Results 1 to 7 of 7

Thread: laptop continues to crash apps and go not responding. not sure whats wrong

  1. #1
    Junior Member
    Join Date
    May 2017
    Posts
    3

    Default laptop continues to crash apps and go not responding. not sure whats wrong

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
    Ran by eric (administrator) on ERICANTON (29-05-2017 21:44:18)
    Running from C:\Users\eric\Desktop
    Loaded Profiles: eric (Available Profiles: eric)
    Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Edge)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
    (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
    (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    () C:\Windows\System32\igfxTray.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (MSI) C:\Program Files (x86)\SCM\SCM.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
    (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
    (Spotify Ltd) C:\Users\eric\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
    (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (MSI) C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe
    (Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\cmd.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\downloader.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-09-11] (Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-14] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [405504 2014-09-01] (MSI)
    HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
    HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
    HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
    HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
    HKLM-x32\...\Run: [SUPER CHARGER] => C:\Program Files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe [1047536 2014-02-21] (MSI)
    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-06-26] (SteelSeries ApS)
    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\...\Run: [Spotify Web Helper] => C:\Users\eric\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-01] (Spotify Ltd)
    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\...\Run: [Spotify] => C:\Users\eric\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-05-01] (Spotify Ltd)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-09-12]
    ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{5B62C353-75A3-463F-A52E-CC005846F3CE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{5f02267d-81ba-4f21-946d-441a49b2770b}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{d6602c9f-800a-42c2-8fdb-e5ca4188c920}: [DhcpNameServer] 192.168.0.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKU\S-1-5-21-1887440591-2253008068-428354483-1001 -> DefaultScope {F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} URL =
    SearchScopes: HKU\S-1-5-21-1887440591-2253008068-428354483-1001 -> {F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} URL =
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-05-08] (Bitdefender)
    BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-05-08] (Bitdefender)
    Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-05-08] (Bitdefender)
    Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-05-08] (Bitdefender)

