-F1E2-488E-892E-77085812125D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {365EB785-625F-4428-BFC4-DE277C4A5AAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {37873B39-08B1-4178-AD5D-FFCFEDD2E35A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-30] (Dropbox, Inc.)
Task: {473D73B3-A037-4BC5-A4A9-5E947B386FCD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {47F5BB32-639E-4832-9EF7-8B862C2B9958} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2018-03-22] (Avira Operations GmbH & Co. KG)
Task: {4CCAFA97-DA72-48A8-944C-7AE5C527BF6F} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-06-20] (Avira Operations GmbH & Co. KG)
Task: {665DBBD3-7E44-4A8C-A185-13A34E2CDA66} - System32\Tasks\{282CA983-1786-4B1A-9AAE-2F92F8EBEF32} => C:\Users\robin\Desktop\avira_en_fass0_5b44ff778f8d6__ws.exe [2018-07-10] (Avira Operations GmbH & Co. KG)
Task: {721CA277-CA6A-4E2A-BD0D-E4DFB6AC8434} - System32\Tasks\{1B7BAF58-7C42-47F2-96B9-BA0CF07AF434} => C:\Program Files (x86)\Steam\Steam.exe [2018-06-09] (Valve Corporation)
Task: {75C12851-5E7F-4463-8A42-4ABA2FEB053F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {85487D5A-1950-4F15-86A3-2710A99BC584} - System32\Tasks\Uninstaller_SkipUac_robin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-03-28] (IObit)
Task: {8A0F8D44-B1F7-419C-9684-E6EE85B38C24} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28] (Oracle Corporation)
Task: {8A17E877-E81D-4CD7-81A5-E0765B35A0B9} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2017-04-12] (TODO: <Company name>)
Task: {8A4248A2-611B-4FE1-B1BC-FEB50EC5BF99} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {8B4D7B0C-9E28-4BC2-9CA1-B3E1F5487550} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-06-18] (Dropbox, Inc.)
Task: {90176E31-415D-4C53-9357-3C67A83685FE} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-06-13] (Avira Operations Gmbh & Co. KG)
Task: {90988451-0E55-4DA2-9E08-06562BB1E225} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Task: {95197C81-C36E-401D-A93F-6A13958404D2} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {98970E1F-AE1B-40B3-BFA0-CEB3796141CF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {B08301AD-ED1C-4D31-9C6E-5CF2F181B7C2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {B0B1D339-DA94-4C6D-87EF-981B687C6F3B} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Common Files\lpuninstall.exe [2015-07-14] (LastPass)
Task: {C297E826-97BD-4456-8F0D-9D9DB244F7AC} - System32\Tasks\{2E98E6EB-122B-4F06-827D-45859DFE9060} => C:\Program Files (x86)\Arc\ArcLauncher.exe [2017-07-28] (Perfect World Entertainment)
Task: {C655F85F-B8E7-4CF8-81B0-D842126E5785} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-06-13] (Avira Operations Gmbh & Co. KG)
Task: {CB7CF415-1DD5-4C6D-B86F-2992229800AD} - System32\Tasks\{1FC9F61C-5CE7-4A47-9E3B-D00C948504B7} => C:\Program Files (x86)\Arc\ArcLauncher.exe [2017-07-28] (Perfect World Entertainment)
Task: {CDAD47D6-C109-4C20-868B-0D2893FA2FF4} - System32\Tasks\Avira\System Speedup\Delayed Startup\robin\1 => C:\Users\robin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-05-12] (Spotify Ltd) <==== ATTENTION
Task: {CE048D73-140A-4C72-8179-AF5517937291} - System32\Tasks\ASC11_SkipUac_robin => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {D0869D90-F0D3-4B50-8257-9965FBC3252A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {D902A691-4E87-4AEB-A7F0-2C762C277CEF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {DB737D28-7C34-47F1-9F48-13BE35C2795D} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-06-13] (Avira Operations Gmbh & Co. KG)
Task: {E1F4B9E4-E2CC-4C14-9DC9-91D105FCA9CF} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28] (Oracle Corporation)
Task: {EE60FCF1-E17C-4DEB-BB20-F51093FD4D5B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {F3831C5D-3D07-470B-8DC2-A5AAA85A509C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-30] (Dropbox, Inc.)