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
    FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-19]
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
    FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2016-12-13] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\\antispam32\bdwteff => not found
    FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
    FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-12] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-12] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR StartupUrls: Default -> "hxxp://www.google.com/"
    CHR Profile: C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default [2017-05-29]
    CHR Extension: (Bitdefender Wallet) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2017-05-28]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-28]
    CHR Extension: (Chrome Media Router) - C:\Users\eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-28]
    CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
    R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [100448 2017-02-17] (Bitdefender)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-14] (NVIDIA Corporation)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
    R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-29] (Intel Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
    R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-09-01] (Micro-Star International Co., Ltd.) [File not signed]
    R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\SUPER CHARGER\ChargeService.exe [162800 2014-02-21] (MSI)
    R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
    R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-04-12] (NVIDIA Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation)
    S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-14] (NVIDIA Corporation)
    R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
    R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [360448 2014-08-18] (Qualcomm Atheros) [File not signed]
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266328 2016-12-04] (Synaptics Incorporated)
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-05-08] (Bitdefender)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1442896 2017-05-29] (Bitdefender)
    R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
    R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1612648 2017-05-29] (BitDefender)
    R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [879600 2017-05-29] (BitDefender)
    S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
    R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
    R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [97968 2014-08-13] (Qualcomm Atheros, Inc.)
    R1 ccSet_NAT; C:\WINDOWS\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
    R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
    R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
    R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-29] (Bitdefender)
    R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
    R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-29] (Intel Corporation)
    R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
    R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmiwu.inf_amd64_39a7e4df14c81942\nvlddmkm.sys [14841784 2017-04-17] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-14] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
    R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [506584 2014-09-11] (Realsil Semiconductor Corporation)
    S3 SAlphamBth; C:\WINDOWS\System32\drivers\SAlphabt64.sys [31232 2014-05-16] (SteelSeries Corporation) [File not signed]
    S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-05-27] (SteelSeries Corporation)
    R3 SAlphaPS2; C:\WINDOWS\System32\drivers\SAlphaPS264.sys [27520 2014-05-16] (SteelSeries Corporation)
    S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
    S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29936 2014-09-11] (Synaptics Incorporated)
    R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44216 2015-09-08] (Synaptics Incorporated)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
    R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
    R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
    R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-05-29 21:44 - 2017-05-29 21:46 - 00019533 _____ C:\Users\eric\Desktop\FRST.txt
    2017-05-29 21:37 - 2017-05-29 21:38 - 00667628 _____ C:\WINDOWS\Minidump\052917-29281-01.dmp
    2017-05-29 21:37 - 2017-05-29 21:37 - 789383031 _____ C:\WINDOWS\MEMORY.DMP
    2017-05-29 21:37 - 2017-05-29 21:37 - 00000000 ____D C:\WINDOWS\Minidump
    2017-05-29 21:35 - 2017-05-29 21:44 - 00000000 ____D C:\FRST
    2017-05-29 21:35 - 2017-05-29 21:35 - 02429952 _____ (Farbar) C:\Users\eric\Desktop\FRST64.exe
    2017-05-29 21:34 - 2017-05-29 21:34 - 05198336 _____ (AVAST Software) C:\Users\eric\Desktop\aswMBR.exe
    2017-05-29 19:53 - 2017-05-29 19:53 - 00000000 ____D C:\Users\eric\AppData\Roaming\Macromedia
    2017-05-28 19:49 - 2017-05-28 19:50 - 00000000 ____D C:\Users\eric\Documents\Overwatch
    2017-05-28 19:25 - 2017-05-28 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
    2017-05-28 19:12 - 2017-05-28 19:25 - 00000888 _____ C:\Users\Public\Desktop\Overwatch.lnk
    2017-05-28 18:09 - 2017-05-28 19:49 - 00000000 ____D C:\Program Files (x86)\Overwatch
    2017-05-28 17:58 - 2017-05-28 17:58 - 03233264 _____ (Blizzard Entertainment) C:\Users\eric\Downloads\Battle.net-Setup.exe
    2017-05-25 20:52 - 2017-05-25 20:52 - 00000000 ____D C:\Users\eric\AppData\Local\DBG
    2017-05-25 20:51 - 2017-05-25 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
    2017-05-25 20:49 - 2017-05-25 20:50 - 83883525 _____ (XBMC-Foundation) C:\Users\eric\Downloads\kodi-17.3-Krypton.exe
    2017-05-21 20:32 - 2017-05-21 20:32 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
    2017-05-21 20:31 - 2017-05-21 20:31 - 00001262 _____ C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk
    2017-05-21 20:30 - 2017-05-21 20:30 - 00000020 ___SH C:\Users\eric\ntuser.ini
    2017-05-21 00:40 - 2017-05-21 00:40 - 00000000 ____D C:\Windows.old
    2017-05-21 00:39 - 2017-05-21 00:39 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2017-05-21 00:39 - 2017-05-21 00:39 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2017-05-21 00:39 - 2017-05-21 00:39 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2017-05-21 00:39 - 2017-05-21 00:39 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2017-05-21 00:39 - 2017-05-21 00:39 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2017-05-21 00:39 - 2017-05-21 00:39 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
    2017-05-21 00:39 - 2017-05-21 00:39 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
    2017-05-21 00:39 - 2017-05-21 00:39 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
    2017-05-21 00:39 - 2017-05-21 00:39 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
    2017-05-21 00:39 - 2017-05-21 00:39 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
    2017-05-21 00:39 - 2017-05-21 00:39 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
    2017-05-21 00:39 - 2017-05-21 00:39 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
    2017-05-21 00:36 - 2017-05-21 00:36 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
    2017-05-21 00:36 - 2017-05-20 22:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles
    2017-05-21 00:34 - 2017-05-21 00:34 - 00000000 ____D C:\Program Files\Reference Assemblies
    2017-05-21 00:34 - 2017-05-21 00:34 - 00000000 ____D C:\Program Files\MSBuild
    2017-05-21 00:34 - 2017-05-21 00:34 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-05-21 00:34 - 2017-05-21 00:34 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2017-05-21 00:33 - 2017-02-10 13:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2017-05-21 00:33 - 2017-02-10 13:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2017-05-21 00:33 - 2017-02-10 13:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2017-05-21 00:33 - 2017-02-10 13:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2017-05-21 00:33 - 2017-02-10 13:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2017-05-21 00:33 - 2017-02-10 13:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2017-05-20 23:08 - 2017-05-20 23:08 - 00000000 _SHDL C:\Users\Default\My Documents
    2017-05-20 23:05 - 2017-05-20 23:07 - 00007623 _____ C:\WINDOWS\diagwrn.xml
    2017-05-20 23:05 - 2017-05-20 23:07 - 00007623 _____ C:\WINDOWS\diagerr.xml
    2017-05-20 22:59 - 2017-05-29 21:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-05-20 22:59 - 2017-05-28 18:13 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F19CE4D9-ABE9-4FF3-A8F8-91CF7C71C69E}
    2017-05-20 22:59 - 2017-05-21 20:35 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
    2017-05-20 22:59 - 2017-05-20 23:00 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1887440591-2253008068-428354483-1001
    2017-05-20 22:59 - 2017-05-20 22:59 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-05-20 22:59 - 2017-05-20 22:59 - 00003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-05-20 22:59 - 2017-05-20 22:59 - 00003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002378 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1887440591-2253008068-428354483-500
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002364 _____ C:\WINDOWS\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002360 _____ C:\WINDOWS\System32\Tasks\MSI_Dragon Gaming Center
    2017-05-20 22:59 - 2017-05-20 22:59 - 00002048 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
    2017-05-20 22:59 - 2017-05-20 22:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
    2017-05-20 22:59 - 2017-05-20 22:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Anti-Theft
    2017-05-20 22:59 - 2017-05-20 22:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
    2017-05-20 22:59 - 2014-09-12 11:24 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1250545291-1594571460-862123941-500
    2017-05-20 22:59 - 2014-04-29 14:16 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-378197635-2459492535-1786435534-500
    2017-05-20 22:57 - 2017-05-29 21:44 - 00935170 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-05-20 22:56 - 2017-05-20 22:56 - 00000000 ____D C:\ProgramData\USOShared
    2017-05-20 22:52 - 2017-05-20 22:52 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2017-05-20 22:49 - 2017-05-20 22:53 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
    2017-05-20 22:47 - 2017-05-28 19:49 - 00000000 ____D C:\Users\eric
    2017-05-20 22:47 - 2017-05-20 22:47 - 00000000 _SHDL C:\Users\eric\My Documents
    2017-05-20 22:47 - 2017-05-20 22:47 - 00000000 _SHDL C:\Users\eric\Documents\My Videos
    2017-05-20 22:47 - 2017-05-20 22:47 - 00000000 _SHDL C:\Users\eric\Documents\My Pictures
    2017-05-20 22:47 - 2017-05-20 22:47 - 00000000 _SHDL C:\Users\eric\Documents\My Music
    2017-05-20 22:46 - 2017-05-29 21:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2017-05-20 22:46 - 2017-05-29 21:37 - 00000000 ____D C:\ProgramData\NVIDIA
    2017-05-20 22:46 - 2017-05-20 22:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-05-20 22:46 - 2017-05-20 22:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2017-05-20 22:46 - 2017-05-20 22:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-05-20 22:46 - 2017-05-20 22:46 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
    2017-05-20 22:46 - 2017-05-20 22:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
    2017-05-20 22:46 - 2017-05-20 22:46 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2017-05-20 22:46 - 2017-05-20 22:46 - 00000000 ____D C:\Program Files\Realtek
    2017-05-20 22:46 - 2017-05-20 22:46 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
    2017-05-20 22:46 - 2017-04-12 14:43 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2017-05-20 22:46 - 2017-04-12 14:35 - 06438968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2017-05-20 22:46 - 2017-04-12 14:35 - 02481208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2017-05-20 22:46 - 2017-04-12 14:35 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2017-05-20 22:46 - 2017-04-12 14:35 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2017-05-20 22:46 - 2017-04-12 14:35 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2017-05-20 22:46 - 2017-04-12 14:35 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2017-05-20 22:46 - 2017-04-12 14:35 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2017-05-20 22:46 - 2017-04-12 07:13 - 07915337 _____ C:\WINDOWS\system32\nvcoproc.bin
    2017-05-20 22:46 - 2017-03-18 14:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2017-05-20 22:46 - 2016-11-01 23:05 - 00103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
    2017-05-20 22:46 - 2016-11-01 23:05 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
    2017-05-20 22:45 - 2017-05-20 22:49 - 00000000 ____D C:\Program Files\Intel
    2017-05-20 22:45 - 2017-05-20 22:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2017-05-20 22:45 - 2017-05-20 22:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
    2017-05-20 22:45 - 2017-05-20 22:45 - 00000000 ____D C:\Program Files\Synaptics
    2017-05-20 22:43 - 2017-05-29 19:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-05-20 22:43 - 2017-05-28 19:46 - 00217000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-05-20 20:46 - 2017-05-21 20:30 - 00000000 ___DC C:\WINDOWS\Panther
    2017-05-20 20:41 - 2017-05-20 20:41 - 00000000 ____D C:\Users\eric\AppData\Local\UNP
    2017-05-08 19:32 - 2017-05-20 22:53 - 00000000 ____D C:\WINDOWS\system32\UNP
    2017-05-08 19:32 - 2017-05-08 19:33 - 00000000 ____D C:\Program Files\UNP
    2017-05-08 19:30 - 2017-05-08 19:30 - 00041704 _____ C:\ProgramData\dm.update.1494293425.bdinstall.bin

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-05-29 21:40 - 2017-01-09 09:13 - 00000000 ____D C:\Program Files\Bitdefender Agent
    2017-05-29 21:40 - 2015-01-02 15:59 - 00000000 __SHD C:\Users\eric\IntelGraphicsProfiles
    2017-05-29 21:31 - 2015-01-04 14:45 - 00000000 ____D C:\Users\eric\AppData\Roaming\Kodi
    2017-05-29 20:52 - 2017-01-09 09:24 - 01612648 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
    2017-05-29 20:52 - 2017-01-09 09:24 - 00879600 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
    2017-05-29 20:26 - 2015-01-02 16:15 - 00000000 ____D C:\Users\eric\AppData\Local\Battle.net
    2017-05-29 20:02 - 2015-01-03 09:23 - 00000000 ____D C:\Program Files (x86)\Steam
    2017-05-29 20:01 - 2015-01-02 16:15 - 00000000 ____D C:\Program Files (x86)\Battle.net
    2017-05-29 20:00 - 2017-03-18 15:03 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
    2017-05-29 19:59 - 2017-03-18 15:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
    2017-05-29 19:57 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2017-05-29 19:57 - 2017-03-18 15:01 - 00000000 ____D C:\WINDOWS\INF
    2017-05-29 19:47 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\NDF
    2017-05-28 21:26 - 2015-01-05 21:16 - 00000000 ____D C:\Users\eric\AppData\Local\CrashDumps
    2017-05-28 19:47 - 2017-03-18 05:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
    2017-05-28 19:45 - 2017-03-18 05:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
    2017-05-28 19:45 - 2015-01-05 21:12 - 00025923 _____ C:\bdlog.txt
    2017-05-28 18:04 - 2015-01-02 19:23 - 00000000 ____D C:\Program Files (x86)\Diablo III
    2017-05-28 18:02 - 2017-03-18 15:03 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-05-28 18:02 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\AppReadiness
    2017-05-28 17:58 - 2015-01-02 16:15 - 00000000 ____D C:\Users\eric\AppData\Roaming\Battle.net
    2017-05-28 17:58 - 2015-01-02 16:13 - 00000000 ____D C:\ProgramData\Battle.net
    2017-05-25 20:57 - 2017-03-18 14:51 - 00000000 ____D C:\WINDOWS\CbsTemp
    2017-05-25 20:52 - 2014-09-12 10:14 - 00000000 ____D C:\ProgramData\Package Cache
    2017-05-25 20:51 - 2015-01-11 16:10 - 00000000 ____D C:\Program Files (x86)\Kodi
    2017-05-22 19:23 - 2015-01-05 20:53 - 00000000 ____D C:\WINDOWS\system32\MRT
    2017-05-22 19:21 - 2015-01-05 20:53 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-05-22 19:20 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\appcompat
    2017-05-21 20:47 - 2015-01-02 15:59 - 00000000 ____D C:\Users\eric\AppData\Local\Packages
    2017-05-21 20:35 - 2016-04-24 08:16 - 00002411 _____ C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2017-05-21 20:35 - 2015-01-02 16:04 - 00000000 ___RD C:\Users\eric\OneDrive
    2017-05-21 20:31 - 2016-04-24 08:59 - 00000000 ____D C:\Users\eric\AppData\Local\MicrosoftEdge
    2017-05-21 20:30 - 2017-03-18 15:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2017-05-21 20:30 - 2016-02-13 07:20 - 00000000 __RHD C:\Users\Public\AccountPictures
    2017-05-21 00:43 - 2017-03-18 15:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2017-05-21 00:40 - 2017-03-18 15:06 - 00000000 ____D C:\WINDOWS\Setup
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ___SD C:\WINDOWS\system32\F12
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\Provisioning
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
    2017-05-21 00:40 - 2017-03-18 15:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-05-21 00:40 - 2017-03-18 05:40 - 00000000 ____D C:\WINDOWS\system32\Dism
    2017-05-20 23:07 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2017-05-20 23:07 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\rescache
    2017-05-20 23:05 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\Registration
    2017-05-20 23:05 - 2017-03-18 15:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-05-20 23:05 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
    2017-05-20 23:00 - 2017-03-18 20:31 - 00000000 ____D C:\WINDOWS\HoloShell
    2017-05-20 22:59 - 2017-03-18 15:03 - 00000000 __RHD C:\Users\Public\Libraries
    2017-05-20 22:59 - 2016-04-23 09:59 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
    2017-05-20 22:57 - 2015-01-02 16:06 - 00002282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-05-20 22:57 - 2014-09-12 10:08 - 00898608 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
    2017-05-20 22:56 - 2017-03-18 15:03 - 00000000 ____D C:\ProgramData\USOPrivate
    2017-05-20 22:53 - 2017-02-25 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2017-05-20 22:53 - 2017-01-09 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
    2017-05-20 22:53 - 2016-02-06 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiabloSport
    2017-05-20 22:53 - 2015-11-20 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2017-05-20 22:53 - 2015-01-03 09:35 - 00000000 ____D C:\Users\eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2017-05-20 22:53 - 2015-01-03 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2017-05-20 22:53 - 2015-01-03 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Anti-Theft
    2017-05-20 22:53 - 2015-01-02 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
    2017-05-20 22:53 - 2015-01-02 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
    2017-05-20 22:53 - 2014-09-12 11:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
    2017-05-20 22:53 - 2014-09-12 11:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnRecovery
    2017-05-20 22:53 - 2014-09-12 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
    2017-05-20 22:53 - 2014-09-12 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
    2017-05-20 22:53 - 2014-09-12 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
    2017-05-20 22:53 - 2014-09-12 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2017-05-20 22:53 - 2014-09-12 10:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2017-05-20 22:53 - 2014-04-29 12:50 - 00000000 ____D C:\WINDOWS\th
    2017-05-20 22:53 - 2014-04-29 12:50 - 00000000 ____D C:\WINDOWS\nl
    2017-05-20 22:53 - 2014-04-29 12:50 - 00000000 ____D C:\WINDOWS\ko
    2017-05-20 22:53 - 2014-04-29 12:50 - 00000000 ____D C:\WINDOWS\ja
    2017-05-20 22:53 - 2014-04-29 12:50 - 00000000 ____D C:\WINDOWS\en
    2017-05-20 22:53 - 2014-04-29 12:50 - 00000000 ____D C:\WINDOWS\de
    2017-05-20 22:53 - 2014-04-29 12:50 - 00000000 ____D C:\WINDOWS\ar
    2017-05-20 22:53 - 2014-04-29 12:49 - 00000000 ____D C:\WINDOWS\fr
    2017-05-20 22:53 - 2014-04-29 12:49 - 00000000 ____D C:\WINDOWS\es
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\spool
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\oobe
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
    2017-05-20 22:50 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
    2017-05-20 22:50 - 2014-09-12 10:29 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
    2017-05-20 22:50 - 2014-09-12 10:14 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
    2017-05-20 22:50 - 2014-09-12 10:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
    2017-05-20 22:50 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
    2017-05-20 22:50 - 2013-08-22 09:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
    2017-05-20 22:49 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\InputMethod
    2017-05-20 22:49 - 2017-03-18 15:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2017-05-20 22:49 - 2014-09-12 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
    2017-05-20 22:49 - 2014-09-12 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
    2017-05-20 22:47 - 2017-03-18 05:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2017-05-20 22:46 - 2017-03-18 15:03 - 00000000 ____D C:\WINDOWS\Help
    2017-05-20 22:46 - 2014-09-12 10:09 - 00000000 ____D C:\Temp
    2017-05-20 22:20 - 2017-03-18 21:20 - 00000000 ___HD C:\$WINDOWS.~BT
    2017-05-19 20:12 - 2015-01-02 16:06 - 00002270 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-05-07 22:44 - 2015-11-20 13:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2017-05-07 22:44 - 2015-11-20 13:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