Task: {F43F7407-7AD3-4F5A-A484-EAFE7ABF4B26} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {F85C1A72-2F11-4A5F-8A69-577268816696} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2018-03-26] (Avira Operations GmbH & Co. KG )
Task: {F9BEE171-2CAF-402F-B52B-08A70124DC96} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-10-08 00:24 - 2017-10-08 00:24 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2018-03-15 11:31 - 2018-03-15 11:31 - 046139776 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-07-10 19:41 - 2018-07-10 19:41 - 000113152 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_ctypes.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000080896 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\bz2.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 001585152 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_hashlib.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000128512 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32api.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000137728 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\pywintypes27.dll
2018-07-10 19:41 - 2018-07-10 19:41 - 000548864 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\pythoncom27.dll
2018-07-10 19:41 - 2018-07-10 19:41 - 000689664 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\unicodedata.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000438784 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32com.shell.shell.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 001489408 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\wx._core_.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 001007104 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\wx._gdi_.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 001039872 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\wx._windows_.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 001325056 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\wx._controls_.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000916992 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\wx._misc_.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 001084416 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\pysqlite2._sqlite.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000149504 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32file.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000136192 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32security.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000007680 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\hashobjs_ext.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000020992 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\thumbnails_ext.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000118784 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\usb_ext.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000047616 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_socket.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 002224128 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_ssl.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000014848 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\common.time34.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000023040 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32event.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000033280 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\windows.conditional.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000019968 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\windows.winwrap.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000107520 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\windows.volumes.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000223232 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32gui.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000173568 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_elementtree.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000169472 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\pyexpat.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000048128 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32inet.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000103424 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\wx._html2.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000046080 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_psutil_windows.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000633240 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\windows._cacheinvalidation.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 005408256 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\cello.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000010752 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\select.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000011776 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32crypt.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000301568 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\PIL._imaging.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000032256 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_multiprocessing.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000026112 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\_yappi.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000044032 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32process.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000027648 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32pipe.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000029696 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32pdh.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000038400 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\windows.connectivity.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000071168 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\windows.device_monitor.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000020480 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32profile.pyd
2018-07-10 19:41 - 2018-07-10 19:41 - 000026624 _____ () C:\Users\robin\AppData\Local\Temp\_MEI20682\win32ts.pyd
2017-03-22 17:17 - 2018-03-14 14:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-29 14:35 - 2018-03-20 07:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-29 14:35 - 2018-03-20 07:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\robin\Documents\Doughnaughty2d.ppp:SummaryInformation [215]
AlternateDataStreams: C:\Users\robin\Documents\Doughnaughty2d.ppp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\robin\Documents\Doughnaughty3d.ppp:SummaryInformation [215]
AlternateDataStreams: C:\Users\robin\Documents\Doughnaughty3d.ppp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2018-06-30 08:25 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1842024429-2714170209-1629358381-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\robin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: nvsvc => 2
MSCONFIG\startupfolder: C:^Users^robin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^zSpeedup.lnk => C:\Windows\pss\zSpeedup.lnk.Startup
MSCONFIG\startupreg: Avira System Speedup User Starter => "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
01-07-2018 18:02:58 Windows Update
02-07-2018 02:40:52 Windows Update
10-07-2018 20:01:07 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (07/10/2018 07:44:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Unchecky service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/10/2018 07:44:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Unchecky service to connect.
Error: (07/10/2018 07:44:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the NVIDIA Telemetry Container service to connect.
Error: (07/10/2018 07:44:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dropbox Update Service (dbupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/10/2018 07:44:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Dropbox Update Service (dbupdate) service to connect.
Error: (07/10/2018 07:44:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
Error: (07/10/2018 07:42:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Avira Service Host service to connect.
Error: (07/10/2018 07:42:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 31%
Total physical RAM: 12279.12 MB
Available physical RAM: 8443.76 MB
Total Virtual: 24556.4 MB
Available Virtual: 19907.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.47 GB) (Free:90.48 GB) NTFS
\\?\Volume{b8e5dc61-2870-11e5-ad3b-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: F60F1EBF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Any help would be greatly appreciated as it seems such a pity that I went to the expense of a new graphics card for my computer to seemingly take the hump with me lol. Sitting here crossing my thumbs and waiting for a reply. Thank you in advance to anyone who can help me. I understand that all the experts are volunteers and have lives outside of my problems and to be fair that comes first. I can wait patiently
)
Sign In
Create Account