    ==================== Files in the root of some directories =======

    2016-05-12 21:22 - 2016-05-12 21:22 - 0251218 _____ () C:\ProgramData\1463109720.bdinstall.bin
    2017-01-09 09:13 - 2017-01-09 09:13 - 0048068 _____ () C:\ProgramData\agent.1483974806.bdinstall.bin
    2017-03-21 22:36 - 2017-03-21 22:36 - 0029970 _____ () C:\ProgramData\agent.update.1490157399.bdinstall.bin
    2017-01-09 09:27 - 2017-01-09 09:27 - 0391854 _____ () C:\ProgramData\cl.1483975297.bdinstall.bin
    2017-01-09 09:27 - 2017-01-09 09:27 - 0055874 _____ () C:\ProgramData\dm.1483975652.bdinstall.bin
    2017-05-08 19:30 - 2017-05-08 19:30 - 0041704 _____ () C:\ProgramData\dm.update.1494293425.bdinstall.bin

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-05-20 22:43

    ==================== End of FRST.txt ============================




    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-05-2017
    Ran by eric (29-05-2017 21:46:27)
    Running from C:\Users\eric\Desktop
    Windows 10 Home Version 1703 (X64) (2017-05-21 05:08:45)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1887440591-2253008068-428354483-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-1887440591-2253008068-428354483-503 - Limited - Disabled)
    eric (S-1-5-21-1887440591-2253008068-428354483-1001 - Administrator - Enabled) => C:\Users\eric
    Guest (S-1-5-21-1887440591-2253008068-428354483-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1887440591-2253008068-428354483-1003 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
    AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
    Ansel (Version: 381.78 - NVIDIA Corporation) Hidden
    Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1405.0701 - Micro-Star International Co., Ltd.)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.21.970 - Bitdefender)
    Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.22.1050 - Bitdefender)
    Bitdefender Total Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.22.1050 - Bitdefender)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Boot Configure (HKLM-x32\...\{AB72B3BB-A389-4F62-86EE-C08326B4BE60}) (Version: 20.014.05233 - Micro-Star International Co., Ltd.)
    BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1408.201 - )
    CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5509.52 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
    Diablosport USB Drivers 2.4 (HKLM\...\{2677AAE2-D8F8-40AE-9149-67618ED43EFD}_is1) (Version: - DiabloSport, Inc.)
    Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1408.2901 - Micro-Star International Co., Ltd.)
    Dragon Gaming Center (x32 Version: 1.0.1408.2901 - Micro-Star International Co., Ltd.) Hidden
    DSDownloader 2.2.2.11 (HKLM-x32\...\DSDownloader_is1) (Version: - DiabloSport, Inc.)
    File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
    Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    GalerÃ*a de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
    Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{7a06df8f-4c5a-4207-aa9e-019406e3a46d}) (Version: 17.1.0 - Intel Corporation)
    iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
    KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
    Kodi (HKU\S-1-5-21-1887440591-2253008068-428354483-1001\...\Kodi) (Version: - XBMC-Foundation)
    MAGIX MX Suite (HKLM-x32\...\MAGIX_{43136332-880B-458A-966C-900C18752B66}) (Version: 1.13.0.121 - MAGIX AG)
    MAGIX MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1887440591-2253008068-428354483-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.)
    MSI Remind Manager (x32 Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.) Hidden
    MSI Social Media Collection (HKLM-x32\...\{7ADEC426-BE95-48EF-84D4-086BD0F4D331}) (Version: 1.14.2251 - Micro-Star International Co., Ltd.)
    Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
    NVIDIA 3D Vision Driver 381.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 381.78 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 381.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.78 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
    Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.46.1056 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Killer E220x Drivers (Version: 1.1.46.1056 - Qualcomm Atheros) Hidden
    Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.46.1056 - Qualcomm Atheros)
    Qualcomm Atheros Network Manager (Version: 1.1.46.1056 - Qualcomm Atheros) Hidden
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21258 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7324 - Realtek Semiconductor Corp.)
    SCM (HKLM\...\{F5D84549-523F-438F-8ACC-0944E30EF78C}) (Version: 13.014.09014 - Application)
    SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
    Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
    Spotify (HKU\S-1-5-21-1887440591-2253008068-428354483-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.450.22786 - SteelSeries)
    SUPER CHARGER (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.024 - MSI)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.57 - Synaptics Incorporated)
    Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
    Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
    Windows Driver Package - DiabloSport, LLC (usbser) Ports (11/04/2014 6.3.9600.0) (HKLM\...\FF8FAFD61328CF76ACA738F188A918F5764B96AD) (Version: 11/04/2014 6.3.9600.0 - DiabloSport, LLC)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
    XSplit Gamecaster (HKLM-x32\...\{4B72B9B7-9B87-4792-B9E3-713E6454B25F}) (Version: 1.8.1406.0912 - SplitmediaLabs)
    フォト ギャラリー (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    معرض الصور (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    사진 갤러리 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    影像中心 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
    照片库 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0559D50F-E494-4BE0-9461-62C39423DC3A} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-05-08] (Bitdefender)
    Task: {0917F5AA-E148-4509-A47B-12310405FE37} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {13364073-9F3C-4E97-9284-51F29D7AA502} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {1C0E554B-46B6-4811-B5FD-B0E147522AAD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
    Task: {227D079B-C41E-43F6-BAD8-C3CD6B55E248} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {26AA3AF5-66E0-4A13-9C47-CC7CEFF59E7B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
    Task: {4792FFE1-D7A5-4CE6-95FE-306E0909BB0D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {4A702A8B-B929-4288-93D2-81562B05CE6F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {4D4EE953-B7BF-4139-8FEA-65F242AD7F18} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {4DAEF5CE-FE3F-4520-A9B5-F51112EB429A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {5059FE9C-CAFB-42BA-87E5-D95734219035} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {5162C16A-3DFF-4A32-89AE-BA00A627A073} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
    Task: {51AD7411-24EA-4DE3-A83C-72DC0D595F01} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {551A224F-5BCB-42D6-912C-E541515C8C9F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
    Task: {5B052BF6-076A-4FB7-B7E5-62CC035DBD5C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
    Task: {5C3A177C-5FBC-4D83-9917-B5D41A27A00B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
    Task: {5EC298AD-A7AA-4EFF-A18A-D79EFB43FD77} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {7794864C-AAAE-4B43-8A1C-847DC59BB6B6} - \WPD\SqmUpload_S-1-5-21-1887440591-2253008068-428354483-1001 -> No File <==== ATTENTION
    Task: {79C2AE3E-8B7E-4C24-B6ED-907F9B9F29BD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {961892D7-7BD2-4853-A613-A7F4FE3C964C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {A5E7A1F3-BA4D-4E63-8D1F-E6E6EEEAC0DD} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
    Task: {A8BE7D68-1BE1-4A7D-91B7-775091DBCA57} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-12-04] (Synaptics Incorporated)
    Task: {ABF88646-061F-43E7-97D6-96B60926DB0B} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
    Task: {C349AFDE-6905-4FB4-996A-1FEA212BCCD0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {CBC43BED-5A2A-4B73-BC42-633D68882B73} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
    Task: {CD941FDB-E4C1-4EA4-8B9A-4DCCF6F58675} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {DF7D37D9-90CE-47FF-A3F7-2F705FFDA5B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {EFB1CA18-8445-47B4-93E6-D93BA69462DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-05-22] (Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2017-05-08 19:33 - 2017-05-08 19:33 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
    2017-02-16 20:17 - 2017-02-16 20:17 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
    2017-02-16 20:17 - 2017-02-16 20:17 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
    2017-02-16 20:17 - 2017-02-16 20:18 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
    2017-02-16 20:17 - 2017-02-16 20:18 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
    2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
    2017-01-13 13:56 - 2017-01-13 13:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-03-18 14:58 - 2017-03-18 14:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
    2017-03-18 14:59 - 2017-03-18 20:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2014-09-12 10:26 - 2012-11-01 12:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
    2014-09-12 10:26 - 2012-11-01 12:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
    2014-06-26 12:39 - 2014-06-26 12:39 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
    2014-05-16 09:57 - 2014-05-16 09:57 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
    2014-05-16 09:57 - 2014-05-16 09:57 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
    2014-06-26 12:39 - 2014-06-26 12:39 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
    2014-08-18 12:40 - 2014-08-18 12:40 - 00330240 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
    2014-01-22 11:44 - 2014-01-22 11:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll
    2017-05-29 20:53 - 2017-05-29 20:53 - 00023328 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\en-US\bdsystray.txtui
    2017-05-19 20:12 - 2017-05-09 03:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
    2017-05-19 20:12 - 2017-05-09 03:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
    2015-06-03 21:27 - 2016-06-14 19:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
    2014-04-29 17:23 - 2014-04-29 17:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2016-08-12 18:38 - 2016-08-12 18:38 - 00042720 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00060640 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll
    2016-08-12 18:38 - 2016-08-12 18:38 - 00126688 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll
    2016-08-12 18:38 - 2016-08-12 18:38 - 00023264 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00045792 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00026848 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00023776 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00030432 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00444128 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00287968 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00018144 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00021216 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32pipe.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00045792 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32file.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00018656 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00371424 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00025312 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00021216 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00019680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00043744 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00025824 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00190688 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\unicodedata.pyd
    2016-08-12 18:38 - 2016-08-12 18:38 - 00023264 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\eric\Desktop\aswMBR.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Desktop\FRST64.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Battle.net-Setup.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4 (1).exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\kodi-14.0-Helix (1).exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\kodi-17.3-Krypton.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\SpotifySetup.exe:BDU [0]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 07:25 - 2017-05-29 21:39 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\System32\oobe\info\Wallpaper\backgroundDefault.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\...\StartupApproved\Run: => "Spotify"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{05F40D80-8A10-402D-AB7C-96A863817D00}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{189448C0-4EC7-41C9-BCFA-4FEB034795EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{7CE5A826-8D1B-456E-84E4-CC3A9F9FF66B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{66F4C0CE-8AAC-4F28-B024-14EED436EAA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    FirewallRules: [{BA5E0FDB-F008-4923-BFDD-C23A19F83491}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{5987AD0F-1A61-41E5-A5EF-14C79247AC5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    FirewallRules: [{8ACC5AA0-6CD5-477D-BB16-2BFAE5AC54DF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [UDP Query User{A81D1A42-E5AA-4B47-B9A3-9D2447E03414}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [TCP Query User{9469372E-36AE-4F73-A25D-8C354B7C9806}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [UDP Query User{3CD6D94B-F225-4533-AEA1-0F78D2A0EFCB}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
    FirewallRules: [TCP Query User{83EFAE15-6754-423B-80F4-18FBF4103BC0}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files (x86)\symantec\norton online backup\nobuclient.exe
    FirewallRules: [{E1F455B7-F1E6-4D7C-869B-E945601DBE59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{D65E08BB-BD99-48E7-9425-5062671D689F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{0246322A-9F98-49BC-8BB9-0403AAC85DF4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{B4786CED-5856-49B0-AF93-EE0297178011}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{8A672660-3EB7-4910-ABDD-F7478A59A288}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{ED1E22CD-4574-4B51-8E96-AA0DD0A6684E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{186DC601-5420-4534-819C-D6E847B854AD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{DC1FA75B-ED2F-4624-A149-9DFE2B6C2596}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
    FirewallRules: [{5EB9DFCD-0D9E-487A-820F-6FCEA97212FD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{8AAEFEBA-2513-4B87-9869-1A26ED766AAE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{E3B04D97-C4B1-4982-A9CD-3398AA24FE63}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{408A843C-567A-4DD7-A7BB-C42C612679EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{E1E453DA-1734-497A-93E2-F000BC4EC7E5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{9078179C-BAC7-4B46-9AFF-D1711C4B9099}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{5929E1AD-9EA7-4726-A97E-8639C1767132}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{09465E05-946C-4A78-BFF7-C8CD897D593C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{B3943564-1EFC-43DF-9809-8F57C23CF4FE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{6CE0FF85-5F02-4553-8A14-75A9F366A987}] => (Allow) LPort=1900
    FirewallRules: [{57349266-7595-41CF-88DF-368C3B7A10E5}] => (Allow) LPort=2869
    FirewallRules: [{D0F43222-0FF3-4638-AD30-3C84651658F7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [TCP Query User{15819797-7858-43AE-8F3E-0A659A6DF284}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eric\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{C705B78C-6512-48BE-B6C7-BB74589060AB}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eric\appdata\roaming\spotify\spotify.exe
    FirewallRules: [TCP Query User{A6648728-C038-4FB2-8925-6EA8680C162C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [UDP Query User{7300A28B-0C33-4FF0-937D-23B12BC79206}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
    FirewallRules: [TCP Query User{432441D6-6E4A-4271-B4B0-B231DEB41C7F}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eric\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{60FAB706-ED7E-4469-92F8-7161ED692C91}C:\users\eric\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eric\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{94E261CB-EF5B-44DF-BB1E-B41F762B8D4F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{4BE90515-4848-4E99-9CFD-1645BF4393EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{DDAEEDD3-AEC3-4314-8FFD-BB6D7D16720B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{F4A6333F-CE4E-4B0D-9C84-3B4E7A88B8ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/29/2017 09:34:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program kodi.exe version 17.3.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 2480

    Start Time: 01d2d8f52a50a1bf

    Termination Time: 2

    Application Path: C:\Program Files (x86)\Kodi\kodi.exe

    Report Id: c5092a35-a367-4239-9a34-ef59b4358d0e

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (05/29/2017 07:41:13 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: KillerService.exe, version: 1.1.46.1056, time stamp: 0x53f22c94
    Faulting module name: KillerService.exe, version: 1.1.46.1056, time stamp: 0x53f22c94
    Exception code: 0xc0000417
    Fault offset: 0x000000000002e8ac
    Faulting process id: 0xf20
    Faulting application start time: 0x01d2d81d525a0b0f
    Faulting application path: C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
    Faulting module path: C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
    Report Id: f4b7d006-25b0-45d9-a21b-a412960ceaaa
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (05/28/2017 10:09:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1078

    Error: (05/28/2017 10:09:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1078

    Error: (05/28/2017 10:09:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (05/28/2017 09:25:39 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Kodi.exe, version: 17.3.0.0, time stamp: 0x5925f940
    Faulting module name: ucrtbase.dll, version: 10.0.15063.0, time stamp: 0xe880f7dc
    Exception code: 0xc0000409
    Fault offset: 0x000a543b
    Faulting process id: 0x2d40
    Faulting application start time: 0x01d2d82b310922ef
    Faulting application path: C:\Program Files (x86)\Kodi\Kodi.exe
    Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
    Report Id: 9b5782dd-0480-40b3-a6bc-43c4339edb38
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (05/28/2017 08:11:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

    Error: (05/28/2017 08:11:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1109

    Error: (05/28/2017 08:11:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (05/28/2017 07:44:47 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "c:\program files\diablosport\drivers\dpinst\DPInst_MultiLin_ia64.exe".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.


    System errors:
    =============
    Error: (05/29/2017 09:39:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (05/29/2017 09:39:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (05/29/2017 09:38:38 PM) (Source: BugCheck) (EventID: 1001) (User: )
    Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff6fb7dbedd18, 0x0000000000000000, 0xfffff802c21278be, 0x0000000000000002). A dump was saved in: C:\WINDOWS\MEMORY.DMP. Report Id: b19273d8-993b-4c66-a336-a915d6d837b3.

    Error: (05/29/2017 09:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The CldFlt service failed to start due to the following error:
    The request is not supported.

    Error: (05/29/2017 09:37:44 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 9:10:00 PM on ‎5/‎29/‎2017 was unexpected.

    Error: (05/29/2017 08:09:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (05/29/2017 08:05:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (05/29/2017 08:03:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (05/29/2017 08:01:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (05/29/2017 08:00:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


    CodeIntegrity:
    ===================================
    Date: 2017-05-29 21:37:58.584
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-05-29 20:12:56.693
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_019\avcuf64.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-05-29 20:12:56.653
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_019\avcuf64.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-05-29 20:05:23.353
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_019\avcuf64.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-05-29 20:03:45.615
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_019\avcuf64.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-05-29 19:53:36.721
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_019\avcuf64.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-05-29 19:53:36.519
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_019\avcuf64.dll that did not meet the Microsoft signing level requirements.

    Date: 2017-05-29 19:50:24.076
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-05-28 19:48:41.338
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-05-28 19:44:38.083
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_019\avcuf64.dll that did not meet the Microsoft signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
    Percentage of memory in use: 32%
    Total physical RAM: 8110.67 MB
    Available physical RAM: 5449.19 MB
    Total Virtual: 9390.67 MB
    Available Virtual: 6634.16 MB

    ==================== Drives ================================

    Drive c: (OS_Install) (Fixed) (Total:568.24 GB) (Free:496.74 GB) NTFS
    Drive d: (Data) (Fixed) (Total:346.08 GB) (Free:345.87 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: FC06443C)

    Partition: GPT.

    ==================== End of Addition.txt ============================

    was unable to get an aswMBR log to post.
    Last edited by tashi; 2017-05-30 at 07:26. Reason: Merged two posts. :-)

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Please attempt to temporarily disable your antivirus, info can be found here
    https://www.bleepingcomputer.com/for...ware-programs/


    ******
    Start FRST (Please double-click on FRST/FRST64) with Administrator privileges

    Right click on the text below and select Copy. beginning with Start:: and finishing with End::

    Start::
    EndProcesses:
    CreateRestorePoint:
    SearchScopes: HKU\S-1-5-21-1887440591-2253008068-428354483-1001 -> DefaultScope {F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} URL =
    SearchScopes: HKU\S-1-5-21-1887440591-2253008068-428354483-1001 -> {F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} URL = FF HKLM-x32\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\\antispam32\bdwteff => not found
    Task: {0917F5AA-E148-4509-A47B-12310405FE37} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {26AA3AF5-66E0-4A13-9C47-CC7CEFF59E7B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {4792FFE1-D7A5-4CE6-95FE-306E0909BB0D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {4A702A8B-B929-4288-93D2-81562B05CE6F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {4DAEF5CE-FE3F-4520-A9B5-F51112EB429A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {5059FE9C-CAFB-42BA-87E5-D95734219035} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {51AD7411-24EA-4DE3-A83C-72DC0D595F01} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {5EC298AD-A7AA-4EFF-A18A-D79EFB43FD77} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {7794864C-AAAE-4B43-8A1C-847DC59BB6B6} - \WPD\SqmUpload_S-1-5-21-1887440591-2253008068-428354483-1001 -> No File <==== ATTENTION
    Task: {79C2AE3E-8B7E-4C24-B6ED-907F9B9F29BD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {961892D7-7BD2-4853-A613-A7F4FE3C964C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {C349AFDE-6905-4FB4-996A-1FEA212BCCD0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {CD941FDB-E4C1-4EA4-8B9A-4DCCF6F58675} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {DF7D37D9-90CE-47FF-A3F7-2F705FFDA5B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    AlternateDataStreams: C:\Users\eric\Desktop\aswMBR.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Desktop\FRST64.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Battle.net-Setup.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4 (1).exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\kodi-14.0-Helix (1).exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\kodi-17.3-Krypton.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\SpotifySetup.exe:BDU [0]
    EmptyTemp:
    End::

    Press the Fix button.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.



    ******

    AdwCleaner
    • Please download AdwCleaner and save the file to your Desktop.
      In order to use AdwCleaner, you have to agree the Eula:
    • Right-click AdwCleaner.exe and select Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, click Logfile. A log (AdwCleaner[S1].txt) will open. Briefly check the log for anything you know to be legitimate.
    • Return to AdwCleaner. Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab.
    • Click Clean.
    • Follow the prompts and allow your computer to reboot.
    • After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.

    -- File and folder backups are made for items removed using this programme. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[C1].txt.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Please download Junkware Removal Tool
    or from here http://downloads.malwarebytes.org/file/jrt
    to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    ~~~~
    please post
    Fixlog.txt
    AdwCleaner[C1].txt
    JRT.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    May 2017
    Posts
    3

    Default

    # AdwCleaner v6.047 - Logfile created 30/05/2017 at 21:28:20
    # Updated on 19/05/2017 by Malwarebytes
    # Database : 2017-05-30.2 [Server]
    # Operating System : Windows 10 Home (X64)
    # Username : eric - ERICANTON
    # Running from : C:\Users\eric\Desktop\AdwCleaner.exe
    # Mode: Clean
    # Support : https://www.malwarebytes.com/support



    ***** [ Services ] *****



    ***** [ Folders ] *****



    ***** [ Files ] *****



    ***** [ DLL ] *****



    ***** [ WMI ] *****



    ***** [ Shortcuts ] *****



    ***** [ Scheduled Tasks ] *****



    ***** [ Registry ] *****

    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}


    ***** [ Web browsers ] *****



    *************************

    :: "Tracing" keys deleted
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [859 Bytes] - [30/05/2017 21:28:20]
    C:\AdwCleaner\AdwCleaner[S0].txt - [1212 Bytes] - [30/05/2017 21:27:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1004 Bytes] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.3 (04.10.2017)
    Operating System: Windows 10 Home x64
    Ran by eric (Administrator) on 2017-05-30 at 21:31:22.40
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 2

    Successfully deleted: C:\ProgramData\1463109720.bdinstall.bin (File)
    Successfully deleted: C:\Users\eric\Documents\add-in express (Folder)



    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 2017-05-30 at 21:34:57.74
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    Fix result of Farbar Recovery Scan Tool (x64) Version: 28-05-2017
    Ran by eric (30-05-2017 21:21:44) Run:2
    Running from C:\Users\eric\Desktop
    Loaded Profiles: eric (Available Profiles: eric)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************

    EndProcesses:
    CreateRestorePoint:
    SearchScopes: HKU\S-1-5-21-1887440591-2253008068-428354483-1001 -> DefaultScope {F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} URL =
    SearchScopes: HKU\S-1-5-21-1887440591-2253008068-428354483-1001 -> {F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} URL = FF HKLM-x32\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\\antispam32\bdwteff => not found
    Task: {0917F5AA-E148-4509-A47B-12310405FE37} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {26AA3AF5-66E0-4A13-9C47-CC7CEFF59E7B} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
    Task: {4792FFE1-D7A5-4CE6-95FE-306E0909BB0D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
    Task: {4A702A8B-B929-4288-93D2-81562B05CE6F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {4DAEF5CE-FE3F-4520-A9B5-F51112EB429A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {5059FE9C-CAFB-42BA-87E5-D95734219035} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {51AD7411-24EA-4DE3-A83C-72DC0D595F01} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {5EC298AD-A7AA-4EFF-A18A-D79EFB43FD77} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {7794864C-AAAE-4B43-8A1C-847DC59BB6B6} - \WPD\SqmUpload_S-1-5-21-1887440591-2253008068-428354483-1001 -> No File <==== ATTENTION
    Task: {79C2AE3E-8B7E-4C24-B6ED-907F9B9F29BD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {961892D7-7BD2-4853-A613-A7F4FE3C964C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {C349AFDE-6905-4FB4-996A-1FEA212BCCD0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
    Task: {CD941FDB-E4C1-4EA4-8B9A-4DCCF6F58675} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {DF7D37D9-90CE-47FF-A3F7-2F705FFDA5B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    AlternateDataStreams: C:\Users\eric\Desktop\aswMBR.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Desktop\FRST64.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Battle.net-Setup.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4 (1).exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\kodi-14.0-Helix (1).exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\kodi-17.3-Krypton.exe:BDU [0]
    AlternateDataStreams: C:\Users\eric\Downloads\SpotifySetup.exe:BDU [0]
    EmptyTemp:

    *****************

    EndProcesses: => Error: No automatic fix found for this entry.
    Restore point was successfully created.
    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
    HKU\S-1-5-21-1887440591-2253008068-428354483-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} => key removed successfully
    HKCR\CLSID\{F31B8A1C-22D7-4ED2-9D65-65B90AFE218E} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0917F5AA-E148-4509-A47B-12310405FE37} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0917F5AA-E148-4509-A47B-12310405FE37} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26AA3AF5-66E0-4A13-9C47-CC7CEFF59E7B} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26AA3AF5-66E0-4A13-9C47-CC7CEFF59E7B} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4792FFE1-D7A5-4CE6-95FE-306E0909BB0D} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4792FFE1-D7A5-4CE6-95FE-306E0909BB0D} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A702A8B-B929-4288-93D2-81562B05CE6F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A702A8B-B929-4288-93D2-81562B05CE6F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DAEF5CE-FE3F-4520-A9B5-F51112EB429A} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DAEF5CE-FE3F-4520-A9B5-F51112EB429A} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5059FE9C-CAFB-42BA-87E5-D95734219035} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5059FE9C-CAFB-42BA-87E5-D95734219035} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51AD7411-24EA-4DE3-A83C-72DC0D595F01} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51AD7411-24EA-4DE3-A83C-72DC0D595F01} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EC298AD-A7AA-4EFF-A18A-D79EFB43FD77} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EC298AD-A7AA-4EFF-A18A-D79EFB43FD77} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7794864C-AAAE-4B43-8A1C-847DC59BB6B6} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7794864C-AAAE-4B43-8A1C-847DC59BB6B6} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1887440591-2253008068-428354483-1001 => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79C2AE3E-8B7E-4C24-B6ED-907F9B9F29BD} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79C2AE3E-8B7E-4C24-B6ED-907F9B9F29BD} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{961892D7-7BD2-4853-A613-A7F4FE3C964C} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{961892D7-7BD2-4853-A613-A7F4FE3C964C} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C349AFDE-6905-4FB4-996A-1FEA212BCCD0} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C349AFDE-6905-4FB4-996A-1FEA212BCCD0} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD941FDB-E4C1-4EA4-8B9A-4DCCF6F58675} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD941FDB-E4C1-4EA4-8B9A-4DCCF6F58675} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF7D37D9-90CE-47FF-A3F7-2F705FFDA5B3} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF7D37D9-90CE-47FF-A3F7-2F705FFDA5B3} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
    C:\Users\eric\Desktop\aswMBR.exe => ":BDU" ADS removed successfully.
    C:\Users\eric\Desktop\FRST64.exe => ":BDU" ADS removed successfully.
    C:\Users\eric\Downloads\Battle.net-Setup.exe => ":BDU" ADS removed successfully.
    C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4 (1).exe => ":BDU" ADS removed successfully.
    C:\Users\eric\Downloads\Diablosport_USB_Driver_Installer_2.4.exe => ":BDU" ADS removed successfully.
    C:\Users\eric\Downloads\kodi-14.0-Helix (1).exe => ":BDU" ADS removed successfully.
    C:\Users\eric\Downloads\kodi-17.3-Krypton.exe => ":BDU" ADS removed successfully.
    C:\Users\eric\Downloads\SpotifySetup.exe => ":BDU" ADS removed successfully.

    =========== EmptyTemp: ==========

    BITS transfer queue => 10510336 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25466890 B
    Java, Flash, Steam htmlcache => 492 B
    Windows/system/drivers => 25796 B
    Edge => 42480256 B
    Chrome => 75765721 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 0 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 128 B
    systemprofile32 => 0 B
    LocalService => 8230 B
    NetworkService => 84982 B
    eric => 157282462 B

    RecycleBin => 6259 B
    EmptyTemp: => 297.2 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 21:22:10 ====

  4. #4
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Good work, thank you for the logs

    Please download the Malwarebytes Anti-Malware setup file to your Desktop.

    OR from this location Here

    • Open mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme.
    • Windows Vista, Windows 7 , 8, 8.1 and 10 : Right click and select "Run as Administrator"

    • On the Dashboard click on Update Now
    • Go to the Setting Tab
    • Under Setting go to Detection and Protection
    • Under PUP and PUM make sure both are set to show Treat Detections as Malware
    • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
    • Then on the Dashboard click on Scan
    • Make sure to select THREAT SCAN
    • Then click on Scan
    • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
    • When the scan is finished on the bottom right click on SAVE RESULTS then select Copy to Clipboard
    • If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
    • Please paste the log back into this thread for review

    • Exit Malwarebytes

    ************************

    • Download Emsisoft Emergency Kit and save it to your desktop.
    • Double-click icon then click Install
    • A Window should open highlighting Start Emergency Kit Scanner
    • Right click on the icon and select Run as administrator
    • Click 1. Update now!
    • Once the update is completed select Settings under Scan
    • Uncheck Join the Emsisoft Anti-Malware Network
    • Click Scan at the top
    • Click On scan completion
    • Click Quarantine detected objects, then click OK
    • Click Malware Scan
    • Once completed click View Report
    • Save the file to your Desktop using the default file name
    • Copy and paste the report in your reply

    =========

    post these 2 logs when finished

    Please tell me what the computer is doing now.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #5
    Junior Member
    Join Date
    May 2017
    Posts
    3

    Default

    Emsisoft Emergency Kit - Version 2017.4
    Last update: 2017-06-01 6:56:12 PM
    User account: ERICANTON\eric
    Computer name: ERICANTON
    OS version: Windows 10x64

    Scan settings:

    Scan type: Malware Scan
    Objects: Rootkits, Memory, Traces, Files

    Detect PUPs: On
    Scan archives: Off
    ADS Scan: On
    File extension filter: Off
    Direct disk access: Off

    Scan start: 2017-06-01 6:58:42 PM

    Scanned 79238
    Found 0

    Scan end: 2017-06-01 7:02:19 PM
    Scan time: 0:03:37


    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 6/1/17
    Scan Time: 6:38 PM
    Log File:
    Administrator: Yes

    -Software Information-
    Version: 3.1.2.1733
    Components Version: 1.0.139
    Update Package Version: 1.0.2068
    License: Trial

    -System Information-
    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: ERICANTON\eric

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 383560
    Threats Detected: 3
    Threats Quarantined: 0
    (No malicious items detected)
    Time Elapsed: 6 min, 22 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled


    computer seems to be doing much better now and does not crash any of the applications. thank you so much for your help

  6. #6
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    computer seems to be doing much better now and does not crash any of the applications. thank you so much for your help
    It's good news to me and your welcome

    I think your good to go.

    DelFix

    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Click the Run button.
    • -- This will remove the specialized tools we used to disinfect your system.
      Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
      ).

    *******************************


    • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
    • CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
    • Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
    • Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
    • NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
    • Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
    • Secunia PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
    • SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
    • Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #7
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Glad we could help.

    Since this issue appears resolved ... this Topic is closed.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •