Solved need help with something strange

Hello. Recently my computer has been acting strange. From fps drops in games to windows being weird with characters. I will post some ss's of what I mean and I have no idea what it is. Even if I try to just open something to edit then save it's impossible to even see the files as there are no letters for them. I have tried swapping video cards along with different slots but still the same. Did the same thing with cpu's and it's the same. Only have the set of ram I have right now and I tried rotating them in and out to see if I have a bad stick but no success yet. I will put image links as I can't even upload them directly without restarting.
Spec: MSI 970 Pro Mobo
FX-8350@4.0 Ghz
GTX 1070
840 evo SSD
Gskill 1333 16gb of ram
http://imgur.com/a/dwdkP
http://imgur.com/a/oEHCl
http://imgur.com/a/b2Zac

Attached it to the post. Might show 8gigs of ram since i was still playing around with the ram but think I might of ruled that out. Could a bad mobo cause this by chance? Maybe not reading or transferring things correctly?

Ok removed utorrent and will attach all of that. Yes I can view videos just fine from them being on my computer to youtube videos. Can even watch streams on twitch just fine.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-06-2017
Ran by Motion (administrator) on MOTION-PC (14-06-2017 17:09:12)
Running from C:\Users\Motion\Downloads
Loaded Profiles: Motion (Available Profiles: Motion & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\n360.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(OTi) C:\Windows\SysWOW64\UStorSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify Ltd) C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\Run: [Spotify] => C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-04-21] (Spotify Ltd)
HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\Run: [Spotify Web Helper] => C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-21] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\buShell.dll [2017-05-11] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-11-21]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1442195442-3689054388-281515-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPEC5877B5-1FCA-4417-B44A-201755B656F1&q={searchTerms}&SSPV=
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-11] (Oracle Corporation)
BHO-x32: No Name -> {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-11] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\coIEPlg.dll [2017-05-26] (Symantec Corporation)

FireFox:
========
FF DefaultProfile: 990g0168.default
FF ProfilePath: C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default [2017-06-14]
FF Extension: (Video DownloadHelper) - C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-31]
FF Extension: (Adblock Plus) - C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-31]
FF Extension: (Greasemonkey) - C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-04-07]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon [2017-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://comcast.net/
CHR StartupUrls: Default -> "hxxp://comcast.net/"
CHR Profile: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default [2017-06-14]
CHR Extension: (BetterTTV) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-04-21]
CHR Extension: (Google Drive) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Fast Proxy) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkjcdfmmpdfjohenejbkaaafkoeknjnh [2015-04-27]
CHR Extension: (Adblock Plus) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Norton Security Toolbar) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-06-06]
CHR Extension: (Google Docs Offline) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Zalmos SSL Web Proxy for Free) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn [2014-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Chrome Media Router) - C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\Exts\Chrome.crx [2017-06-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1442195442-3689054388-281515-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Motion\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-07-19]
CHR HKU\S-1-5-21-1442195442-3689054388-281515-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\Exts\Chrome.crx [2017-06-06]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-09-30] (BitRaider, LLC)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\N360.exe [326160 2017-05-26] (Symantec Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-07] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-07] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-09-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
R2 UStorage Server Service; C:\Windows\SysWOW64\UStorSrv.exe [139264 2004-09-20] (OTi) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\Definitions\BASHDefs\20170612.001\BHDrvx64.sys [1862784 2017-05-18] (Symantec Corporation)
S3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [140800 2013-10-30] (SteelSeries Corporation) [File not signed]
R1 Capsax64Drv0; C:\WINDOWS\System32\Drivers\Capsax64Drv0.sys [35976 2014-08-15] (Colasoft Co., Ltd.)
R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360x64\1609040.008\ccSetx64.sys [174232 2017-05-11] (Symantec Corporation)
R1 CSN5PDTS82x64; C:\WINDOWS\System32\Drivers\CSN5PDTS82x64.sys [34840 2012-10-24] (Colasoft Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507032 2017-05-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-05-10] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.7.0.76\Definitions\IPSDefs\20170613.001\IDSvia64.sys [1053824 2017-05-20] (Symantec Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2015-05-18] (ASUSTeK Computer Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys [14461344 2017-06-08] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) [File not signed]
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SRTSP; C:\WINDOWS\System32\Drivers\N360x64\1609040.008\SRTSP64.SYS [770712 2017-05-11] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360x64\1609040.008\SRTSPX64.SYS [49304 2017-05-11] (Symantec Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [41824 2016-11-03] (SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [45928 2017-01-10] (SteelSeries ApS)
R0 SymEFASI; C:\WINDOWS\System32\drivers\N360x64\1609040.008\SYMEFASI64.SYS [1714328 2017-05-11] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\N360x64\1609040.008\SymELAM.sys [24608 2017-05-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-03-15] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360x64\1609040.008\Ironx64.SYS [291480 2017-05-11] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\N360x64\1609040.008\SYMNETS.SYS [567496 2017-05-11] (Symantec Corporation)
R3 VBAudioVMVAIOMME; C:\WINDOWS\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-09-12] (Windows (R) Win 7 DDK provider)
R3 VCSVADHWSer; C:\WINDOWS\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [35344 2015-10-02] ()
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-14 17:06 - 2017-06-14 17:06 - 00047599 _____ C:\Users\Motion\Downloads\Addition.txt
2017-06-14 17:05 - 2017-06-14 17:09 - 00021149 _____ C:\Users\Motion\Downloads\FRST.txt
2017-06-14 17:05 - 2017-06-14 17:09 - 00000000 ____D C:\FRST
2017-06-14 17:01 - 2017-06-14 17:01 - 02438656 _____ (Farbar) C:\Users\Motion\Downloads\FRST64.exe
2017-06-14 16:18 - 2017-06-14 16:18 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-06-14 16:18 - 2017-06-14 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-06-14 16:18 - 2017-06-14 16:18 - 00000000 ____D C:\Program Files\Speccy
2017-06-14 16:16 - 2017-06-14 16:16 - 06293184 _____ (Piriform Ltd) C:\Users\Motion\Downloads\spsetup130.exe
2017-06-14 15:49 - 2017-06-14 16:07 - 3992293376 _____ C:\Users\Motion\Downloads\en_windows_10_pro_10240_x64_dvd.iso
2017-06-14 15:48 - 2017-06-14 15:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-06-14 15:23 - 2017-06-14 15:23 - 18357776 _____ (Microsoft Corporation) C:\Users\Motion\Downloads\MediaCreationTool (1).exe
2017-06-14 15:23 - 2017-06-14 15:23 - 00000000 ___HD C:\$Windows.~WS
2017-06-14 14:46 - 2017-06-14 15:50 - 00000000 ____D C:\ESD
2017-06-14 14:45 - 2017-06-14 14:45 - 18357776 _____ (Microsoft Corporation) C:\Users\Motion\Downloads\MediaCreationTool.exe
2017-06-14 14:32 - 2017-06-14 14:32 - 01856832 _____ C:\Users\Motion\Downloads\DAZ LOADER WINDOWS 10 www.nvsoftwares.com.rar
2017-06-14 01:56 - 2017-06-14 01:56 - 01717944 _____ ( ) C:\Users\Motion\Downloads\cpu-z_1.79-en.exe
2017-06-14 01:56 - 2017-06-14 01:56 - 00000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2017-06-14 01:56 - 2017-06-14 01:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-06-14 01:56 - 2017-06-14 01:56 - 00000000 ____D C:\Program Files\CPUID
2017-06-14 01:44 - 2017-06-14 17:04 - 00035404 _____ C:\Users\Motion\Desktop\MTB.txt
2017-06-14 01:39 - 2017-06-14 01:39 - 00892416 _____ (Farbar) C:\Users\Motion\Downloads\MiniToolBox.exe
2017-06-13 21:27 - 2017-06-07 19:38 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-06-13 21:27 - 2017-03-10 17:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-06-13 21:27 - 2017-03-10 17:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-06-13 21:27 - 2017-03-10 17:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-06-13 21:27 - 2017-03-10 17:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-06-13 14:13 - 2017-06-03 06:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-13 14:13 - 2017-06-03 06:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-13 14:13 - 2017-06-03 06:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-13 14:13 - 2017-06-03 06:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-13 14:13 - 2017-06-03 06:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-13 14:13 - 2017-06-03 06:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-13 14:13 - 2017-06-03 06:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-13 14:13 - 2017-06-03 06:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-13 14:13 - 2017-06-03 06:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-13 14:13 - 2017-06-03 06:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-13 14:13 - 2017-06-03 06:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-13 14:13 - 2017-06-03 06:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-13 14:13 - 2017-06-03 06:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-13 14:13 - 2017-06-03 05:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-13 14:13 - 2017-06-03 05:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-13 14:13 - 2017-06-03 05:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-13 14:13 - 2017-06-03 05:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-13 14:13 - 2017-06-03 05:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-13 14:13 - 2017-06-03 05:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-13 14:13 - 2017-06-03 05:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-13 14:13 - 2017-06-03 05:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-13 14:13 - 2017-06-03 05:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-13 14:13 - 2017-06-03 05:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-13 14:13 - 2017-06-03 05:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-13 14:13 - 2017-06-03 05:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-13 14:13 - 2017-06-03 05:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-13 14:13 - 2017-06-03 05:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-13 14:13 - 2017-06-03 05:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-13 14:13 - 2017-06-03 05:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-13 14:13 - 2017-06-03 05:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-13 14:13 - 2017-06-03 05:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-13 14:13 - 2017-06-03 05:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-13 14:13 - 2017-06-03 05:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-13 14:13 - 2017-06-03 05:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-13 14:13 - 2017-06-03 05:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-13 14:13 - 2017-06-03 05:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-13 14:13 - 2017-06-03 05:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-13 14:13 - 2017-06-03 05:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-13 14:13 - 2017-06-03 05:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-13 14:13 - 2017-06-03 05:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-13 14:13 - 2017-06-03 05:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-13 14:13 - 2017-06-03 05:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-13 14:13 - 2017-06-03 05:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 14:13 - 2017-06-03 05:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-13 14:13 - 2017-06-03 05:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-13 14:13 - 2017-06-03 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-13 14:13 - 2017-06-03 05:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-13 14:13 - 2017-06-03 05:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-13 14:13 - 2017-06-03 05:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-13 14:13 - 2017-06-03 05:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-13 14:13 - 2017-06-03 05:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-13 14:13 - 2017-06-03 05:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-13 14:13 - 2017-06-03 05:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-13 14:13 - 2017-06-03 05:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-13 14:13 - 2017-06-03 05:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-13 14:13 - 2017-06-03 05:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-13 14:13 - 2017-06-03 05:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-13 14:13 - 2017-06-03 05:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-13 14:13 - 2017-06-03 05:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-13 14:13 - 2017-06-03 05:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-13 14:13 - 2017-06-03 05:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-13 14:13 - 2017-06-03 05:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-13 14:13 - 2017-06-03 05:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-13 14:13 - 2017-06-03 05:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-13 14:13 - 2017-06-03 05:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-13 14:13 - 2017-06-03 05:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-13 14:13 - 2017-06-03 04:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-13 14:13 - 2017-06-03 04:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-13 14:13 - 2017-06-03 04:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-13 14:13 - 2017-06-03 04:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-13 14:13 - 2017-06-03 04:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-13 14:13 - 2017-06-03 04:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-13 14:13 - 2017-06-03 04:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-13 14:13 - 2017-06-03 04:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-13 14:13 - 2017-06-03 04:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-13 14:13 - 2017-06-03 04:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-13 14:13 - 2017-06-03 04:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-13 14:13 - 2017-06-03 04:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-13 14:13 - 2017-06-03 04:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-13 14:13 - 2017-06-03 04:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-13 14:13 - 2017-06-03 04:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-13 14:13 - 2017-06-03 04:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-13 14:13 - 2017-06-03 04:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-13 14:13 - 2017-06-03 04:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-13 14:13 - 2017-06-03 04:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-13 14:13 - 2017-06-03 04:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-13 14:13 - 2017-06-03 04:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-13 14:13 - 2017-06-03 04:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-13 14:13 - 2017-06-03 04:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-13 14:13 - 2017-06-03 04:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-13 14:13 - 2017-06-03 04:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-13 14:13 - 2017-06-03 04:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-13 14:13 - 2017-06-03 04:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-13 14:13 - 2017-06-03 04:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-13 14:13 - 2017-06-03 04:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-13 14:13 - 2017-06-03 04:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-13 14:12 - 2017-06-03 06:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-13 14:12 - 2017-06-03 06:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-13 14:12 - 2017-06-03 06:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-13 14:12 - 2017-06-03 05:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-13 14:12 - 2017-06-03 05:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-13 14:12 - 2017-06-03 05:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-13 14:12 - 2017-06-03 05:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-13 14:12 - 2017-06-03 05:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-13 14:12 - 2017-06-03 05:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-13 14:12 - 2017-06-03 05:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-13 14:12 - 2017-06-03 05:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-13 14:12 - 2017-06-03 05:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-13 14:12 - 2017-06-03 05:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-13 14:12 - 2017-06-03 04:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-13 11:58 - 2017-06-13 11:58 - 00003310 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-06-13 11:58 - 2017-06-13 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-06-11 18:29 - 2017-06-11 18:29 - 00000000 ____D C:\Users\Motion\Documents\Apowersoft
2017-06-11 18:24 - 2017-06-11 20:28 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Apowersoft
2017-06-11 18:24 - 2017-06-11 18:29 - 00000000 ____D C:\ProgramData\Apowersoft
2017-06-11 14:05 - 2017-06-11 14:05 - 00000222 _____ C:\Users\Motion\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
2017-06-11 13:20 - 2017-06-11 13:20 - 00000022 _____ C:\WINDOWS\GPU-Z.INI
2017-06-09 17:48 - 2017-06-07 21:45 - 00512960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 40201664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 35390584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 35281344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 28624320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 11056272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 11028664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 10551256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 09248144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 09014976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 08808488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 04115112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 03796928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 03625992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 03256440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438253.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 01606776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438253.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 01278712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 01275944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 01056888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00994240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00993360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00964216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00914880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00775864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00688784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00584128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-06-09 17:46 - 2017-06-07 21:45 - 00045976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-06-08 22:09 - 2017-06-08 22:09 - 00000000 ____D C:\Users\Motion\AppData\Local\DBG
2017-06-08 14:56 - 2017-06-08 14:56 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-06 18:29 - 2017-06-14 13:13 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{14BC3DE3-D17C-4A7F-A60A-C358D15834E8}
2017-06-06 18:24 - 2017-06-14 15:22 - 00003248 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
2017-06-06 18:24 - 2017-06-06 18:24 - 00003396 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-06-06 12:42 - 2017-06-06 12:42 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2017-06-06 12:41 - 2017-06-06 12:41 - 00000000 ____D C:\WINDOWS\PCHEALTH
2017-06-06 12:41 - 2017-06-06 12:41 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-06-06 12:41 - 2017-06-06 12:41 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-06-05 15:31 - 2017-06-05 15:31 - 00000000 ____D C:\Windows.old
2017-06-05 15:30 - 2017-06-05 15:30 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-06-05 15:30 - 2017-06-05 15:30 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-06-05 15:30 - 2017-06-05 15:30 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-06-05 15:30 - 2017-06-05 15:30 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-06-05 15:30 - 2017-06-05 15:30 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-05 15:30 - 2017-06-05 15:30 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-06-05 15:30 - 2017-06-05 15:30 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-06-05 15:30 - 2017-06-05 15:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-06-05 15:30 - 2017-06-05 15:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-05 15:30 - 2017-06-05 15:30 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-05 15:30 - 2017-06-05 15:30 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-05 15:30 - 2017-06-05 15:30 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-05 15:28 - 2017-06-05 11:34 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-06-05 15:27 - 2017-06-05 15:27 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-06-05 15:26 - 2017-06-05 15:26 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\Program Files\MSBuild
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-06-05 15:26 - 2017-06-05 15:26 - 00000000 ____D C:\inetpub
2017-06-05 15:26 - 2017-02-10 15:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-06-05 15:26 - 2017-02-10 15:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-06-05 15:26 - 2017-02-10 15:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-06-05 15:26 - 2017-02-10 15:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-06-05 15:26 - 2017-02-10 15:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-06-05 15:26 - 2017-02-10 15:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-06-05 11:49 - 2017-06-05 11:49 - 00000000 ____D C:\ProgramData\USOShared
2017-06-05 11:47 - 2017-06-05 11:47 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-05 11:46 - 2017-06-05 11:46 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-06-05 11:45 - 2017-06-05 11:45 - 00000020 ___SH C:\Users\Motion\ntuser.ini
2017-06-05 11:44 - 2017-06-14 15:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2017-06-05 11:44 - 2017-06-05 11:44 - 00000000 _SHDL C:\Users\Default\My Documents
2017-06-05 11:42 - 2017-06-14 15:50 - 00016821 _____ C:\WINDOWS\diagwrn.xml
2017-06-05 11:42 - 2017-06-14 15:50 - 00013338 _____ C:\WINDOWS\diagerr.xml
2017-06-05 11:39 - 2017-06-14 15:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-05 11:38 - 2017-06-05 11:38 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-06-05 11:36 - 2017-06-05 11:38 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-06-05 11:36 - 2017-06-05 11:36 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-06-05 11:36 - 2017-03-18 16:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-06-05 11:35 - 2017-06-14 15:25 - 01362280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-05 11:35 - 2017-06-14 15:07 - 00000000 ____D C:\Users\Motion
2017-06-05 11:35 - 2017-06-08 14:56 - 00000000 ____D C:\Users\DefaultAppPool
2017-06-05 11:35 - 2017-06-05 11:35 - 00975864 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\Motion\My Documents
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\Motion\Documents\My Videos
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\Motion\Documents\My Pictures
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\Motion\Documents\My Music
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2017-06-05 11:35 - 2017-06-05 11:35 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2017-06-05 11:34 - 2017-06-14 17:02 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-05 11:34 - 2017-06-14 15:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-05 11:34 - 2017-06-13 21:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-05 11:34 - 2017-06-13 19:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-06-05 11:34 - 2017-06-13 14:30 - 00258736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-05 11:34 - 2017-06-07 20:01 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-06-05 11:34 - 2017-06-07 19:55 - 06467008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-06-05 11:34 - 2017-06-07 19:55 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-06-05 11:34 - 2017-06-07 19:55 - 01762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-06-05 11:34 - 2017-06-07 19:55 - 00549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-06-05 11:34 - 2017-06-07 19:55 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-06-05 11:34 - 2017-06-07 19:55 - 00082040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-06-05 11:34 - 2017-06-07 19:55 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-06-05 11:34 - 2017-06-07 08:42 - 08075477 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-06-05 11:34 - 2017-06-05 11:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-05 11:34 - 2017-06-05 11:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-06-05 11:34 - 2017-06-05 11:34 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-06-05 11:34 - 2017-06-05 11:34 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-06-05 11:34 - 2017-06-05 11:34 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-06-05 11:34 - 2017-06-05 11:34 - 00000000 ____D C:\Program Files\Realtek
2017-06-04 16:38 - 2017-06-14 15:50 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-29 23:24 - 2017-05-29 23:24 - 00000000 ____D C:\Users\Motion\AppData\Local\Thalonet,_Inc._dba_Haste
2017-05-29 23:24 - 2017-05-29 23:24 - 00000000 ____D C:\Users\Motion\AppData\Local\Haste
2017-05-29 23:24 - 2017-05-29 23:24 - 00000000 ____D C:\Program Files\Haste
2017-05-29 23:24 - 2017-05-29 23:24 - 00000000 _____ C:\WINDOWS\system32\cd
2017-05-27 18:44 - 2017-05-27 18:44 - 00000221 _____ C:\Users\Motion\Desktop\Audiosurf.url
2017-05-22 16:50 - 2017-06-07 21:45 - 01615448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-05-22 16:50 - 2017-06-07 21:45 - 00218712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-05-22 16:50 - 2017-06-07 21:45 - 00045163 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-22 16:50 - 2017-05-18 03:35 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438233.dll
2017-05-22 16:50 - 2017-05-18 03:35 - 01606592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438233.dll
2017-05-22 16:50 - 2017-05-18 03:35 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-22 16:50 - 2017-05-18 03:35 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-22 16:50 - 2017-05-18 03:35 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-22 16:35 - 2017-05-03 16:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-22 16:35 - 2017-05-03 16:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-22 16:35 - 2017-05-03 16:21 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-20 19:20 - 2017-05-20 19:20 - 00102608 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SY1
2017-05-20 12:47 - 2017-06-09 12:46 - 00000000 ____D C:\Users\Motion\AppData\LocalLow\uTorrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-14 17:02 - 2017-04-14 15:03 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Spotify
2017-06-14 17:00 - 2016-03-28 19:21 - 00000000 ____D C:\Users\Motion\AppData\Local\NPE
2017-06-14 15:57 - 2017-05-06 14:06 - 00000000 ____D C:\Users\Motion\Desktop\OpenHardwareMonitor
2017-06-14 15:05 - 2013-12-16 19:30 - 00000000 ____D C:\Users\Motion\AppData\Local\Battle.net
2017-06-14 13:31 - 2013-12-16 19:31 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2017-06-14 13:18 - 2013-12-16 19:30 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-14 01:39 - 2017-03-18 07:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-14 01:39 - 2013-12-16 19:38 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-13 22:47 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-13 22:47 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-13 21:37 - 2013-12-19 14:34 - 00000000 ____D C:\Users\Motion\AppData\Local\CrashDumps
2017-06-13 21:27 - 2017-05-12 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-13 21:27 - 2017-05-10 14:11 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-13 21:27 - 2017-03-18 17:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-13 14:37 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-13 14:32 - 2015-07-30 01:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-13 14:29 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-13 14:29 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-13 14:17 - 2013-12-19 04:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-13 14:15 - 2013-12-19 04:35 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-13 14:14 - 2017-03-18 16:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-13 12:09 - 2017-03-18 17:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-13 12:02 - 2013-12-16 18:00 - 00000000 ____D C:\Program Files (x86)\Samsung Magician
2017-06-13 11:58 - 2013-12-16 17:54 - 00000000 ____D C:\ProgramData\Samsung
2017-06-12 22:29 - 2015-09-26 02:02 - 00000000 ____D C:\Users\Motion\AppData\Roaming\discord
2017-06-12 20:19 - 2016-11-21 21:18 - 00000000 ____D C:\Users\Motion\AppData\Roaming\steelseries-engine-3-client
2017-06-12 19:37 - 2017-03-18 07:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2017-06-12 03:03 - 2015-07-19 04:36 - 00000000 ___RD C:\Users\Motion\Google Drive
2017-06-11 21:16 - 2013-12-16 20:37 - 00000000 ____D C:\Users\Motion\AppData\Roaming\vlc
2017-06-11 21:12 - 2016-09-16 03:32 - 00000000 ____D C:\Users\Motion\Desktop\ViperRipper
2017-06-11 14:05 - 2015-10-05 15:56 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-09 19:05 - 2014-01-03 17:56 - 00000000 ____D C:\Users\Motion\AppData\Roaming\TS3Client
2017-06-09 17:50 - 2016-04-15 14:59 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-06-09 04:11 - 2013-12-22 17:55 - 00000000 ____D C:\Users\Motion\AppData\Roaming\TeamViewer
2017-06-08 13:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-07 21:45 - 2017-05-12 16:04 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-06-07 21:45 - 2017-03-18 22:31 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-06-07 21:21 - 2017-04-14 16:47 - 00000000 ____D C:\Users\Motion\AppData\Roaming\obs-studio
2017-06-06 18:49 - 2015-07-18 15:38 - 00000000 ____D C:\Program Files\Common Files\AV
2017-06-06 18:24 - 2017-03-15 02:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2017-06-06 18:24 - 2017-03-15 02:41 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64
2017-06-06 11:04 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-06-05 15:33 - 2017-03-18 17:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-06-05 15:31 - 2017-03-18 17:06 - 00000000 ____D C:\WINDOWS\Setup
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-05 15:31 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-05 15:31 - 2017-03-18 07:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-06-05 15:26 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-06-05 15:26 - 2017-03-18 16:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-06-05 15:26 - 2017-03-18 16:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-06-05 15:26 - 2017-03-18 16:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-06-05 15:26 - 2017-03-18 16:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-06-05 15:26 - 2017-03-18 16:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-06-05 15:26 - 2017-03-18 16:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-06-05 15:26 - 2017-03-18 16:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-06-05 15:26 - 2017-03-18 16:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-06-05 15:26 - 2017-03-18 16:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-06-05 15:26 - 2017-03-18 16:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-06-05 15:26 - 2017-03-18 16:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-06-05 15:26 - 2017-03-18 16:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-06-05 15:26 - 2017-03-18 16:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-06-05 15:26 - 2017-03-18 16:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-06-05 15:26 - 2017-03-18 16:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-06-05 15:26 - 2017-03-18 16:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-06-05 15:26 - 2017-03-18 16:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-06-05 15:26 - 2017-03-18 16:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-06-05 15:26 - 2017-03-18 16:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-06-05 15:26 - 2017-03-18 16:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-06-05 15:26 - 2017-03-18 16:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-06-05 15:26 - 2017-03-18 16:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-06-05 15:26 - 2017-03-18 16:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-06-05 12:01 - 2015-07-30 01:21 - 00000000 ____D C:\Users\Motion\AppData\Local\Packages
2017-06-05 11:50 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Registration
2017-06-05 11:49 - 2017-03-18 17:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-06-05 11:47 - 2015-07-30 01:23 - 00002401 _____ C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-05 11:47 - 2015-07-30 01:23 - 00000000 ___RD C:\Users\Motion\OneDrive
2017-06-05 11:45 - 2017-03-18 17:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-05 11:45 - 2016-08-03 15:59 - 00000000 ____D C:\Users\Motion\AppData\Local\ConnectedDevicesPlatform
2017-06-05 11:43 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-06-05 11:42 - 2017-04-06 18:34 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape
2017-06-05 11:42 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-06-05 11:41 - 2017-03-18 22:31 - 00000000 ____D C:\WINDOWS\HoloShell
2017-06-05 11:41 - 2017-03-18 17:03 - 00000000 __RSD C:\WINDOWS\Media
2017-06-05 11:41 - 2017-03-18 17:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-05 11:41 - 2017-03-18 17:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-05 11:41 - 2015-07-30 01:20 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-06-05 11:41 - 2013-12-16 17:51 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-05 11:41 - 2013-12-16 17:51 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-06-05 11:39 - 2017-03-18 17:03 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-05 11:38 - 2017-05-12 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-06-05 11:38 - 2017-05-03 13:43 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-05 11:38 - 2017-04-14 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2017-06-05 11:38 - 2017-04-06 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-05 11:38 - 2017-03-23 02:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2017-06-05 11:38 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-06-05 11:38 - 2016-12-30 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-06-05 11:38 - 2016-10-06 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-06-05 11:38 - 2016-04-15 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2017-06-05 11:38 - 2015-10-31 00:16 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ixale
2017-06-05 11:38 - 2015-09-25 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoldWave
2017-06-05 11:38 - 2015-08-14 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Cutter
2017-06-05 11:38 - 2015-07-19 04:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-06-05 11:38 - 2015-04-30 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
2017-06-05 11:38 - 2014-12-23 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-06-05 11:38 - 2014-12-12 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2017-06-05 11:38 - 2014-11-16 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-06-05 11:38 - 2014-08-12 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2017-06-05 11:38 - 2014-02-17 12:48 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parsec
2017-06-05 11:38 - 2014-01-20 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoreCraft
2017-06-05 11:38 - 2014-01-03 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-06-05 11:38 - 2013-12-24 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
2017-06-05 11:38 - 2013-12-24 02:46 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhoreCraft
2017-06-05 11:38 - 2013-12-18 00:44 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-05 11:38 - 2013-12-18 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-06-05 11:38 - 2013-12-16 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-06-05 11:38 - 2013-12-16 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-05 11:38 - 2013-12-16 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-06-05 11:38 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-06-05 11:37 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-06-05 11:36 - 2017-05-05 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beats by Dr. Dre
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\System
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\schemas
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Resources
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-05 11:36 - 2017-03-18 17:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-06-05 11:36 - 2016-11-21 21:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2017-06-05 11:36 - 2016-06-04 23:07 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2017-06-05 11:36 - 2016-04-24 03:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-06-05 11:36 - 2015-09-30 03:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2017-06-05 11:36 - 2015-09-26 02:02 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-06-05 11:36 - 2015-09-23 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries
2017-06-05 11:36 - 2014-07-29 05:26 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-06-05 11:36 - 2013-12-25 10:00 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2017-06-05 11:36 - 2013-12-17 16:32 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-06-05 11:36 - 2013-12-17 16:32 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-06-05 11:36 - 2013-12-17 00:14 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESEA
2017-06-05 11:36 - 2013-12-17 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESEA
2017-06-05 11:36 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Microsoft Games
2017-06-05 11:34 - 2017-03-18 17:03 - 00000000 ____D C:\WINDOWS\Help
2017-06-05 11:34 - 2017-03-18 07:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-06-05 04:51 - 2017-03-18 23:20 - 00000000 ___HD C:\$WINDOWS.~BT
2017-06-03 02:32 - 2017-03-18 17:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 02:32 - 2017-03-18 17:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-03 00:31 - 2013-12-16 20:37 - 00001135 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-02 01:36 - 2013-12-16 20:04 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Mumble
2017-05-29 23:24 - 2014-04-25 01:32 - 00000000 ____D C:\Users\Motion\AppData\Local\Downloaded Installations
2017-05-25 14:06 - 2016-11-21 20:18 - 00000290 _____ C:\Users\Motion\Desktop\Overwatch smurf CDkey.txt
2017-05-22 16:35 - 2017-05-12 16:06 - 00001481 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-05-22 16:35 - 2017-05-12 15:46 - 00000000 ____D C:\Users\Motion\AppData\Local\NVIDIA Corporation
2017-05-21 15:57 - 2014-01-03 17:52 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-20 19:20 - 2017-03-15 02:41 - 00008339 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-05-20 00:59 - 2017-05-12 16:08 - 00000000 ____D C:\Users\Motion\AppData\Roaming\NVIDIA
2017-05-17 16:12 - 2013-12-16 19:30 - 00000000 ____D C:\Users\Motion\AppData\Roaming\Battle.net

==================== Files in the root of some directories =======

2014-01-26 01:30 - 2014-01-26 03:05 - 0036864 _____ () C:\Users\Motion\AppData\Roaming\RZR_0020302140998bb89f44a8ccec1d.db
2016-09-12 23:59 - 2016-09-13 00:12 - 0004012 _____ () C:\Users\Motion\AppData\Roaming\VoiceMeeterDefault.xml
2015-06-01 03:52 - 2015-06-01 03:52 - 0007605 _____ () C:\Users\Motion\AppData\Local\Resmon.ResmonCfg
2017-06-05 11:34 - 2017-06-05 11:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-05-22 16:52 - 2017-05-18 01:21 - 0754864 _____ (NVIDIA Corporation) C:\Users\Motion\AppData\Local\Temp\nvSCPAPI.dll
2017-05-22 16:52 - 2017-05-18 01:21 - 0869200 _____ (NVIDIA Corporation) C:\Users\Motion\AppData\Local\Temp\nvSCPAPI64.dll
2017-06-09 17:47 - 2017-05-18 01:21 - 0367552 _____ (NVIDIA Corporation) C:\Users\Motion\AppData\Local\Temp\nvStInst.exe
2017-05-19 15:42 - 2017-05-19 15:42 - 14608752 _____ (Samsung Electronics ) C:\Users\Motion\AppData\Local\Temp\Samsung_Magician_Installer.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-05 11:33

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-06-2017
Ran by Motion (14-06-2017 17:09:41)
Running from C:\Users\Motion\Downloads
Windows 10 Pro Version 1703 (X64) (2017-06-05 15:44:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1442195442-3689054388-281515-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1442195442-3689054388-281515-503 - Limited - Disabled)
Guest (S-1-5-21-1442195442-3689054388-281515-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1442195442-3689054388-281515-1002 - Limited - Enabled)
Motion (S-1-5-21-1442195442-3689054388-281515-1000 - Administrator - Enabled) => C:\Users\Motion

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Suite (Enabled - Up to date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security Suite (Enabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Ansel (Version: 382.53 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.)
ASUS GPU TweakII (x32 Version: 1.3.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.)
Audiosurf (HKLM\...\Steam App 12900) (Version: - Dylan Fitterer)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beats Updater (HKLM-x32\...\{321BEA75-4A58-4A42-911F-24933AE3E077}) (Version: 3.1.9.0 - Apple Inc.)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blue Satin Skin (HKLM-x32\...\{B0C00181-ECF5-4124-A6DE-14EA663D4799}) (Version: 2.2.0 - Screaming Bee)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.88 - NCH Software)
Discord (HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
FLV Cutter 1.0 (HKLM-x32\...\FLV Cutter_is1) (Version: - spgsoft.com)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GoldWave v6.15 (HKLM\...\GoldWave v6.15) (Version: 6.15 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
HD Video Converter Factory Pro 8.6 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 8.6 - WonderFox Soft, Inc.)
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_10.0.26.0396) (Version: 10.0.26.0396 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): Core (x32 Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration (x32 Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): User Segmentation (x32 Version: 10.0.26.396 - Intel Corporation) Hidden
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word 2010 (HKLM-x32\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Mumble 1.2.17 (HKLM-x32\...\{95A0093C-0C81-4D0B-BCA7-3CE11755A6BD}) (Version: 1.2.17 - Thorvald Natvig)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.9.4.8 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Parsec (HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\a53dc3b81e52c50e) (Version: 1.0.0.53 - Parsec)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarParse (HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\{fxApplication}}_is1) (Version: 1.0 - Ixale)
SteelSeries Engine 3.9.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.9.2 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 4.14 - UNKNOWN)
Warcraft Logs Uploader (x32 Version: 4.14 - UNKNOWN) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Apple, Inc. (KernelModeUSB) USBDevice (03/30/2017 11.40.49.146) (HKLM\...\183E383A1862B0622EB93E70D34D830E28AFFBAA) (Version: 03/30/2017 11.40.49.146 - Apple, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\ChromeHTML: -> <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {072BDFAF-E5F8-4D4F-9B0D-076F90BB2444} - \ASUS\ASUS Product Register Service -> No File <==== ATTENTION
Task: {07D824AF-EBA5-46F6-84D4-5DBDCAEDAE2B} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\WSCStub.exe [2017-05-26] (Symantec Corporation)
Task: {08429F2E-4C7D-43F2-8DD9-598229681D3B} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {0A381A6A-2C98-4B44-A1E3-C98C55C733C5} - \{F390DCB0-A4B5-4D58-BEB0-FCD78DC2EF7D} -> No File <==== ATTENTION
Task: {0C608C29-961F-4F3F-9B94-A7EC19685F5A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1179ED30-56C8-48B8-9B77-2A0916F4104B} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {12132F44-FE16-4473-BD76-2889C886F04D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {17F18DA4-9145-4AD0-84EB-A83826383E4A} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {18817394-C0FE-41E2-A99F-5AA74CAC10DC} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {19EFE6D2-E76D-4B84-A9DA-33887E15D16E} - System32\Tasks\Norton 360\Norton Security Suite Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {1B81E26A-ED95-43D0-9A09-F5B8BCD82977} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {1C2783C7-F0BD-4F4D-9F40-8ECC38D5FC36} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION
Task: {1DBF876E-AD40-48FE-9667-CD8FEB6F92CC} - System32\Tasks\Norton 360\Norton Security Suite Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {1F5466D9-2DFE-4841-9B8A-8126CAC93B32} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {23BA308B-A6F7-4950-8AE0-06082CAD336B} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {25AB2E25-1DDD-4F30-ACD2-A12A986457D4} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION
Task: {2A0EDCC3-4419-402E-9CD6-B9F4164B7926} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {323D8B00-0D7B-4271-A17C-F0364220CC02} - \Norton Security Suite\Norton Error Analyzer -> No File <==== ATTENTION
Task: {336C6AB1-88A9-4FF2-B095-15EDBFDFE1DB} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {3D94AAAC-F1DA-44A1-A007-A51980E10CA0} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION
Task: {48E567D4-E9ED-4789-9EC1-80848BFC5A0F} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {4904050F-939C-4327-952C-F2B252AC9C33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {490A4C7C-C50F-40F4-8F54-2BB79897142D} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {4A053736-D52E-46FB-AC33-D5900E16ECE7} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {4E0476A8-D3AC-46CB-A57F-07EFF987FADB} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {50A08BCA-F67A-475E-BF58-E073F060839F} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff -> No File <==== ATTENTION
Task: {5233F96F-F36F-4D06-90C7-9C051913656D} - \WPD\SqmUpload_S-1-5-21-1442195442-3689054388-281515-1000 -> No File <==== ATTENTION
Task: {528F6781-A23B-4F3B-B61E-2B7666314E37} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {5AA011EA-2456-499C-AFF5-5809A8364004} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {5E721D19-BC16-4B70-B9EB-EC5DC8D464D3} - \Norton Security Suite\Norton Error Processor -> No File <==== ATTENTION
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {61E554C9-AB30-4BC5-BB6D-83D31FEA3FED} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6A6B9D47-1652-4628-BD49-C98876C26561} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {6A8F16CC-23F9-4949-B411-BEBB504C176A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {6BFD247C-FC07-48D1-8583-4A24E4999252} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6F3F97AD-E4F3-40E2-A9C8-61D7270E4BF0} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {734DDA58-0005-42F4-A1F3-4E8D5B6DE09A} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {7502C703-6198-4C20-969E-F883DA9E3462} - \NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {775FF797-5F82-462D-946A-74B09848DAE8} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {7998AE30-CFF0-47DB-A34D-AD0EB0AD7789} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {799DF890-412D-4092-8FEB-98283E56C85A} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {7E95BED2-0EB0-48C1-8309-88C7766F5AD6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7FCA810C-B51F-4B7F-8F8A-31A5F543C102} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {81DAEAB6-6529-4C32-B611-1EF7F7548E13} - \NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {884A8E87-C6A7-44A3-B98C-E4E224C03011} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2017-05-26] (Symantec Corporation)
Task: {8913E5DD-CF9E-4E06-8217-F20B7FDE1FF0} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {8B025B54-5496-40E4-8D6A-B1067EE5A7D1} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {8B2D34F0-1750-47E0-A7BA-C84BE5B29723} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {93AC721B-C482-48CF-81FC-AF25BE551556} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {94C19A6A-E501-4E37-90DD-AE3A34A84008} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION
Task: {9B6C36CA-EB3F-49B6-AF55-FC0C2F7D5B00} - System32\Tasks\Norton 360\Norton Security Suite Autofix => C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\SymErr.exe [2017-05-11] (Symantec Corporation)
Task: {9E7ADBB1-E801-4B12-B304-D3885A47F687} - \NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A364E297-00AD-490D-900E-22AC34598C71} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {A3828C25-B37D-474D-BFE4-6A09E52D680E} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {A6268224-6D82-4582-95FD-44A57B809970} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {A62CC689-308F-407C-AED4-0ED1B52F3459} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {B022DDCD-37DB-4653-8788-2A0F1B682E17} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 -> No File <==== ATTENTION
Task: {B3936E47-5E06-491A-A987-7C6C265403D6} - \Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval -> No File <==== ATTENTION
Task: {BFDA0A39-0BA5-4424-A52A-F304C64D297B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C4161F9F-C3F4-49BF-990A-5A6F9D70C2A3} - \Microsoft\Windows\RemovalTools\MRT_HB -> No File <==== ATTENTION
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 -> No File <==== ATTENTION
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork -> No File <==== ATTENTION
Task: {D323D1CB-5535-4FC4-9BAA-0DC06D66C7B9} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {D67F303B-0B6D-4A7D-B251-D40DF1971360} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D7DFFA31-FC51-4CE0-9F34-CB02C81A4E84} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {E6010D43-6AE7-4B59-8E67-EC78FD8E8E96} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> No File <==== ATTENTION
Task: {E6600707-C14B-4E9B-A0BC-63281D225B5F} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {E7C11A0B-8A42-48DE-A741-FD40502C9068} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E8A1718D-6448-4414-97F8-0CC236CBDE86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E94BB589-63B9-4442-8591-ECEE37FFB809} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E9CC1CB3-E17F-46C4-9E5B-B34E364BDE5F} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {EF6E6ABB-419F-40F8-8078-41973FE962CD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F1A34B79-7056-457A-9E3B-69374ED42DB9} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {F4556879-705F-47BD-B2F5-615802BD197F} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2016-09-01] (TODO: <Company name>)
Task: {F66B98E1-4E4A-4334-AF59-D76A14BBB656} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F93A29D0-09F9-40BD-B783-98C799EA7DBB} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-05 04:13 - 2015-09-24 05:56 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-05-12 16:05 - 2017-05-03 16:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-18 16:58 - 2017-03-18 16:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 16:59 - 2017-03-18 22:30 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-11 12:45 - 2017-05-09 05:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-11 12:45 - 2017-05-09 05:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-12 16:05 - 2017-05-03 16:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-12 16:05 - 2017-05-03 16:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [964]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-10-11 23:37 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1442195442-3689054388-281515-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Motion\Pictures\avatar-2009.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{440B806B-1311-4C20-9164-87E8A796921D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{3E790E2C-C675-4D59-8B96-75D5D868ED57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Audiosurf\engine\QuestViewer.exe
FirewallRules: [{055CDAAE-D29E-47F8-9BFD-E98B4AAA33EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7468F1B6-0296-49E8-8991-869F74BEBBA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2086DE96-EB9B-42A1-925F-8A45C077BF9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{312E05E3-4F23-43E1-8F50-913BCC9AEFFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FC11106D-FCCF-4AF1-B957-4A254FFA209B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A64FAA69-946C-4835-8F73-3F774B0A35F5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{64466A77-1E5A-4DE2-928B-880F5DE4E2FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2082E10D-9AA1-4663-8402-B8602E4CFFAD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{44894860-84E8-4E6B-B1EB-EFE013376CA4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0EBFE818-B6E7-4F86-A845-F02DBD8505C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{256FC810-343E-4370-BC5E-01AAECF6BE09}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{F5D0ADFB-E850-4552-A5D8-F3A467FED992}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{FF8C74B2-5B99-4535-8173-56637B77C124}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{F7FF5990-7329-4FD4-8610-3C64F79A7967}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{E53AD3AA-D89B-49A6-B138-4266FB43E951}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{567C0522-9DF3-4BB1-BAD0-EAA0E9ED51E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{8493B0AA-4AE5-4186-BBE4-B801DF955A4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{B466C5F1-ED7F-4AF5-A91B-03D5E6802FEC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{7337CAC3-90AB-4133-8A58-2EE5E586101D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{A43909B4-1479-41CA-978C-52DEEE2BD78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{709C1687-6B5C-4D54-80AB-84FA1B1EAE0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4F4E4FDD-DE2F-4459-8D38-2D10E99CDAD0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F292DFAD-7837-4D73-9D3C-D13686C15C54}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7BFE71AD-6440-4A83-806B-91446D246CAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B8B3E373-E025-44A1-BE4E-3A8056A1D1FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D8AF0063-A3E9-4AA0-8DFE-E23F291D8062}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41ECEB2B-5226-48D6-862F-F2461B001937}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60206C1E-7040-497A-A980-79211C3A878E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B673FE0C-552A-46F5-A992-2C2DFA7E83E3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5862A7D1-561D-4A1F-938B-ED913CE4D9D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D8BC28F5-BFD2-4F33-9234-BBD26B9F3BBB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{54F1A98E-2A85-45B4-8D2B-201E017ACB1A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{329DD9F9-15E6-4E02-840D-21EDD4C8492E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{B14DFB5B-090E-4D82-A5F0-D0DA3CE2F8E8}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{7AAD6409-5328-48B4-817E-8EAA832B8F83}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{EB501267-32D4-47DB-8699-ADE820377DE0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C3177010-2D5A-42F3-9D22-EF28911A0A2B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{14F6692E-8B58-4AB1-A94A-26125AF3175C}] => (Allow) C:\Users\Motion\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DDBC9A36-4516-46E1-BD3C-66EEB94CC585}] => (Allow) C:\Users\Motion\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B72B141E-6241-4F01-8AA3-12D93483475C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{83A844E7-1258-4C02-BF62-593F632FC4B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35DC62FB-B90F-4632-9557-FB5D7BE4B5A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{FFEE0560-3A9C-4D84-9F09-6279B69BB91E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BBEF6479-9D9E-4D00-BE6B-FD27CCBB6FD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{AD057AF0-58CD-4BA6-8867-68804132A59E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{79E842AD-9E3C-41E5-B20B-7E9AD309C92A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EDC1AEFB-C60F-48C2-AEA0-DE3E2167C4B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{74DAACE5-3833-499A-9855-4B1EF40BE407}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2B5A4C81-8A11-4A98-A787-10C492E3C0BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{74F22E20-8883-4BBF-9563-12BA3CC88CD0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7C02D978-D7B2-4478-A08C-5B6056A9F64B}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{D0A9FC78-4D57-4CB3-8201-9510D33E65CE}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{7D41D31C-7458-4136-95F3-F951EB2398B6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{03452DEA-816B-460A-B3C8-00515B09F2B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{FABFBF89-478E-41CD-9D63-FDF9345BD9C5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{35CFBC02-79A9-4C09-A2FA-609DB91EA172}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{C696FE80-4149-4DF9-9CFC-12A5D3CEF626}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{D5E4E172-DA07-40D9-BFFC-FA4F15057003}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{DFB7D873-462D-4025-905C-31E3374D191C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{FA3F9B17-D174-4B34-AC65-FF960FC7EC8A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe

==================== Restore Points =========================

13-06-2017 11:57:45 RAPID

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2017 04:18:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (06/13/2017 09:37:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x26dc
Faulting application start time: 0x01d2e4aec60e1d4f
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 363bf7ef-4c8f-47f8-b35f-07fa5de07827
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:37:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x107c
Faulting application start time: 0x01d2e4aec34f9906
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 487a4f0b-eefb-4c85-b608-054b6f9cc8b1
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:37:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x2488
Faulting application start time: 0x01d2e4aec13cf840
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 6457162d-6b48-4712-afef-55c086257e42
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:37:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x26e4
Faulting application start time: 0x01d2e4aebe41dcce
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 818a8e68-2a7a-43f4-a5a2-6166f54e2977
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:37:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x2514
Faulting application start time: 0x01d2e4aebc4df073
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 7c82853d-59d6-46ed-bd2c-d163959c3c9f
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:37:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x680
Faulting application start time: 0x01d2e4aeba1277b8
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 6b46decc-b2b7-40fa-894d-545372d8ad00
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:37:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x2c48
Faulting application start time: 0x01d2e4aeb798be04
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 8a1aceb5-e5b4-49bc-9a84-d061d3ed8fb1
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:36:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 1.0.1704.25001, time stamp: 0x58ff9585
Faulting module name: SharedLibrary.dll, version: 1.4.24201.0, time stamp: 0x574e6cd1
Exception code: 0x800700ce
Fault offset: 0x000000000041cf48
Faulting process id: 0x2be4
Faulting application start time: 0x01d2e4aeb53d0fcf
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.24201.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 3bb6fac9-a53a-4ab2-8265-0494a1fe0414
Faulting package full name: Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/13/2017 09:25:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Motion-PC.local already in use; will try Motion-PC-2.local instead


System errors:
=============
Error: (06/14/2017 05:01:59 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (06/14/2017 04:56:08 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the WMI Performance Adapter service, but this action failed with the following error:
An instance of the service is already running.

Error: (06/14/2017 04:54:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 12 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (06/14/2017 04:54:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WMI Performance Adapter service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (06/14/2017 03:21:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (06/14/2017 03:21:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (06/14/2017 03:21:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:05:11 PM on ‎6/‎14/‎2017 was unexpected.

Error: (06/14/2017 03:07:47 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (06/14/2017 02:45:05 PM) (Source: cdrom) (EventID: 7) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (06/14/2017 01:23:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Net.Msmq Listener Adapter service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.


CodeIntegrity:
===================================
Date: 2017-06-05 11:45:30.818
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-8350 Eight-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 8140 MB
Available physical RAM: 5653.92 MB
Total Virtual: 16332 MB
Available Virtual: 13704.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.35 GB) (Free:58.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: D753C7CB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

RogueKiller V12.11.2.0 (x64) [Jun 12 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.15063) 64 bits version
Started in : Normal mode
User : Motion [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 06/15/2017 12:22:24 (Duration : 00:27:10)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[PUP.Conduit|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\Software\Conduit -> Deleted
[PUP.Conduit|PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Conduit -> Deleted
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1442195442-3689054388-281515-1000\Software\1ClickDownload -> Deleted
[PUP.Conduit|PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1442195442-3689054388-281515-1000\Software\Conduit -> Deleted
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1442195442-3689054388-281515-1000\Software\PowerPack -> Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1442195442-3689054388-281515-1000\Software\1ClickDownload -> Deleted
[PUP.Conduit|PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1442195442-3689054388-281515-1000\Software\Conduit -> Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1442195442-3689054388-281515-1000\Software\PowerPack -> Deleted
[PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} -> Deleted

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://comcast.net/] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://comcast.net/] -> Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 EVO 250GB +++++
--- User ---
[MBR] ed5002abecbd40aed2df59ea8f472415
[BSP] 0214b96577a3369fc2850a72e8b533a3 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 237923 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 487473152 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- SM/xD Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Pro x64
Ran by Motion (Administrator) on Thu 06/15/2017 at 13:11:07.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\end (File)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 06/15/2017 at 13:13:22.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Motion (15-06-2017 13:33:11) Run:2
Running from C:\Users\Motion\Desktop
Loaded Profiles: Motion (Available Profiles: Motion & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
emptytemp:
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd)
SearchScopes: HKU\S-1-5-21-1442195442-3689054388-281515-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3321972&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPEC5877B5-1FCA-4417-B44A-201755B656F1&q={searchTerms}&SSPV=
BHO-x32: No Name -> {B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} -> No File
FF Extension: (Video DownloadHelper) - C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-31]
CHR HomePage: Default -> hxxp://comcast.net/
CHR StartupUrls: Default -> "hxxp://comcast.net/"
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-07] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath
2017-06-14 14:32 - 2017-06-14 14:32 - 01856832 _____ C:\Users\Motion\Downloads\DAZ LOADER WINDOWS 10 www.nvsoftwares.com.rar
C:\WINDOWS\System32\Tasks\SamsungMagician
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
C:\ProgramData\DP45977C.lfl
C:\Users\Motion\AppData\LocalLow\uTorrent
2014-01-26 01:30 - 2014-01-26 03:05 - 0036864 _____ () C:\Users\Motion\AppData\Roaming\RZR_0020302140998bb89f44a8ccec1d.db
HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\ChromeHTML: -> <==== ATTENTION
Task: {072BDFAF-E5F8-4D4F-9B0D-076F90BB2444} - \ASUS\ASUS Product Register Service -> No File <==== ATTENTION
Task: {08429F2E-4C7D-43F2-8DD9-598229681D3B} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION
Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION
Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION
Task: {0A381A6A-2C98-4B44-A1E3-C98C55C733C5} - \{F390DCB0-A4B5-4D58-BEB0-FCD78DC2EF7D} -> No File <==== ATTENTION
Task: {0C608C29-961F-4F3F-9B94-A7EC19685F5A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1179ED30-56C8-48B8-9B77-2A0916F4104B} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION
Task: {12132F44-FE16-4473-BD76-2889C886F04D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {17F18DA4-9145-4AD0-84EB-A83826383E4A} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION
Task: {18817394-C0FE-41E2-A99F-5AA74CAC10DC} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION
Task: {1B81E26A-ED95-43D0-9A09-F5B8BCD82977} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {1C2783C7-F0BD-4F4D-9F40-8ECC38D5FC36} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION
Task: {1F5466D9-2DFE-4841-9B8A-8126CAC93B32} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION
Task: {23BA308B-A6F7-4950-8AE0-06082CAD336B} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION
Task: {25AB2E25-1DDD-4F30-ACD2-A12A986457D4} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION
Task: {2A0EDCC3-4419-402E-9CD6-B9F4164B7926} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION
Task: {323D8B00-0D7B-4271-A17C-F0364220CC02} - \Norton Security Suite\Norton Error Analyzer -> No File <==== ATTENTION
Task: {336C6AB1-88A9-4FF2-B095-15EDBFDFE1DB} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION
Task: {3D94AAAC-F1DA-44A1-A007-A51980E10CA0} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - \Microsoft\Windows\Shell\WindowsParentalControlsMigration -> No File <==== ATTENTION
Task: {48E567D4-E9ED-4789-9EC1-80848BFC5A0F} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {4904050F-939C-4327-952C-F2B252AC9C33} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {490A4C7C-C50F-40F4-8F54-2BB79897142D} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION
Task: {4A053736-D52E-46FB-AC33-D5900E16ECE7} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION
Task: {4E0476A8-D3AC-46CB-A57F-07EFF987FADB} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION
Task: {50A08BCA-F67A-475E-BF58-E073F060839F} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff -> No File <==== ATTENTION
Task: {5233F96F-F36F-4D06-90C7-9C051913656D} - \WPD\SqmUpload_S-1-5-21-1442195442-3689054388-281515-1000 -> No File <==== ATTENTION
Task: {528F6781-A23B-4F3B-B61E-2B7666314E37} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {5AA011EA-2456-499C-AFF5-5809A8364004} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION
Task: {5E721D19-BC16-4B70-B9EB-EC5DC8D464D3} - \Norton Security Suite\Norton Error Processor -> No File <==== ATTENTION
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {61E554C9-AB30-4BC5-BB6D-83D31FEA3FED} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6A6B9D47-1652-4628-BD49-C98876C26561} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION
Task: {6A8F16CC-23F9-4949-B411-BEBB504C176A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {6BFD247C-FC07-48D1-8583-4A24E4999252} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6F3F97AD-E4F3-40E2-A9C8-61D7270E4BF0} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {734DDA58-0005-42F4-A1F3-4E8D5B6DE09A} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {7502C703-6198-4C20-969E-F883DA9E3462} - \NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {775FF797-5F82-462D-946A-74B09848DAE8} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {7998AE30-CFF0-47DB-A34D-AD0EB0AD7789} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION
Task: {799DF890-412D-4092-8FEB-98283E56C85A} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {7E95BED2-0EB0-48C1-8309-88C7766F5AD6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7FCA810C-B51F-4B7F-8F8A-31A5F543C102} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION
Task: {81DAEAB6-6529-4C32-B611-1EF7F7548E13} - \NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {8913E5DD-CF9E-4E06-8217-F20B7FDE1FF0} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION
Task: {8B025B54-5496-40E4-8D6A-B1067EE5A7D1} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {8B2D34F0-1750-47E0-A7BA-C84BE5B29723} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {93AC721B-C482-48CF-81FC-AF25BE551556} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {94C19A6A-E501-4E37-90DD-AE3A34A84008} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION
Task: {9E7ADBB1-E801-4B12-B304-D3885A47F687} - \NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A364E297-00AD-490D-900E-22AC34598C71} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {A3828C25-B37D-474D-BFE4-6A09E52D680E} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {A6268224-6D82-4582-95FD-44A57B809970} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION
Task: {A62CC689-308F-407C-AED4-0ED1B52F3459} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {B022DDCD-37DB-4653-8788-2A0F1B682E17} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 -> No File <==== ATTENTION
Task: {B3936E47-5E06-491A-A987-7C6C265403D6} - \Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval -> No File <==== ATTENTION
Task: {BFDA0A39-0BA5-4424-A52A-F304C64D297B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C4161F9F-C3F4-49BF-990A-5A6F9D70C2A3} - \Microsoft\Windows\RemovalTools\MRT_HB -> No File <==== ATTENTION
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 -> No File <==== ATTENTION
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork -> No File <==== ATTENTION
Task: {D323D1CB-5535-4FC4-9BAA-0DC06D66C7B9} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION
Task: {D67F303B-0B6D-4A7D-B251-D40DF1971360} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D7DFFA31-FC51-4CE0-9F34-CB02C81A4E84} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION
Task: {E6010D43-6AE7-4B59-8E67-EC78FD8E8E96} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> No File <==== ATTENTION
Task: {E6600707-C14B-4E9B-A0BC-63281D225B5F} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {E7C11A0B-8A42-48DE-A741-FD40502C9068} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E8A1718D-6448-4414-97F8-0CC236CBDE86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E94BB589-63B9-4442-8591-ECEE37FFB809} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {E9CC1CB3-E17F-46C4-9E5B-B34E364BDE5F} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {EF6E6ABB-419F-40F8-8078-41973FE962CD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F1A34B79-7056-457A-9E3B-69374ED42DB9} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {F4556879-705F-47BD-B2F5-615802BD197F} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2016-09-01] (TODO: <Company name>)
Task: {F66B98E1-4E4A-4334-AF59-D76A14BBB656} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F93A29D0-09F9-40BD-B783-98C799EA7DBB} - \Microsoft\Windows\Media Center\PeriodicScanRetry -> No File <==== ATTENTIO
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [964]
C:\WINDOWS\system32\Drivers\etc\hosts
Hosts:
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1442195442-3689054388-281515-1000\...\StartupApproved\Run: => "OneDrive"
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state On
CMD: ipconfig /flushdns
reboot:
end
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SecurityHealth => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe => value not found.
HKU\S-1-5-21-1442195442-3689054388-281515-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value not found.
HKU\S-1-5-21-1442195442-3689054388-281515-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => key not found.
HKLM\Software\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} => key not found.
HKLM\Software\Wow6432Node\Classes\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} => key not found.
C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi => not found.
Chrome HomePage => not found.
Chrome StartupUrls => not found.
NvTelemetryContainer => service not found.
Sense => service not found.
WdNisSvc => service not found.
WinDefend => service not found.
idsvc => service not found.
"C:\Users\Motion\Downloads\DAZ LOADER WINDOWS 10 www.nvsoftwares.com.rar" => not found.
"C:\WINDOWS\System32\Tasks\SamsungMagician" => not found.
"C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2" => not found.
"C:\ProgramData\DP45977C.lfl" => not found.
"C:\Users\Motion\AppData\LocalLow\uTorrent" => not found.
"C:\Users\Motion\AppData\Roaming\RZR_0020302140998bb89f44a8ccec1d.db" => not found.
HKU\S-1-5-21-1442195442-3689054388-281515-1000_Classes\ChromeHTML => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{072BDFAF-E5F8-4D4F-9B0D-076F90BB2444} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS\ASUS Product Register Service => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08429F2E-4C7D-43F2-8DD9-598229681D3B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A381A6A-2C98-4B44-A1E3-C98C55C733C5} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F390DCB0-A4B5-4D58-BEB0-FCD78DC2EF7D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C608C29-961F-4F3F-9B94-A7EC19685F5A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1179ED30-56C8-48B8-9B77-2A0916F4104B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12132F44-FE16-4473-BD76-2889C886F04D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17F18DA4-9145-4AD0-84EB-A83826383E4A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18817394-C0FE-41E2-A99F-5AA74CAC10DC} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B81E26A-ED95-43D0-9A09-F5B8BCD82977} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C2783C7-F0BD-4F4D-9F40-8ECC38D5FC36} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F5466D9-2DFE-4841-9B8A-8126CAC93B32} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23BA308B-A6F7-4950-8AE0-06082CAD336B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25AB2E25-1DDD-4F30-ACD2-A12A986457D4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A0EDCC3-4419-402E-9CD6-B9F4164B7926} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{323D8B00-0D7B-4271-A17C-F0364220CC02} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Suite\Norton Error Analyzer => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{336C6AB1-88A9-4FF2-B095-15EDBFDFE1DB} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D94AAAC-F1DA-44A1-A007-A51980E10CA0} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4520E8A9-AF06-4122-859B-E4B655B29B36} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID\SmartScreenSpecific => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{486D715E-6AA2-44CF-BC48-B6990CBB53C6} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControlsMigration => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E567D4-E9ED-4789-9EC1-80848BFC5A0F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4904050F-939C-4327-952C-F2B252AC9C33} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{490A4C7C-C50F-40F4-8F54-2BB79897142D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A053736-D52E-46FB-AC33-D5900E16ECE7} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E0476A8-D3AC-46CB-A57F-07EFF987FADB} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50A08BCA-F67A-475E-BF58-E073F060839F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51B7FB15-4DCB-400E-9A98-10E802F21FB3} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5233F96F-F36F-4D06-90C7-9C051913656D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1442195442-3689054388-281515-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{528F6781-A23B-4F3B-B61E-2B7666314E37} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AA011EA-2456-499C-AFF5-5809A8364004} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E721D19-BC16-4B70-B9EB-EC5DC8D464D3} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Suite\Norton Error Processor => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{611C823C-437B-46E7-9683-5312DFFCFD7B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Policy Install => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61E554C9-AB30-4BC5-BB6D-83D31FEA3FED} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A6B9D47-1652-4628-BD49-C98876C26561} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A8F16CC-23F9-4949-B411-BEBB504C176A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BFD247C-FC07-48D1-8583-4A24E4999252} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F3F97AD-E4F3-40E2-A9C8-61D7270E4BF0} => key not found.
C:\WINDOWS\System32\Tasks\SamsungMagician => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SamsungMagician => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{734DDA58-0005-42F4-A1F3-4E8D5B6DE09A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7502C703-6198-4C20-969E-F883DA9E3462} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{775FF797-5F82-462D-946A-74B09848DAE8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7998AE30-CFF0-47DB-A34D-AD0EB0AD7789} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{799DF890-412D-4092-8FEB-98283E56C85A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E95BED2-0EB0-48C1-8309-88C7766F5AD6} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FCA810C-B51F-4B7F-8F8A-31A5F543C102} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81DAEAB6-6529-4C32-B611-1EF7F7548E13} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{848DCC36-520C-4946-BF68-C7EFFEFA2F84} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8913E5DD-CF9E-4E06-8217-F20B7FDE1FF0} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B025B54-5496-40E4-8D6A-B1067EE5A7D1} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2D34F0-1750-47E0-A7BA-C84BE5B29723} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93AC721B-C482-48CF-81FC-AF25BE551556} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94C19A6A-E501-4E37-90DD-AE3A34A84008} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\XblGameSave\XblGameSaveTaskLogon => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E7ADBB1-E801-4B12-B304-D3885A47F687} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A364E297-00AD-490D-900E-22AC34598C71} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3828C25-B37D-474D-BFE4-6A09E52D680E} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6268224-6D82-4582-95FD-44A57B809970} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A62CC689-308F-407C-AED4-0ED1B52F3459} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B022DDCD-37DB-4653-8788-2A0F1B682E17} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B320E058-C6FA-413F-876B-0C9B4428AE66} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3936E47-5E06-491A-A987-7C6C265403D6} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFDA0A39-0BA5-4424-A52A-F304C64D297B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4161F9F-C3F4-49BF-990A-5A6F9D70C2A3} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemovalTools\MRT_HB => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6B2579B-4962-4D12-883D-BBD420573A6C} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Plug and Play\Plug and Play Cleanup => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D19A2726-897E-4F7D-9CE4-0773B449CE9E} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D323D1CB-5535-4FC4-9BAA-0DC06D66C7B9} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D67F303B-0B6D-4A7D-B251-D40DF1971360} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7DFFA31-FC51-4CE0-9F34-CB02C81A4E84} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6010D43-6AE7-4B59-8E67-EC78FD8E8E96} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6600707-C14B-4E9B-A0BC-63281D225B5F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7C11A0B-8A42-48DE-A741-FD40502C9068} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8A1718D-6448-4414-97F8-0CC236CBDE86} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E94BB589-63B9-4442-8591-ECEE37FFB809} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9CC1CB3-E17F-46C4-9E5B-B34E364BDE5F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA3F661E-B31C-44A9-B40C-E3D5D56149D4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF6E6ABB-419F-40F8-8078-41973FE962CD} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1A34B79-7056-457A-9E3B-69374ED42DB9} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4556879-705F-47BD-B2F5-615802BD197F} => key not found.
C:\WINDOWS\System32\Tasks\GPU Tweak II => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPU Tweak II => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F66B98E1-4E4A-4334-AF59-D76A14BBB656} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F93A29D0-09F9-40BD-B783-98C799EA7DBB} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry => key not found.
"C:\ProgramData\TEMP" => ":9A870F8B" ADS not found.
C:\WINDOWS\system32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\iTunesHelper => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\iTunesHelper => value not found.
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Wondershare Helper Compact.exe => value not found.
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe => value not found.
HKU\S-1-5-21-1442195442-3689054388-281515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDrive => value not found.
HKU\S-1-5-21-1442195442-3689054388-281515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDrive => value not found.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1442195442-3689054388-281515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1442195442-3689054388-281515-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state On =========

Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10611652 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 12288457 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2462 B
NetworkService => 0 B
Motion => 72705 B
DefaultAppPool => 0 B

RecycleBin => 54519 B
EmptyTemp: => 27.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:33:41 ====


Just a note it did it after I had restarted and the tool finished for the last one.

# AdwCleaner v6.047 - Logfile created 16/06/2017 at 13:27:23
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-16.2 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Motion - MOTION-PC
# Running from : C:\Users\Motion\Downloads\adwcleaner_6.047.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Motion\AppData\Local\VirtualStore\Program Files (x86)\Save


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\Codejock.SkinFramework.13.3.1
[-] Key deleted: HKLM\SOFTWARE\Classes\Codejock.SkinFrameworkGlobalSettings.13.3.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Codejock.SkinFramework.13.3.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Codejock.SkinFrameworkGlobalSettings.13.3.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{128507E0-C56F-43C0-BCF1-8193B35FE4C4}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{40217CB8-4463-4030-B324-AC6A8075FEC8}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{63C40CBE-DE43-4B56-BCEB-E14B825CF245}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{AFA0E6A1-28D7-4F2C-87A7-7266367B4655}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{BD0C1912-66C3-49CC-8B12-7B347BF6C846}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL


***** [ Web browsers ] *****

[-] [C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: conduit.search


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3535 Bytes] - [16/06/2017 13:27:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [3860 Bytes] - [16/06/2017 13:27:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3681 Bytes] ##########

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/16/17
Scan Time: 1:34 PM
Log File: malware.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.141
Update Package Version: 1.0.2164
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: MOTION-PC\Motion

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 453592
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 2 min, 26 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)


Zemana AntiMalware 2.73.2.38 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2017/6/16
Operating System : Windows 10 64-bit
Processor : 8X AMD FX(tm)-8350 Eight-Core Processor
BIOS Mode : Legacy
CUID : 12DA8BEB5D52D22BD6E648
Scan Type : Custom Scan
Duration : 11m 26s
Scanned Objects : 456913
Detected Objects : 0
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

No threats detected


~ ZHPDiag v2017.6.15.99 By Nicolas Coolman (2017/06/15)
~ Run by Motion (Administrator) (2017/06/16 13:55:23)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate: Legal
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Motion\Desktop\ZHPDiag.txt
~ Report: C:\Users\Motion\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 15063) =>.Microsoft Corporation

---\\ Internet Browsers (3) - 0s
~ GCIE: Google Chrome v59.0.3071.86
~ MSIE: Microsoft Edge v40
~ MSIE: Internet Explorer v11.413.15063.0

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK

---\\ System protection software (1) - 4s
Norton Security Suite v22.9.4.8 (Protection)

---\\ System protection software (Superfluous) (1) - 5s
~ Zemana AntiMalware v2.73.0.38 (Superfluous)

---\\ Surveillance software (1) - 6s
~ Adobe Flash Player 26 NPAPI (Surveillance)

---\\ Information on the system (6) - 0s
~ Operating System: AMD64 Family 21 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 16723.968 MB (75% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 47 GB (19%) free of 237 GB : OK =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: MOTION-PC
~ User Name: Motion
~ Logged in as Administrator

---\\ Enumeration of the disk units (1) - 0s
~ Drive C: has 47 GB free of 237 GB (System)

---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (24) - 1s
[MD5.E719D0A5DBC7D5ACFC179D361EF8C2FC] - 05/06/2017 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4847928] =>.Microsoft Windows®
[MD5.ECB702B8C5650381C0784F1EEABB97BC] - 18/03/2017 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [68608] =>.Microsoft Corporation
[MD5.9A4BA96E87A1FD69381249557BDE2BF0] - 18/03/2017 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [318232] =>.Microsoft Windows Publisher®
[MD5.2B1361AFBF330AF9A652A336EE77CBCB] - 05/06/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [3307008] =>.Microsoft Corporation
[MD5.D0F1FB0E90BFBD14865B770E2567BE1D] - 05/06/2017 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [707072] =>.Microsoft Corporation
[MD5.50CDF68A8EA8A2A9165CD573FA6C42D8] - 18/03/2017 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [414208] =>.Microsoft Corporation
[MD5.0F9FA6A2D4EAE50393DCE473759A9845] - 18/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [661224] =>.Microsoft Windows®
[MD5.3F969D5ADEAB3284ABD500B37D74A8F8] - 18/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [508344] =>.Microsoft Windows®
[MD5.AC1928C2F7505BD556C552F153B062AB] - 18/03/2017 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [610712] =>.Microsoft Windows®
[MD5.01733BEEE02E51F712330D5909BD701C] - 18/03/2017 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [29088] =>.Microsoft Windows®
[MD5.B6E5AD7C83A5254DEE9D86023C0E5A81] - 18/03/2017 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [93184] =>.Microsoft Corporation
[MD5.ABE77AD954BC3D72F559CF0C381E50BC] - 18/03/2017 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [160256] =>.Microsoft Corporation
[MD5.185A4519B7764F4DEF714D890A7A9FD2] - 18/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [150528] =>.Microsoft Corporation
[MD5.DD1A6F4998E7E21564FA9BAFE21C87ED] - 18/03/2017 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [86528] =>.Microsoft Corporation
[MD5.C6C8315E3262FAE460529C6DA2951682] - 18/03/2017 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [115200] =>.Microsoft Corporation
[MD5.DCC05E5EAA580C97F13B434FAFACED85] - 18/03/2017 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [214528] =>.Microsoft Corporation
[MD5.F2AD1B72C5A6475FB5FF332E1980DF88] - 18/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [467352] =>.Microsoft Windows®
[MD5.30C2F67EC84EB11B22011620107E0325] - 18/03/2017 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [305152] =>.Microsoft Corporation
[MD5.731FD52461C8107E5B19B9AEDBB82BFB] - 18/03/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2328480] =>.Microsoft Windows®
[MD5.2CC6C325B271C7CA60F374F8F868CB45] - 18/03/2017 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [97792] =>.Microsoft Corporation
[MD5.5279EC98F6218D29EADDFECCC0D80E9A] - 18/03/2017 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [107008] =>.Microsoft Corporation
[MD5.53A01D3FDB701AC5D9DDE4140227E3D9] - 18/03/2017 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [183296] =>.Microsoft Corporation
[MD5.892AB2637603A5E9507C39E61101C3C3] - 03/06/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [119712] =>.Microsoft Windows®
[MD5.E3429DBBEA3965BB96E24B16EF4A2551] - 18/03/2017 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [397216] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (12) - 1s
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Malwarebytes Service (MBAMService) . (.Malwarebytes - Malwarebytes Service.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Norton 360.) - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\n360.exe =>.Symantec Corporation®
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation - NVIDIA Container.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe (.not file.)
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: TeamViewer 12 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 12.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer GmbH®
O23 - Service: UStorage Server Service (UStorage Server Service) . (.OTi - OTi Content Service.) - C:\Windows\SysWOW64\UStorSrv.exe
O23 - Service: ZAM Controller Service (ZAMSvc) . (.Copyright 2017. - ZAM.) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®

---\\ Services not Microsoft (SR=Run, SS=Stop) (19) - 45s
SS - Demand [13/06/2017] [ 272384] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [03/04/2017] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SS - Demand [09/05/2017] [ 1536520] BattlEye Service (BEService) . (...) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe =>.BattlEye Innovations e.K.®
SR - Auto [12/08/2015] [ 462096] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SS - Demand [30/09/2015] [ 363208] BitRaider Mini-Support Service Stub Loader (BRSptStub) . (.BitRaider, LLC.) - C:\ProgramData\BitRaider\BRSptStub.exe =>.BitRaider LLC®
SS - Auto [29/08/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [29/08/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [09/05/2017] [ 689464] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.®
SR - Auto [09/05/2017] [ 4470736] Malwarebytes Service (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SR - Auto [26/05/2017] [ 326160] Norton 360 (N360) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\n360.exe =>.Symantec Corporation®
SR - Auto [26/05/2017] [ 326160] NVIDIA LocalSystem Container (NvContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SS - Demand [26/05/2017] [ 326160] NVIDIA NetworkService Container (NvContainerNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe =>.NVIDIA Corporation®
SR - Auto [26/05/2017] [ 326160] NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe =>.NVIDIA Corporation®
SS - Demand [26/05/2017] [ 326160] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.®
SS - Auto [26/05/2017] [ 326160] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SS - Demand [26/05/2017] [ 326160] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve®
SR - Auto [26/05/2017] [ 326160] TeamViewer 12 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer GmbH®
SR - Auto [26/05/2017] [ 326160] UStorage Server Service (UStorage Server Service) . (.OTi.) - C:\Windows\SysWOW64\UStorSrv.exe
SR - Auto [26/05/2017] [ 326160] ZAM Controller Service (ZAMSvc) . (.Copyright 2017..) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®

---\\ Task Planned Automatically (2) - 13s
[MD5.CAB759C94DF72ACFFC41BD11CCF64024] [APT] [Norton WSC Integration] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\wscstub.exe [3799808] (.Activate.) =>.Symantec Corporation®
O39 - APT: Norton WSC Integration - (.Symantec Corporation.) -- C:\WINDOWS\System32\Tasks\Norton WSC Integration [3396] =>.Symantec Corporation®

---\\ Auto loading programs from Registry and folders (12) - 1s
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp®
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [Malwarebytes TrayApp] . (.Malwarebytes - Malwarebytes Tray Application.) -- C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe =>.Malwarebytes Corporation®
O4 - HKLM\..\Run: [ZAM] . (.Copyright 2017. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe =>.Spotify AB®
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Windows®
O4 - HKUS\S-1-5-21-1442195442-3689054388-281515-1000\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - HKUS\S-1-5-21-1442195442-3689054388-281515-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe =>.Spotify AB®

---\\ Process running (36) - 4s
[MD5.AB9FA82F86F04E1BADD864BF3C56D9C6] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968] [PID.1856] =>.NVIDIA Corporation®
[MD5.AB9FA82F86F04E1BADD864BF3C56D9C6] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968] [PID.2188] =>.NVIDIA Corporation®
[MD5.B5C2F92EE1106DFE7BB1CCE4D35B6037] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462096] [PID.3440] =>.Apple Inc.®
[MD5.7DEFAE8665BCEDDC2C9983138D69D7A5] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.3448] =>.Apple Inc.®
[MD5.2D36E9065B914A7040A4BE31485A4418] - (.OTi - OTi Content Service.) -- C:\Windows\SysWOW64\UStorSrv.exe [139264] [PID.3472]
[MD5.176372CCCD2A3B36224D0490A24FDCD5] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224] [PID.3480] =>.NVIDIA Corporation®
[MD5.64FF1074A536F845B811317D4073B1BF] - (.Symantec Corporation - Norton 360.) -- C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\n360.exe [326160] [PID.3508] =>.Symantec Corporation®
[MD5.CD421DDB5C6E5458CE52EDC36DE7DC5B] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76152] [PID.3516] =>.Even Balance, Inc.®
[MD5.C8E2119AF16AFD29569F391FB802897A] - (.TeamViewer GmbH - TeamViewer 12.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10884848] [PID.3596] =>.TeamViewer GmbH®
[MD5.64FF1074A536F845B811317D4073B1BF] - (.Symantec Corporation - Norton 360.) -- C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\n360.exe [326160] [PID.4940] =>.Symantec Corporation®
[MD5.4E07BCEE4826241D1DA33C033752CD15] - (.NVIDIA Corporation - NVIDIA Container.) -- C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [450168] [PID.6180] =>.NVIDIA Corporation®
[MD5.97E967065DA488402BFB18AB0FA33470] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2457208] [PID.10608] =>.NVIDIA Corporation®
[MD5.22EBD5AE3B3220D713E544D1D3AB3FEE] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800] [PID.11328] =>.Realtek Semiconductor Corp®
[MD5.243F49E6B1AA97E01876020E17BDB4A9] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000] [PID.11592] =>.Spotify AB®
[MD5.5D5A0A0DC8849FCB262C3F00177AA75E] - (.SteelSeries ApS - SteelSeries Engine 3 Core.) -- C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe [12881472] [PID.11864] =>.SteelSeries ApS®
[MD5.3478F1FF18525696611C79EDD204F672] - (.NVIDIA Corporation - NVIDIA Capture Server.) -- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe [7583352] [PID.11916] =>.NVIDIA Corporation®
[MD5.A443A7C05ABF0FCD16E89593F63B633B] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288] [PID.11996] =>.Oracle America, Inc.®
[MD5.1D4105EEE74EA14A88388725813D2E8F] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) -- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [545400] [PID.8264] =>.NVIDIA Corporation®
[MD5.4BA1E9912A0040B0B38EA8B97EEF04BB] - (.NVIDIA Corporation - NVIDIA Share.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [1693816] [PID.11096] =>.NVIDIA Corporation®
[MD5.4BA1E9912A0040B0B38EA8B97EEF04BB] - (.NVIDIA Corporation - NVIDIA Share.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [1693816] [PID.11748] =>.NVIDIA Corporation®
[MD5.2F9FDC3B49B98E7ABFC24CAF6450B101] - (.Node.js - NVIDIA Web Helper Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [15553656] [PID.992] =>.NVIDIA Corporation®
[MD5.CBB916388EBCEA1BDAAD17EE2844515E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912] [PID.2912] =>.Google Inc®
[MD5.CBB916388EBCEA1BDAAD17EE2844515E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912] [PID.2988] =>.Google Inc®
[MD5.CBB916388EBCEA1BDAAD17EE2844515E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912] [PID.3656] =>.Google Inc®
[MD5.CBB916388EBCEA1BDAAD17EE2844515E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912] [PID.6920] =>.Google Inc®
[MD5.CBB916388EBCEA1BDAAD17EE2844515E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912] [PID.12696] =>.Google Inc®
[MD5.CBB916388EBCEA1BDAAD17EE2844515E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1197912] [PID.892] =>.Google Inc®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.11904] =>.Google Inc®
[MD5.33E6E5822E22A5E1DEA523C06155FD07] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe [288848] [PID.2804] =>.Google Inc®
[MD5.27BEAF3F308ED2276F3863C2F2597556] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe [366672] [PID.11876] =>.Google Inc®
[MD5.D76E56108E6482905D3FAEA0649919E4] - (.Malwarebytes - Malwarebytes Service.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736] [PID.7188] =>.Malwarebytes Corporation®
[MD5.5602FF42444B4991E69C62E493BDAEC4] - (.Malwarebytes - Malwarebytes Tray Application.) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [3146704] [PID.10444] =>.Malwarebytes Corporation®
[MD5.44032F0F62931EE6547972F8BE798014] - (.Copyright 2017. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15537808] [PID.13248] =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
[MD5.44032F0F62931EE6547972F8BE798014] - (.Copyright 2017. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15537808] [PID.12208] =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
[MD5.CBD2EDA664046DA2F871746C055B566C] - (...) -- C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [20480] [PID.13304] =>.Microsoft Corporation
[MD5.572F9513C1E32B1A54148DC976B17F6A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Motion\Downloads\ZHPDiag3.exe [2750848] [PID.10940] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (19) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients5.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh3.googleusercontent.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ogs.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchelpforum.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchf2-jew4efcjsvzg0rz43cny.stackpathdns.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ajopnjidmegmdimjlfnijceegpefgped] BetterTTV
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bkjcdfmmpdfjohenejbkaaafkoeknjnh] Fast Proxy =>.Legitimate
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] Google Chrome manifest =>.Google Inc. =>.Adblock
G2 - GCE: Preference [User Data\Default] [cjabmdjcfcfdmffimndhafhblfmpjdpe] Norton Security Toolbar
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [idefjamndcpplnamdlbodoebjgkpdmpn] Zalmos SSL Web Proxy for Free
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 1s
P2 - EXT FILE: (.Adblock Plus - Ads were yesterday!.) -- C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus
P2 - EXT FILE: (.Aaron Boodman; http://youngpup.net/ - A User Script Manager for Firefox.) -- C:\Users\Motion\AppData\Roaming\Mozilla\Firefox\Profiles\990g0168.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi =>.Aaron Boodman; http://youngpup.net/
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll =>.Adobe Systems Incorporated

---\\ Internet Explorer Extensions, Start, Search (15) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

---\\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: Norton Identity Safety [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\coIEPlg.dll =>.Symantec Corporation®
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft Corporation®

---\\ Global shortcuts Startup (118) - 7s
O4 - GS\Desktop [Administrator]: Discord.lnk . (.GitHub - Update.) C:\Users\Motion\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®
O4 - GS\Desktop [Administrator]: ESEA Client.lnk . (.Turtle Entertainment Online, Inc. - .) C:\Program Files (x86)\ESEA\ESEA Client\eseaclient.exe
O4 - GS\Desktop [Administrator]: FLV Cutter.lnk . (.spgsoft.com - .) C:\Program Files (x86)\FLV Cutter\FLV Cutter.exe =>.spgsoft.com
O4 - GS\Desktop [Administrator]: HD Video Converter Factory Pro.lnk . (.WonderFox Soft, Inc - .) C:\Program Files (x86)\WonderFox Soft\HD Video Converter Factory Pro\VideoConverterFactoryPro.exe =>.E-Mig Technology, Inc.®
O4 - GS\Desktop [Administrator]: Mumble.lnk . (.Thorvald Natvig - Mumble - Low-latency VoIP client.) C:\Program Files (x86)\Mumble\mumble.exe -m {008793EAD91BA0702533DC9B7AA097F47B} =>.Thorvald Natvig
O4 - GS\Desktop [Administrator]: OldSchool RuneScape.lnk . (...) C:\Users\Motion\jagexcache\jagexlauncher\bin\JagexLauncher.exe oldschool
O4 - GS\Desktop [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Administrator]: StarParse.lnk . (...) C:\Users\Motion\AppData\Local\StarParse\StarParse.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Motion\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer GmbH®
O4 - GS\TaskBar [Administrator]: Volume Mixer.lnk . (.Microsoft Corporation - Volume Mixer.) C:\Windows\System32\SndVol.exe =>.Microsoft Windows®
O4 - GS\Programs [Administrator]: csgo.lnk . (...) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O4 - GS\Programs [Administrator]: OldSchool RuneScape.lnk . (...) C:\Users\Motion\jagexcache\jagexlauncher\bin\JagexLauncher.exe oldschool
O4 - GS\Programs [Administrator]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Motion\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Windows®
O4 - GS\Programs [Administrator]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Administrator]: Update and Privacy Settings.lnk . (.Microsoft Corporation - UNPUXHost.) C:\Windows\System32\UNP\UNPUXHost.exe =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Discord.lnk . (.GitHub - Update.) C:\Users\Motion\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®
O4 - GS\Desktop [Guest]: ESEA Client.lnk . (.Turtle Entertainment Online, Inc. - .) C:\Program Files (x86)\ESEA\ESEA Client\eseaclient.exe
O4 - GS\Desktop [Guest]: FLV Cutter.lnk . (.spgsoft.com - .) C:\Program Files (x86)\FLV Cutter\FLV Cutter.exe =>.spgsoft.com
O4 - GS\Desktop [Guest]: HD Video Converter Factory Pro.lnk . (.WonderFox Soft, Inc - .) C:\Program Files (x86)\WonderFox Soft\HD Video Converter Factory Pro\VideoConverterFactoryPro.exe =>.E-Mig Technology, Inc.®
O4 - GS\Desktop [Guest]: Mumble.lnk . (.Thorvald Natvig - Mumble - Low-latency VoIP client.) C:\Program Files (x86)\Mumble\mumble.exe -m {008793EAD91BA0702533DC9B7AA097F47B} =>.Thorvald Natvig
O4 - GS\Desktop [Guest]: OldSchool RuneScape.lnk . (...) C:\Users\Motion\jagexcache\jagexlauncher\bin\JagexLauncher.exe oldschool
O4 - GS\Desktop [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Guest]: StarParse.lnk . (...) C:\Users\Motion\AppData\Local\StarParse\StarParse.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Motion\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer GmbH®
O4 - GS\TaskBar [Guest]: Volume Mixer.lnk . (.Microsoft Corporation - Volume Mixer.) C:\Windows\System32\SndVol.exe =>.Microsoft Windows®
O4 - GS\Programs [Guest]: csgo.lnk . (...) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O4 - GS\Programs [Guest]: OldSchool RuneScape.lnk . (...) C:\Users\Motion\jagexcache\jagexlauncher\bin\JagexLauncher.exe oldschool
O4 - GS\Programs [Guest]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Motion\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Windows®
O4 - GS\Programs [Guest]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Guest]: Update and Privacy Settings.lnk . (.Microsoft Corporation - UNPUXHost.) C:\Windows\System32\UNP\UNPUXHost.exe =>.Microsoft Corporation
O4 - GS\Desktop [Motion]: Discord.lnk . (.GitHub - Update.) C:\Users\Motion\AppData\Local\Discord\Update.exe --processStart Discord.exe =>.Hammer & Chisel Inc.®
O4 - GS\Desktop [Motion]: ESEA Client.lnk . (.Turtle Entertainment Online, Inc. - .) C:\Program Files (x86)\ESEA\ESEA Client\eseaclient.exe
O4 - GS\Desktop [Motion]: FLV Cutter.lnk . (.spgsoft.com - .) C:\Program Files (x86)\FLV Cutter\FLV Cutter.exe =>.spgsoft.com
O4 - GS\Desktop [Motion]: HD Video Converter Factory Pro.lnk . (.WonderFox Soft, Inc - .) C:\Program Files (x86)\WonderFox Soft\HD Video Converter Factory Pro\VideoConverterFactoryPro.exe =>.E-Mig Technology, Inc.®
O4 - GS\Desktop [Motion]: Mumble.lnk . (.Thorvald Natvig - Mumble - Low-latency VoIP client.) C:\Program Files (x86)\Mumble\mumble.exe -m {008793EAD91BA0702533DC9B7AA097F47B} =>.Thorvald Natvig
O4 - GS\Desktop [Motion]: OldSchool RuneScape.lnk . (...) C:\Users\Motion\jagexcache\jagexlauncher\bin\JagexLauncher.exe oldschool
O4 - GS\Desktop [Motion]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Desktop [Motion]: StarParse.lnk . (...) C:\Users\Motion\AppData\Local\StarParse\StarParse.exe
O4 - GS\Desktop [Motion]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Motion\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Motion]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Motion]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Motion]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Motion]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\System32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Motion]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Motion]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer GmbH®
O4 - GS\TaskBar [Motion]: Volume Mixer.lnk . (.Microsoft Corporation - Volume Mixer.) C:\Windows\System32\SndVol.exe =>.Microsoft Windows®
O4 - GS\Programs [Motion]: csgo.lnk . (...) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O4 - GS\Programs [Motion]: OldSchool RuneScape.lnk . (...) C:\Users\Motion\jagexcache\jagexlauncher\bin\JagexLauncher.exe oldschool
O4 - GS\Programs [Motion]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Motion\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Windows®
O4 - GS\Programs [Motion]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Motion]: Update and Privacy Settings.lnk . (.Microsoft Corporation - UNPUXHost.) C:\Windows\System32\UNP\UNPUXHost.exe =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: ASUS GPU TweakII.lnk . (.TODO: <Company name> - GPUTweakII.) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe =>.ASUSTeK Computer Inc.®
O4 - GS\CommonDesktop [Public]: Battle.net.lnk . (.Blizzard Entertainment - Blizzard App Launcher.) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: CPUID CPU-Z.lnk . (.CPUID - CPU-Z Application.) C:\Program Files\CPUID\CPU-Z\cpuz.exe =>.CPUID®
O4 - GS\CommonDesktop [Public]: Debut Video Capture Software.lnk . (.NCH Software - Debut Video Capture Software.) C:\Program Files (x86)\NCH Software\Debut\debut.exe =>.NCH Software®
O4 - GS\CommonDesktop [Public]: Fraps.lnk . (.Beepa P/L - Fraps.) C:\Fraps\fraps.exe =>.Beepa P/L
O4 - GS\CommonDesktop [Public]: GeForce Experience.lnk . (.NVIDIA Corporation - NVIDIA GeForce Experience.) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe =>.NVIDIA Corporation®
O4 - GS\CommonDesktop [Public]: GoldWave.lnk . (.GoldWave Inc. - .) C:\Program Files (x86)\GoldWave\GoldWave.exe =>.GoldWave Inc.
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - .) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc.
O4 - GS\CommonDesktop [Public]: Malwarebytes.lnk . (.Malwarebytes - Malwarebytes.) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: OBS Studio.lnk . (...) C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe =>.Open Source Developer, Hugh Bailey®
O4 - GS\CommonDesktop [Public]: Overwatch.lnk . (.Blizzard Entertainment - Overwatch Setup.) C:\Program Files (x86)\Overwatch\Overwatch Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\CommonDesktop [Public]: PS3 Media Server.lnk . (.PS3 Media Server - PS3 Media Server.) C:\Program Files (x86)\PS3 Media Server\pms.exe =>.PS3 Media Server
O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (...) C:\Program Files\RogueKiller\RogueKiller64.exe =>.Adlice®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies
O4 - GS\CommonDesktop [Public]: Speccy.lnk . (.Piriform Ltd - Speccy.) C:\Program Files\Speccy\Speccy64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Steam.lnk . (.Valve Corporation - Steam Client Bootstrapper.) C:\Program Files (x86)\Steam\Steam.exe =>.Valve®
O4 - GS\CommonDesktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®
O4 - GS\CommonDesktop [Public]: TeamViewer 12.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer GmbH®
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: Warcraft Logs Uploader.lnk . (...) C:\Program Files (x86)\Warcraft Logs Uploader\Warcraft Logs Uploader.exe
O4 - GS\CommonDesktop [Public]: World of Warcraft.lnk . (.Blizzard Entertainment - World of Warcraft Setup.) C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe =>.Blizzard Entertainment, Inc.®
O4 - GS\CommonDesktop [Public]: Zemana AntiMalware.lnk . (.Copyright 2017. - ZAM.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Bilişim Teknolojileri Sanayi Ticaret Limited Şirketi®
O4 - GS\Programs [Public]: csgo.lnk . (...) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe =>.Valve®
O4 - GS\Programs [Public]: OldSchool RuneScape.lnk . (...) C:\Users\Motion\jagexcache\jagexlauncher\bin\JagexLauncher.exe oldschool
O4 - GS\Programs [Public]: OneDrive.lnk . (.Microsoft Corporation - Microsoft OneDrive.) C:\Users\Motion\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Windows®
O4 - GS\Programs [Public]: Spotify.lnk . (.Spotify Ltd - Spotify.) C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe =>.Spotify AB®
O4 - GS\Programs [Public]: Update and Privacy Settings.lnk . (.Microsoft Corporation - UNPUXHost.) C:\Windows\System32\UNP\UNPUXHost.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\WINDOWS\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\WINDOWS\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Startup [Public]: SteelSeries Engine 3.lnk . (.SteelSeries ApS - SteelSeries Engine 3 Core.) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true =>.SteelSeries ApS®
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\WINDOWS\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\WINDOWS\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Quick Assist.lnk . (.Microsoft Corporation - Quick Assist.) C:\WINDOWS\system32\quickassist.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\WINDOWS\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\WINDOWS\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Steps Recorder.lnk . (.Microsoft Corporation - Steps Recorder.) C:\WINDOWS\system32\psr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\WINDOWS\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\WINDOWS\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\WINDOWS\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (...) C:\WINDOWS\Installer\{52D87F32-70E4-4348-8148-C0B9F35B1314}\AppleSoftwareUpdateIco.exe =>.Apple Inc.
O4 - GS\ProgramsCommon [Public]: Debut Video Capture Software.lnk . (.NCH Software - Debut Video Capture Software.) C:\Program Files (x86)\NCH Software\Debut\debut.exe =>.NCH Software®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Immersive Control Panel.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\WINDOWS\System32\Control.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: MiracastView.lnk . (.Microsoft Corporation - MiracastView.) C:\WINDOWS\MiracastView\MiracastView.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: PrintDialog.lnk . (.Microsoft Corporation - Print Dialog.) C:\WINDOWS\PrintDialog\PrintDialog.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe =>.TeamSpeak Systems GmbH®
O4 - GS\ProgramsCommon [Public]: TeamViewer 12.lnk . (.TeamViewer GmbH - TeamViewer 12.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer GmbH®
O4 - GS\ProgramsCommon [Public]: Warcraft Logs Uploader.lnk . (...) C:\Program Files (x86)\Warcraft Logs Uploader\Warcraft Logs Uploader.exe
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 =>.France Google Cloud
O17 - HKLM\System\CCS\Services\Tcpip\..\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: NameServer = 8.8.8.8,8.8.4.4 =>.France Google Cloud
O17 - HKLM\System\CCS\Services\Tcpip\..\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: DhcpNameServer = 8.8.8.8 8.8.4.4 =>.France Google Cloud

---\\ Extra protocols (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (109) - 11s
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8C9AA2C1-D07A-48E8-9DD8-471A072947F4} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 26 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Ansel - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel =>.NVIDIA Corporation
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E} =>.Apple Inc.
O42 - Logiciel: Apple Application Support (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE} =>.Apple Inc.
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {0A596141-97D5-45FA-9281-98DFAF48D579} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {52D87F32-70E4-4348-8148-C0B9F35B1314} =>.Apple Inc.
O42 - Logiciel: ASUS GPU TweakII - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] -- {0075AAC2-EA9F-490E-83F7-5D5F81EB2A43} =>.ASUSTek Computer Inc.
O42 - Logiciel: ASUS GPU TweakII - (.ASUSTek COMPUTER INC..) [HKLM][64Bits] -- InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43} =>.ASUSTek Computer Inc.
O42 - Logiciel: ASUS Product Register Program - (.ASUSTek Computer Inc..) [HKLM][64Bits] -- {C87D79F6-F813-4812-B7A9-CCCAAB8B1188} =>.ASUSTek Computer Inc.
O42 - Logiciel: Audiosurf - (.Dylan Fitterer.) [HKLM][64Bits] -- Steam App 12900 =>.Valve®
O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net =>.Blizzard Entertainment, Inc.®
O42 - Logiciel: Beats Updater - (.Apple Inc..) [HKLM][64Bits] -- {321BEA75-4A58-4A42-911F-24933AE3E077} =>.Apple Inc.
O42 - Logiciel: BitRaider Streaming Client - (.BitRaider, LLC.) [HKLM][64Bits] -- BitRaider Streaming Client =>.Electronic Arts®
O42 - Logiciel: Blue Satin Skin - (.Screaming Bee.) [HKLM][64Bits] -- {B0C00181-ECF5-4124-A6DE-14EA663D4799} =>.Screaming Bee
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc.
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 =>.Valve®
O42 - Logiciel: CPUID CPU-Z 1.79.1 - (.CPUID Inc.) [HKLM][64Bits] -- CPUID CPU-Z_is1 =>.CPUID Inc
O42 - Logiciel: Debut Video Capture Software - (.NCH Software.) [HKLM][64Bits] -- Debut =>.NCH Software®
O42 - Logiciel: Discord - (.Hammer & Chisel, Inc..) [HKCU][64Bits] -- Discord =>.Hammer & Chisel Inc.®
O42 - Logiciel: FLV Cutter 1.0 - (.spgsoft.com.) [HKLM][64Bits] -- FLV Cutter_is1 =>.spgsoft.com
O42 - Logiciel: Fraps (remove only) - (.Beepa.) [HKLM][64Bits] -- Fraps =>.Beepa
O42 - Logiciel: GoldWave v6.15 - (.GoldWave Inc..) [HKLM][64Bits] -- GoldWave v6.15 =>.GoldWave Inc.
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {A1238426-ECDF-4639-BE2F-8D12A97AE23C} =>.Google, Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: H1Z1: King of the Kill - (.Daybreak Game Company.) [HKLM][64Bits] -- Steam App 433850 =>.Valve®
O42 - Logiciel: HD Video Converter Factory Pro 8.6 - (.WonderFox Soft, Inc..) [HKLM][64Bits] -- HD Video Converter Factory Pro =>.WonderFox Soft, Inc.
O42 - Logiciel: Intel® RealSense™ SDK Runtime - (.Intel Corporation.) [HKLM][64Bits] -- ARP_for_prd_rs_sdk_runtime_10.0.26.0396 =>.Intel(R) Software Development Products®
O42 - Logiciel: Intel® RealSense™ SDK Runtime Gold (x64): Core - (.Intel Corporation.) [HKLM][64Bits] -- {7ECCC65E-1D74-11E6-B005-2C44FD873B55} =>.Intel Corporation
O42 - Logiciel: Intel® RealSense™ SDK Runtime Gold (x64): User Segmentation - (.Intel Corporation.) [HKLM][64Bits] -- {A315DE30-1D74-11E6-A4F2-2C44FD873B55} =>.Intel Corporation
O42 - Logiciel: Intel® RealSense™ SDK Runtime Gold (x86): Core - (.Intel Corporation.) [HKLM][64Bits] -- {4BAB7070-1D73-11E6-8844-2C44FD873B55} =>.Intel Corporation
O42 - Logiciel: Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration - (.Intel Corporation.) [HKLM][64Bits] -- {676C639E-1D73-11E6-BF2F-2C44FD873B55} =>.Intel Corporation
O42 - Logiciel: Intel® RealSense™ SDK Runtime Gold (x86): User Segmentation - (.Intel Corporation.) [HKLM][64Bits] -- {51040000-1D73-11E6-A45D-2C44FD873B55} =>.Intel Corporation
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {F0C7385A-9D20-45F3-8101-05D383885180} =>.Apple Inc.
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF} =>.Oracle
O42 - Logiciel: Java 8 Update 131 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F32180131F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Malwarebytes version 3.1.2.1733 - (.Malwarebytes.) [HKLM][64Bits] -- {35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1 =>.Malwarebytes Corporation®
O42 - Logiciel: Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291. - (.Microsoft Corporation.) [HKLM][64Bits] -- {25E80DAA-FD87-DCE5-202C-CC02F6673002} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe =>.Microsoft Windows®
O42 - Logiciel: Microsoft Word 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.WORD =>.Microsoft Corporation®
O42 - Logiciel: Mumble 1.2.17 - (.Thorvald Natvig.) [HKLM][64Bits] -- {95A0093C-0C81-4D0B-BCA7-3CE11755A6BD} =>.Thorvald Natvig
O42 - Logiciel: Norton Security Suite - (.Symantec Corporation.) [HKLM][64Bits] -- N360 =>.Symantec Corporation®
O42 - Logiciel: NVIDIA 3D Vision Controller Driver 369.04 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA 3D Vision Driver 382.53 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Backend - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Control Panel 382.53 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Container LS - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Display Watchdog Plugin - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA GeForce Experience 3.6.0.74 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Graphics Driver 382.53 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.34.27 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA LocalSystem Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Message Bus for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA NetworkService Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 25.0.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA PhysX System Software 9.17.0524 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Session Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA ShadowPlay 3.6.0.74 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay =>.NVIDIA Corporation
O42 - Logiciel: Nvidia Share - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo =>.NVIDIA Corporation®
O42 - Logiciel: NVIDIA Telemetry Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update 25.0.0.0 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update Core - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA User Container - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Virtual Audio 3.70.2 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Watchdog Plugin for NvContainer - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog =>.NVIDIA Corporation
O42 - Logiciel: NvNodejs - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs =>.NVIDIA Corporation
O42 - Logiciel: NvTelemetry - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry =>.NVIDIA Corporation
O42 - Logiciel: NvvHci - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci =>.NVIDIA Corporation
O42 - Logiciel: OBS Studio - (.OBS Project.) [HKLM][64Bits] -- OBS Studio =>.OBS Project
O42 - Logiciel: OldSchool RuneScape Launcher 1.2.7 - (.Jagex Ltd.) [HKLM][64Bits] -- {FEDDCE73-34B8-4980-90B8-8619A78C902C} =>.Jagex Ltd
O42 - Logiciel: Overwatch - (.Blizzard Entertainment.) [HKLM][64Bits] -- Overwatch =>.Blizzard Entertainment, Inc.®
O42 - Logiciel: Parsec - (.Parsec.) [HKCU][64Bits] -- a53dc3b81e52c50e
O42 - Logiciel: PLAYERUNKNOWN'S BATTLEGROUNDS - (.Bluehole, Inc..) [HKLM][64Bits] -- Steam App 578080 =>.Valve®
O42 - Logiciel: PS3 Media Server - (.PS3 Media Server.) [HKLM][64Bits] -- PS3 Media Server =>.PS3 Media Server
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: RogueKiller version 12.11.1.0 - (.Adlice Software.) [HKLM][64Bits] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: Samsung Magician - (.Samsung Electronics.) [HKLM][64Bits] -- {29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1 =>.Samsung Electronics Co., Ltd.®
O42 - Logiciel: SHIELD Streaming - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv =>.NVIDIA Corporation
O42 - Logiciel: SHIELD Wireless Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController =>.NVIDIA Corporation
O42 - Logiciel: Skype™ 7.37 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A.
O42 - Logiciel: Speccy - (.Piriform.) [HKLM][64Bits] -- Speccy =>.Piriform Ltd®
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify =>.Spotify AB®
O42 - Logiciel: Star Wars: The Old Republic - (.Electronic Arts, Inc..) [HKLM][64Bits] -- {3B11D799-48E0-48ED-BFD7-EA655676D8BB} =>.Electronic Arts®
O42 - Logiciel: StarParse - (.Ixale.) [HKCU][64Bits] -- {fxApplication}}_is1 =>.Ixale
O42 - Logiciel: SteelSeries Engine 3.10.2 - (.SteelSeries ApS.) [HKLM][64Bits] -- SteelSeries Engine 3 =>.SteelSeries ApS®
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH
O42 - Logiciel: TeamViewer 12 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer =>.TeamViewer GmbH®
O42 - Logiciel: Virtual Audio Cable 4.10 - (..) [HKLM][64Bits] -- Virtual Audio Cable 4.10 =>.NTONYX Ltd.®
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Vulkan Run Time Libraries 1.0.42.1 - (.LunarG, Inc..) [HKLM][64Bits] -- VulkanRT1.0.42.1 =>.LunarG, Inc.®
O42 - Logiciel: Warcraft Logs Uploader - (.UNKNOWN.) [HKLM][64Bits] -- {8363B16F-C0CB-02BE-1CD5-4F9239491460}
O42 - Logiciel: Warcraft Logs Uploader - (.UNKNOWN.) [HKLM][64Bits] -- com.warcraft.logs
O42 - Logiciel: Windows 10 Update and Privacy Settings - (.Microsoft Corporation.) [HKLM][64Bits] -- {293F2009-0145-450B-B4AA-063D43FB368C} =>.Microsoft Corporation
O42 - Logiciel: Windows Driver Package - Apple, Inc. (KernelModeUSB) USBDevice (03/30/2017 - (.Apple, Inc..) [HKLM][64Bits] -- 183E383A1862B0622EB93E70D34D830E28AFFBAA =>.Apple, Inc.
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst =>.Riverbed Technology, Inc.
O42 - Logiciel: WinRAR 5.40 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: World of Warcraft - (.Blizzard Entertainment.) [HKLM][64Bits] -- World of Warcraft =>.Blizzard Entertainment, Inc.®
O42 - Logiciel: Zemana AntiMalware - (.Zemana Ltd..) [HKLM][64Bits] -- {8F0CD7D1-42F3-4195-95CD-833578D45057}_is1 =>.Zemana Ltd.

---\\ HKCU & HKLM Software Keys (130) - 11s
HKLM\SOFTWARE\Wow6432Node\Acoustica =>.Acoustica
HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies =>.AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\AMD =>.AMD
HKLM\SOFTWARE\Wow6432Node\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Asus =>.ASUS
HKLM\SOFTWARE\Wow6432Node\BioWare =>.BioWare
HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment =>.Blizzard Entertainment
HKLM\SOFTWARE\Wow6432Node\Celavimus
HKLM\SOFTWARE\Wow6432Node\Celemony Software GmbH =>.Celemony Software GmbH
HKLM\SOFTWARE\Wow6432Node\Colasoft =>.Colasoft Ltd
HKLM\SOFTWARE\Wow6432Node\Electronic Arts =>.Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Fraps =>.Beepa
HKLM\SOFTWARE\Wow6432Node\GamersFirst =>.GamersFirst
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield =>.InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\Wow6432Node\Licenses =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\Logitech =>.Logitech
HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MSI =>.MSI
HKLM\SOFTWARE\Wow6432Node\NCH Software =>.NCH Software
HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound =>.NCH Swift Sound
HKLM\SOFTWARE\Wow6432Node\Norton =>.Symantec Corporation
HKLM\SOFTWARE\Wow6432Node\Nuance =>.Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\Wow6432Node\OBS Studio =>.OBS Studio
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\Origin Games =>.Electronic Arts, Inc.
HKLM\SOFTWARE\Wow6432Node\Overwolf =>.Overwolf
HKLM\SOFTWARE\Wow6432Node\Piriform =>.Piriform
HKLM\SOFTWARE\Wow6432Node\Propellerhead Software =>.Propellerhead Software
HKLM\SOFTWARE\Wow6432Node\Razer =>.Razer
HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Samsung Magician =>.Samsung Electronics
HKLM\SOFTWARE\Wow6432Node\Screaming Bee =>.Screaming Bee
HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
HKLM\SOFTWARE\Wow6432Node\SRS Labs =>.SRS Labs
HKLM\SOFTWARE\Wow6432Node\Symantec =>.Symantec
HKLM\SOFTWARE\Wow6432Node\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\Wow6432Node\THQ =>.THQ
HKLM\SOFTWARE\Wow6432Node\Valve =>.Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node\VST =>.Virtual Studio Technology
HKLM\SOFTWARE\Wow6432Node\WafCX =>.WafCX
HKLM\SOFTWARE\Wow6432Node\WinPcap =>.Riverbed Technology
HKLM\SOFTWARE\Wow6432Node\Wondershare =>.Wondershare
HKLM\SOFTWARE\Wow6432Node\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Wow6432Node\Even Balance =>.Even Balance Inc
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Acoustica =>.Acoustica
HKCU\SOFTWARE\Apowersoft =>.Apowersoft
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\Applied Acoustics Systems =>.Applied Acoustics Systems
HKCU\SOFTWARE\ASUS =>.ASUS
HKCU\SOFTWARE\Audacity =>.Audacity
HKCU\SOFTWARE\Beats
HKCU\SOFTWARE\Blizzard Entertainment =>.Blizzard Entertainment
HKCU\SOFTWARE\Boilsoft =>.Boilsoft
HKCU\SOFTWARE\Borland =>.Borland
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\Bytescout =>.ByteScout
HKCU\SOFTWARE\Chromium =>.Chromium
HKCU\SOFTWARE\Colasoft =>.Colasoft Ltd
HKCU\SOFTWARE\CPUID.COM =>.CPUID Inc
HKCU\SOFTWARE\DefaultCompany =>.Unity
HKCU\SOFTWARE\DownloadToolz =>.DownloadToolz Inc
HKCU\SOFTWARE\Electronic Arts =>.Electronic Arts
HKCU\SOFTWARE\Enterbrain =>.Enterbrain
HKCU\SOFTWARE\Epic Games =>.Epic Games
HKCU\SOFTWARE\ESEA
HKCU\SOFTWARE\Fraps3 =>.Beepa
HKCU\SOFTWARE\Freecorder
HKCU\SOFTWARE\GetFLV =>.GetFLV
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GSLLC =>.GiliSoft International LLC.
HKCU\SOFTWARE\Hyperdesktop
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Licenses =>.Microsoft Corporation
HKCU\SOFTWARE\Local AppWizard-Generated Applications =>.ZWCAD
HKCU\SOFTWARE\LogiShrd =>.LogiShrd
HKCU\SOFTWARE\Logitech =>.Logitech
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\Malwarebytes =>.Malwarebytes
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\Mumble =>.Mumble
HKCU\SOFTWARE\Music Recognition
HKCU\SOFTWARE\NCH Software =>.NCH Software
HKCU\SOFTWARE\NCH Swift Sound =>.NCH Swift Sound
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Norton =>.Symantec Corporation
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\OldSchool RuneScape
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\PS3 Media Server =>.PS3 Media Server
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Razer =>.Razer
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\rejetto
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\Spotify =>.Spotify
HKCU\SOFTWARE\TeamSpeak 3 Client =>.TeamSpeak
HKCU\SOFTWARE\TeamViewer =>.TeamViewer
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\Unwinder =>.Unwinder
HKCU\SOFTWARE\Valve =>.Valve
HKCU\SOFTWARE\Ventrilo
HKCU\SOFTWARE\VirtualDub.org =>.VirtualDub.org
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wondershare =>.Wondershare
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\Zemana =>.Zemana
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Norton =>.Symantec Corporation

---\\ Contents of the Common Files folders (392) - 8s
O43 - CFD: 30/12/2016 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc.
O43 - CFD: 06/04/2017 - [] AD -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 14/06/2017 - [] D -- C:\Program Files\CPUID =>.CPUID Inc
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 17/12/2013 - [] D -- C:\Program Files\ESEA =>.Turtle Entertainment Online, Inc.®
O43 - CFD: 25/09/2015 - [] D -- C:\Program Files\GoldWave =>.GoldWave Inc.
O43 - CFD: 29/05/2017 - [] D -- C:\Program Files\Haste
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 15/06/2017 - [] D -- C:\Program Files\iPod =>.Apple Inc.®
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files\iTunes =>.Apple Inc.
O43 - CFD: 16/06/2017 - [] D -- C:\Program Files\Malwarebytes =>.Malwarebytes
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 06/10/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 27/03/2017 - [] D -- C:\Program Files\NortonInstaller =>.Symantec
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files\OBS =>.OBS
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files\RogueKiller =>.Adlice
O43 - CFD: 14/06/2017 - [] AD -- C:\Program Files\Speccy =>.Piriform
O43 - CFD: 21/11/2016 - [] D -- C:\Program Files\SteelSeries =>.SteelSeries
O43 - CFD: 21/05/2017 - [] AD -- C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak
O43 - CFD: 10/07/2015 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 03/05/2017 - [] AD -- C:\Program Files\UNP =>.Microsoft Corporation
O43 - CFD: 12/09/2016 - [] D -- C:\Program Files\VB =>.Vincent Burel®
O43 - CFD: 12/12/2014 - [] D -- C:\Program Files\Virtual Audio Cable =>.NTONYX Ltd.®
O43 - CFD: 05/06/2017 - [] RD -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Defender Advanced Threat Protection =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\Windows Security =>.Unknown
O43 - CFD: 05/06/2017 - [] SHD -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/06/2017 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 12/04/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.
O43 - CFD: 28/02/2014 - [] D -- C:\Program Files (x86)\Applian Technologies =>.Applian Technologies
O43 - CFD: 12/05/2017 - [] D -- C:\Program Files (x86)\ASUS =>.ASUS
O43 - CFD: 14/08/2015 - [] D -- C:\Program Files (x86)\Avidemux 2.6 - 32 bits
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files (x86)\Battle.net =>.Games Software
O43 - CFD: 05/05/2017 - [] AD -- C:\Program Files (x86)\Beats by Dr. Dre =>.Apple Inc.®
O43 - CFD: 30/12/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.
O43 - CFD: 27/05/2015 - [] D -- C:\Program Files (x86)\CEVO =>.ALTPUG LLC®
O43 - CFD: 10/03/2016 - [] D -- C:\Program Files (x86)\Colasoft Capsa 8 Free Edition
O43 - CFD: 15/06/2017 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 20/12/2013 - [] D -- C:\Program Files (x86)\Electronic Arts =>.Electronic Arts
O43 - CFD: 14/08/2015 - [] AD -- C:\Program Files (x86)\FLV Cutter
O43 - CFD: 06/03/2016 - [] D -- C:\Program Files (x86)\GetFLV =>.GetFLV Corporation
O43 - CFD: 19/07/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 12/05/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 15/06/2017 - [] D -- C:\Program Files (x86)\Java =>.Oracle
O43 - CFD: 21/11/2016 - [] D -- C:\Program Files (x86)\Logitech =>.Logitech
O43 - CFD: 06/06/2017 - [] D -- C:\Program Files (x86)\Microsoft ASP.NET =>.Microsoft Corporation
O43 - CFD: 06/10/2016 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 06/10/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
O43 - CFD: 06/10/2016 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\MSI =>.MSI
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\MSI Afterburner =>.Micro-Star International Co
O43 - CFD: 21/11/2016 - [] AD -- C:\Program Files (x86)\Mumble =>.Mumble
O43 - CFD: 02/10/2015 - [] D -- C:\Program Files (x86)\NCH Software =>.NCH Software
O43 - CFD: 23/03/2017 - [] AD -- C:\Program Files (x86)\Norton Security Suite =>.Symantec Corporation
O43 - CFD: 15/03/2017 - [] D -- C:\Program Files (x86)\NortonInstaller =>.Symantec
O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\OBS =>.OBS
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\obs-studio =>.OBS-Studio
O43 - CFD: 09/06/2016 - [] D -- C:\Program Files (x86)\Origin Games =>.Electronic Arts, Inc.
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files (x86)\Overwatch =>.Blizzard Entertainment
O43 - CFD: 02/10/2015 - [] D -- C:\Program Files (x86)\PRTG Network Monitor
O43 - CFD: 03/11/2016 - [] D -- C:\Program Files (x86)\PS3 Media Server =>.PS3 Media Server
O43 - CFD: 23/01/2014 - [] D -- C:\Program Files (x86)\Razer =>.Razer
O43 - CFD: 16/12/2013 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 13/06/2017 - [] AD -- C:\Program Files (x86)\Samsung Magician =>.Samsung Electronics
O43 - CFD: 15/06/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\Program Files (x86)\Steam =>.Steam Games
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files (x86)\TeamViewer =>.TeamViewer GmbH®
O43 - CFD: 05/06/2017 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 12/09/2016 - [] D -- C:\Program Files (x86)\VB =>.Vincent Burel®
O43 - CFD: 16/12/2013 - [] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\VulkanRT =>.LunarG, Inc
O43 - CFD: 26/10/2016 - [] AD -- C:\Program Files (x86)\Warcraft Logs Uploader =>.Games Software
O43 - CFD: 31/12/2015 - [] AD -- C:\Program Files (x86)\WhoreCraft
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] SHD -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell =>.Microsoft Corporation
O43 - CFD: 23/12/2014 - [] D -- C:\Program Files (x86)\WinPcap =>.Riverbed Technology
O43 - CFD: 04/06/2016 - [] D -- C:\Program Files (x86)\WonderFox Soft =>.E-Mig Technology, Inc.®
O43 - CFD: 16/06/2017 - [] AD -- C:\Program Files (x86)\World of Warcraft =>.Blizzard Entertainment
O43 - CFD: 16/06/2017 - [] D -- C:\Program Files (x86)\Zemana AntiMalware =>.Zemana
O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 13/06/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 10/05/2017 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings =>.Samsung Electronics
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS =>.ASUS
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net =>.Games Software
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beats by Dr. Dre
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID =>.CPUID Inc
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA =>.Electronic Arts, Inc.
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESEA
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Cutter
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps =>.Fraps Games
O43 - CFD: 05/06/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoldWave =>.GoldWave Inc.
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive =>.Google Inc.
O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes =>.Apple Inc.
O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 18/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 16/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes =>.Malwarebytes
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble =>.Mumble
O43 - CFD: 06/06/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite =>.Symantec Corporation
O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio =>.OBS Studio
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch =>.Blizzard Entertainment
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server =>.PS3 Media Server
O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice
O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician =>.Samsung Electronics
O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy =>.Piriform
O43 - CFD: 05/06/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries =>.SteelSeries
O43 - CFD: 18/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client =>.TeamSpeak
O43 - CFD: 13/09/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoreCraft
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap =>.Riverbed Technology
O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft =>.Blizzard Entertainment
O43 - CFD: 16/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware =>.Zemana
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 =>.GEAR Software, Inc.
O43 - CFD: 13/09/2014 - [] D -- C:\ProgramData\Acoustica =>.Acoustica
O43 - CFD: 12/04/2015 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 25/04/2014 - [] D -- C:\ProgramData\altPUG
O43 - CFD: 11/06/2017 - [] D -- C:\ProgramData\Apowersoft =>.Apowersoft
O43 - CFD: 29/01/2014 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 29/01/2014 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 05/06/2017 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 14/05/2017 - [] D -- C:\ProgramData\APRP =>.APRP
O43 - CFD: 31/12/2015 - [] D -- C:\ProgramData\Battle.net =>.Games Software
O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\BitRaider =>.BitRaider
O43 - CFD: 15/11/2016 - [] D -- C:\ProgramData\Blizzard Entertainment =>.Blizzard Entertainment
O43 - CFD: 13/10/2015 - [] D -- C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 22/08/2014 - [] D -- C:\ProgramData\Celavimus
O43 - CFD: 13/09/2014 - [] D -- C:\ProgramData\Celemony Software GmbH =>.Celemony Software GmbH
O43 - CFD: 10/03/2016 - [0] D -- C:\ProgramData\Colasoft Capsa 8 Free
O43 - CFD: 16/07/2016 - [0] D -- C:\ProgramData\Comms =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 17/12/2013 - [] D -- C:\ProgramData\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 24/09/2015 - [] D -- C:\ProgramData\EA Core =>.Electronic Arts, Inc.
O43 - CFD: 24/09/2015 - [] D -- C:\ProgramData\EA Logs =>.Electronic Arts, Inc.
O43 - CFD: 24/09/2015 - [] D -- C:\ProgramData\Electronic Arts =>.Electronic Arts
O43 - CFD: 05/06/2017 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 14/04/2017 - [] D -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 14/04/2017 - [] D -- C:\ProgramData\Intel Telemetry =>.Intel Corporation
O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Licenses =>.Microsoft Corporation
O43 - CFD: 11/02/2016 - [] D -- C:\ProgramData\LogiShrd =>.Logitech Inc.
O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Logs =>.ABBYY Software
O43 - CFD: 16/06/2017 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 11/10/2015 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 05/06/2017 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\Microsoft OneDrive =>.Microsoft Corporation
O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\NCH Software =>.NCH Software
O43 - CFD: 17/03/2017 - [] D -- C:\ProgramData\Norton =>.Symantec Corporation
O43 - CFD: 16/12/2013 - [] D -- C:\ProgramData\NortonInstaller =>.Symantec
O43 - CFD: 16/06/2017 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 03/12/2014 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 10/04/2017 - [] D -- C:\ProgramData\Origin =>.Electronic Arts, Inc.
O43 - CFD: 14/04/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Paessler =>.Paessler
O43 - CFD: 25/04/2017 - [] D -- C:\ProgramData\PMS =>.PMS
O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Razer =>.Razer
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\RogueKiller =>.Adlice
O43 - CFD: 13/06/2017 - [] D -- C:\ProgramData\Samsung =>.Samsung Electronics
O43 - CFD: 18/08/2014 - [] D -- C:\ProgramData\Screaming Bee =>.Screaming Bee
O43 - CFD: 15/06/2017 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 18/03/2017 - [0] D -- C:\ProgramData\SoftwareDistribution =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 23/09/2015 - [] D -- C:\ProgramData\SteelSeries =>.SteelSeries
O43 - CFD: 28/02/2014 - [] D -- C:\ProgramData\Sun =>.Oracle
O43 - CFD: 02/10/2015 - [0] AD -- C:\ProgramData\TEMP =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\USOPrivate =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\ProgramData\USOShared =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\ProgramData\WindowsHolographicDevices
O43 - CFD: 14/08/2015 - [] D -- C:\ProgramData\Wondershare =>.Wondershare
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc.
O43 - CFD: 22/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Apple =>.Apple Inc.
O43 - CFD: 13/06/2017 - [] D -- C:\Program Files (x86)\Common Files\BattlEye =>.BattlEye
O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Common Files\BioWare =>.BioWare
O43 - CFD: 18/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Blizzard Entertainment =>.Blizzard Entertainment
O43 - CFD: 02/10/2015 - [0] D -- C:\Program Files (x86)\Common Files\Colasoft Shared
O43 - CFD: 06/06/2017 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 30/11/2015 - [0] HD -- C:\Program Files (x86)\Common Files\EAInstaller =>.Electronic Arts, Inc.
O43 - CFD: 12/05/2017 - [] D -- C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 15/06/2017 - [] D -- C:\Program Files (x86)\Common Files\Java =>.Oracle
O43 - CFD: 21/11/2016 - [] AD -- C:\Program Files (x86)\Common Files\logishrd =>.Logitech Inc.
O43 - CFD: 06/06/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared =>.Microsoft Corporation
O43 - CFD: 18/08/2014 - [] D -- C:\Program Files (x86)\Common Files\Screaming Bee =>.Screaming Bee
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 15/06/2017 - [] AD -- C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 05/06/2017 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 12/06/2017 - [] D -- C:\Program Files (x86)\Common Files\Steam =>.Steam Games
O43 - CFD: 15/03/2017 - [] D -- C:\Program Files (x86)\Common Files\Symantec Shared =>.Symantec Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 14/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Wondershare =>.Wondershare
O43 - CFD: 13/09/2014 - [] D -- C:\Users\Motion\AppData\Roaming\Acoustica =>.Acoustica
O43 - CFD: 12/04/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 11/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Apowersoft =>.Apowersoft
O43 - CFD: 21/09/2014 - [] D -- C:\Users\Motion\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 25/09/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Audacity =>.Audacity
O43 - CFD: 14/08/2015 - [] D -- C:\Users\Motion\AppData\Roaming\avidemux =>.Mean
O43 - CFD: 25/01/2014 - [] D -- C:\Users\Motion\AppData\Roaming\Avnex
O43 - CFD: 17/05/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Battle.net =>.Games Software
O43 - CFD: 14/08/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Boilsoft =>.Boilsoft
O43 - CFD: 02/10/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Colasoft MAC Scanner
O43 - CFD: 02/10/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Colasoft Packet Player
O43 - CFD: 02/10/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Colasoft Ping Tool
O43 - CFD: 12/04/2015 - [] D -- C:\Users\Motion\AppData\Roaming\com.warcraft.logs =>.Games Software
O43 - CFD: 12/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\discord =>.GitHub
O43 - CFD: 23/12/2014 - [] D -- C:\Users\Motion\AppData\Roaming\DonationCoder =>.Mouser
O43 - CFD: 05/03/2016 - [] D -- C:\Users\Motion\AppData\Roaming\dvdcss =>.VideoLan Team
O43 - CFD: 14/08/2015 - [] D -- C:\Users\Motion\AppData\Roaming\EasiestSoft =>.EasiestSoft International LLC
O43 - CFD: 28/02/2014 - [] D -- C:\Users\Motion\AppData\Roaming\freecorder
O43 - CFD: 25/09/2015 - [] D -- C:\Users\Motion\AppData\Roaming\GoldWave =>.GoldWave Inc.
O43 - CFD: 18/10/2014 - [] D -- C:\Users\Motion\AppData\Roaming\Hyperdesktop
O43 - CFD: 16/12/2013 - [] D -- C:\Users\Motion\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 11/02/2016 - [] D -- C:\Users\Motion\AppData\Roaming\Leadertech =>.Leadertech Systems
O43 - CFD: 28/11/2014 - [] D -- C:\Users\Motion\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Motion\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] SD -- C:\Users\Motion\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/06/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 02/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Mumble =>.Mumble
O43 - CFD: 13/09/2014 - [] D -- C:\Users\Motion\AppData\Roaming\Music Recognition
O43 - CFD: 24/12/2013 - [] D -- C:\Users\Motion\AppData\Roaming\NCH Software =>.NCH Software
O43 - CFD: 20/05/2017 - [] D -- C:\Users\Motion\AppData\Roaming\NVIDIA =>.nVidia Corporation
O43 - CFD: 14/04/2017 - [] D -- C:\Users\Motion\AppData\Roaming\OBS =>.OBS
O43 - CFD: 07/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\obs-studio =>.OBS-Studio
O43 - CFD: 16/11/2014 - [] D -- C:\Users\Motion\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 09/06/2016 - [] D -- C:\Users\Motion\AppData\Roaming\Origin =>.Electronic Arts, Inc.
O43 - CFD: 23/01/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Screaming Bee =>.Screaming Bee
O43 - CFD: 15/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Skype =>.Skype
O43 - CFD: 16/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Spotify =>.Spotify
O43 - CFD: 25/12/2013 - [] D -- C:\Users\Motion\AppData\Roaming\SteelSeries =>.SteelSeries
O43 - CFD: 15/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\steelseries-engine-3-client =>.Legitimate
O43 - CFD: 15/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 13/09/2014 - [0] D -- C:\Users\Motion\AppData\Roaming\SynthMaker
O43 - CFD: 09/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 13/10/2015 - [] D -- C:\Users\Motion\AppData\Roaming\Tera_Awesomium
O43 - CFD: 09/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\TS3Client =>.TeamSpeak
O43 - CFD: 03/03/2016 - [] D -- C:\Users\Motion\AppData\Roaming\Ventrilo
O43 - CFD: 11/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 18/12/2013 - [] D -- C:\Users\Motion\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 16/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 05/03/2016 - [0] D -- C:\Users\Motion\AppData\Local\ActiveSync =>.Microsoft Corporation
O43 - CFD: 11/10/2015 - [] D -- C:\Users\Motion\AppData\Local\Adobe =>.Adobe
O43 - CFD: 25/04/2014 - [] D -- C:\Users\Motion\AppData\Local\altPUG_LLC
O43 - CFD: 12/05/2017 - [] D -- C:\Users\Motion\AppData\Local\AMD =>.AMD
O43 - CFD: 29/01/2014 - [] D -- C:\Users\Motion\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 29/01/2014 - [] D -- C:\Users\Motion\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Motion\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 16/12/2013 - [] D -- C:\Users\Motion\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 16/06/2017 - [] D -- C:\Users\Motion\AppData\Local\Battle.net =>.Games Software
O43 - CFD: 05/05/2017 - [] D -- C:\Users\Motion\AppData\Local\Beats
O43 - CFD: 03/04/2016 - [] D -- C:\Users\Motion\AppData\Local\BetterDS3
O43 - CFD: 12/03/2014 - [] D -- C:\Users\Motion\AppData\Local\Blizzard =>.Blizzard
O43 - CFD: 16/12/2013 - [] D -- C:\Users\Motion\AppData\Local\Blizzard Entertainment =>.Blizzard Entertainment
O43 - CFD: 04/07/2015 - [] D -- C:\Users\Motion\AppData\Local\CEF =>.CEF
O43 - CFD: 28/12/2016 - [] D -- C:\Users\Motion\AppData\Local\Chromium =>.Chromium
O43 - CFD: 30/07/2015 - [] D -- C:\Users\Motion\AppData\Local\Comms =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Local\ConnectedDevicesPlatform =>.Microsoft Corporation
O43 - CFD: 13/06/2017 - [] D -- C:\Users\Motion\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 29/02/2016 - [] D -- C:\Users\Motion\AppData\Local\CrashReportClient
O43 - CFD: 18/03/2017 - [] D -- C:\Users\Motion\AppData\Local\Daybreak Game Company =>.Daybreak Game Company
O43 - CFD: 08/06/2017 - [0] D -- C:\Users\Motion\AppData\Local\DBG =>.DBG
O43 - CFD: 30/05/2017 - [0] D -- C:\Users\Motion\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 11/01/2017 - [] D -- C:\Users\Motion\AppData\Local\Discord =>.GitHub
O43 - CFD: 29/05/2017 - [] D -- C:\Users\Motion\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 26/12/2016 - [0] D -- C:\Users\Motion\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 15/07/2015 - [0] SHD -- C:\Users\Motion\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
O43 - CFD: 15/07/2015 - [0] SHD -- C:\Users\Motion\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
O43 - CFD: 15/07/2015 - [0] SHD -- C:\Users\Motion\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
O43 - CFD: 29/09/2014 - [] D -- C:\Users\Motion\AppData\Local\GamersFirst =>.GamersFirst
O43 - CFD: 28/10/2016 - [] D -- C:\Users\Motion\AppData\Local\Google =>.Google
O43 - CFD: 31/05/2015 - [] D -- C:\Users\Motion\AppData\Local\GWX =>.GWX
O43 - CFD: 29/05/2017 - [] D -- C:\Users\Motion\AppData\Local\Haste
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Motion\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 12/05/2017 - [] D -- C:\Users\Motion\AppData\Local\iTunes =>.Apple Inc.
O43 - CFD: 28/02/2014 - [] D -- C:\Users\Motion\AppData\Local\Jaksta_Technologies_Pty_L
O43 - CFD: 11/02/2016 - [] D -- C:\Users\Motion\AppData\Local\Logitech® Webcam Software =>.Logitech Inc.
O43 - CFD: 11/10/2015 - [] D -- C:\Users\Motion\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 11/06/2017 - [] D -- C:\Users\Motion\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 06/10/2016 - [0] D -- C:\Users\Motion\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 12/12/2015 - [] D -- C:\Users\Motion\AppData\Local\MicrosoftEdge =>.Microsoft Corporation
O43 - CFD: 26/12/2014 - [] D -- C:\Users\Motion\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 14/06/2017 - [] D -- C:\Users\Motion\AppData\Local\NPE =>.NPE
O43 - CFD: 12/05/2017 - [] D -- C:\Users\Motion\AppData\Local\NVIDIA =>.nVidia Corporation
O43 - CFD: 22/05/2017 - [] D -- C:\Users\Motion\AppData\Local\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 29/02/2016 - [] D -- C:\Users\Motion\AppData\Local\OST_Game
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Local\Packages =>.Microsoft Corporation
O43 - CFD: 02/08/2015 - [0] D -- C:\Users\Motion\AppData\Local\PeerDistRepub =>.Microsoft Corporation
O43 - CFD: 16/12/2013 - [] D -- C:\Users\Motion\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 30/07/2015 - [] D -- C:\Users\Motion\AppData\Local\Publishers =>.Microsoft Corporation
O43 - CFD: 24/09/2015 - [] D -- C:\Users\Motion\AppData\Local\PunkBuster =>.PunkBuster Games
O43 - CFD: 24/01/2014 - [] D -- C:\Users\Motion\AppData\Local\Razer =>.Razer
O43 - CFD: 18/03/2017 - [] D -- C:\Users\Motion\AppData\Local\SCE =>.SCE
O43 - CFD: 24/04/2016 - [0] D -- C:\Users\Motion\AppData\Local\Skype =>.Skype
O43 - CFD: 21/04/2017 - [] D -- C:\Users\Motion\AppData\Local\Spotify =>.Spotify
O43 - CFD: 05/06/2016 - [] D -- C:\Users\Motion\AppData\Local\SquirrelTemp =>.Squirrels
O43 - CFD: 31/10/2015 - [] D -- C:\Users\Motion\AppData\Local\StarParse
O43 - CFD: 28/12/2016 - [] D -- C:\Users\Motion\AppData\Local\Steam =>.Steam Games
O43 - CFD: 25/12/2013 - [] D -- C:\Users\Motion\AppData\Local\SteelSeries_ApS
O43 - CFD: 30/09/2015 - [] D -- C:\Users\Motion\AppData\Local\SWTOR =>.Electronic Arts, Inc.
O43 - CFD: 20/12/2013 - [] D -- C:\Users\Motion\AppData\Local\SWTORPerf =>.Electronic Arts, Inc.
O43 - CFD: 12/01/2017 - [] D -- C:\Users\Motion\AppData\Local\TeamSpeak 3 =>.TeamSpeak
O43 - CFD: 16/06/2017 - [] D -- C:\Users\Motion\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Motion\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 22/05/2015 - [] D -- C:\Users\Motion\AppData\Local\TERA =>.Gameforge Productions GmbH
O43 - CFD: 29/05/2017 - [] D -- C:\Users\Motion\AppData\Local\Thalonet,_Inc._dba_Haste
O43 - CFD: 30/07/2015 - [] D -- C:\Users\Motion\AppData\Local\TileDataLayer =>.Microsoft Corporation
O43 - CFD: 23/03/2017 - [] D -- C:\Users\Motion\AppData\Local\TslGame
O43 - CFD: 03/05/2017 - [] D -- C:\Users\Motion\AppData\Local\UNP =>.Microsoft Corporation
O43 - CFD: 10/03/2017 - [] D -- C:\Users\Motion\AppData\Local\UnrealEngine =>.Unreal Software
O43 - CFD: 24/02/2017 - [] D -- C:\Users\Motion\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 06/11/2014 - [] D -- C:\Users\Motion\AppData\Local\WC43
O43 - CFD: 14/08/2015 - [] D -- C:\Users\Motion\AppData\Local\Wondershare =>.Wondershare
O43 - CFD: 16/06/2017 - [] D -- C:\Users\Motion\AppData\Local\Zemana =>.Zemana
O43 - CFD: 16/06/2017 - [] D -- C:\Users\Motion\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 16/12/2013 - [0] D -- C:\Users\Motion\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] RD -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] RD -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 13/06/2017 - [] RD -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 12/05/2017 - [0] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS =>.ASUS
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESEA
O43 - CFD: 04/08/2015 - [0] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst =>.GamersFirst
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc =>.Hammer & Chisel, Inc
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ixale =>.Ixale
O43 - CFD: 18/03/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parsec
O43 - CFD: 13/06/2017 - [] RD -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 11/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam =>.Steam Games
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries =>.SteelSeries
O43 - CFD: 18/03/2017 - [] RD -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools =>.Microsoft Corporation
O43 - CFD: 13/09/2016 - [0] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhoreCraft
O43 - CFD: 18/03/2017 - [] RD -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell =>.Microsoft Corporation
O43 - CFD: 15/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 05/06/2017 - [] D -- C:\Users\Motion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 03/08/2016 - [] D -- C:\Users\Default\AppData\Local\Google =>.Google
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 06/06/2017 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 03/08/2016 - [] D -- C:\Users\Default User\AppData\Local\Google =>.Google
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 06/06/2017 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 18/03/2017 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 05/06/2017 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 16/06/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Zemana =>.Zemana

---\\ ShellIconOverlayIdentifiers (SIOI) (9) - 0s
O106 - SIOI: OverlayExcluded Class [ OverlayExcluded] - {4433A54A-1AC8-432F-90FC-85F045CF383C}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\BuShell.dll =>.Symantec Corporation®
O106 - SIOI: OverlayPending Class [ OverlayPending] - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\BuShell.dll =>.Symantec Corporation®
O106 - SIOI: OverlayProtected Class [ OverlayProtected] - {476D0EA3-80F9-48B5-B70B-05E677C9C148}. (.Symantec Corporation - Backup Shell.) -- C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\BuShell.dll =>.Symantec Corporation®
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Motion\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll =>.Microsoft Windows®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Motion\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll =>.Microsoft Windows®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Motion\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll =>.Microsoft Windows®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Motion\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll =>.Microsoft Windows®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Motion\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll =>.Microsoft Windows®
O106 - SIOI: ReadOnlyOverlayHandler Class [ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Motion\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll =>.Microsoft Windows®

---\\ Image File Execution Options (18) - 1s
O50 - IFEO:C:\Windows\System32\cscript.exe - (.Microsoft Corporation - Microsoft ® Console Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\dllhost.exe - (.Microsoft Corporation - COM Surrogate.) [DisableExceptionChainValidation\\3] =>.Microsoft Windows®
O50 - IFEO:C:\WINDOWS\System32\drvinst.exe - (.Microsoft Corporation - Driver Installation Module.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\ie4uinit.exe - (.Microsoft Corporation - IE Per-User Initialization Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\ieUnatt.exe - (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mmc.exe - (.Microsoft Corporation - Microsoft Management Console.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\MRT.exe - (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) [CFGOptions\\1] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\msfeedssync.exe - (.Microsoft Corporation - Microsoft Feeds Synchronization.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\mshta.exe - (.Microsoft Corporation - Microsoft (R) HTML Application host.) [MitigationOptions\\256] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\PresentationHost.exe - (.Microsoft Corporation - Windows Presentation Foundation Host.) [MitigationOptions\\1118481] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\PrintIsolationHost.exe - (.Microsoft Corporation - PrintIsolationHost.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\rundll32.exe - (.Microsoft Corporation - Windows host process (Rundll32).) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\runtimebroker.exe - (.Microsoft Corporation - Runtime Broker.) [MitigationOptions\\4294967296] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\searchprotocolhost.exe - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation
O50 - IFEO:C:\WINDOWS\System32\spoolsv.exe - (.Microsoft Corporation - Spooler SubSystem App.) [MitigationOptions\\2097152] =>.Microsoft Corporation
O50 - IFEO:C:\Windows\System32\svchost.exe - (.Microsoft Corporation - Host Process for Windows Services.) [MinimumStackCommitInBytes\\32768] =>.Microsoft Windows Publisher®
O50 - IFEO:C:\Windows\System32\wscript.exe - (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) [DisableExceptionChainValidation\\3] =>.Microsoft Corporation

---\\ System Drivers List (85) - 7s
O58 - SDL:2017/03/18 16:56:25 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107424] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135512] =>.Microsoft Windows®
O58 - SDL:2016/08/18 08:41:28 A . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\WINDOWS\System32\drivers\amdkmafd.sys [49448] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2017/03/18 16:56:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83352] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259488] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [27040] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [132000] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2017/03/18 16:56:23 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533920] =>.Microsoft Windows®
O58 - SDL:2014/08/15 13:05:08 A . (.Colasoft Co., Ltd. - Colasoft NDIS 5.0 Protocol Driver (x64).) -- C:\WINDOWS\System32\drivers\Capsax64Drv0.sys [35976] {546238AAF85123614B318B058F770856} =>.Colasoft Co., Ltd.
O58 - SDL:2014/08/15 13:05:08 A . (.Colasoft Co., Ltd. - Colasoft NDIS 5.0 Protocol Driver (x64).) -- C:\WINDOWS\System32\drivers\Capsax64Drv1.sys [35976] {546238AAF85123614B318B058F770856} =>.Colasoft Co., Ltd.
O58 - SDL:2014/08/15 13:05:08 A . (.Colasoft Co., Ltd. - Colasoft NDIS 5.0 Protocol Driver (x64).) -- C:\WINDOWS\System32\drivers\Capsax64Drv2.sys [35976] {546238AAF85123614B318B058F770856} =>.Colasoft Co., Ltd.
O58 - SDL:2014/08/15 13:05:08 A . (.Colasoft Co., Ltd. - Colasoft NDIS 5.0 Protocol Driver (x64).) -- C:\WINDOWS\System32\drivers\Capsax64Drv3.sys [35976] {546238AAF85123614B318B058F770856} =>.Colasoft Co., Ltd.
O58 - SDL:2017/03/18 16:56:25 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [102816] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [347032] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [2104224] =>.Microsoft Windows®
O58 - SDL:2012/10/24 14:49:46 A . (.Colasoft Co., Ltd. - Colasoft NDIS 5.0 Protocol Driver (x64).) -- C:\WINDOWS\System32\drivers\CSN5PDTS82x64.sys [34840] {6FF4F921A6FC0B39F2B5B38CA60C1453} =>.Colasoft Co., Ltd.
O58 - SDL:2017/03/18 16:56:23 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3419040] =>.Microsoft Windows®
O58 - SDL:2017/06/16 13:31:30 A . (.Malwarebytes - Malwarebytes Anti-Ransomware Protection.) -- C:\WINDOWS\System32\drivers\farflt.sys [113592] =>.Malwarebytes Corporation®
O58 - SDL:2012/08/21 14:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [33240] =>.GEAR Software Inc.®
O58 - SDL:2017/03/18 16:56:25 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64416] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation
O58 - SDL:2017/03/18 16:56:28 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [70656] =>.Intel Corporation
O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504] =>.Intel Corporation
O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165376] =>.Intel Corporation
O58 - SDL:2017/03/18 16:56:28 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448] =>.Intel Corporation
O58 - SDL:2017/03/18 16:56:23 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2017/03/18 16:56:19 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2017/03/18 16:56:26 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673184] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412064] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526240] =>.Microsoft Windows®
O58 - SDL:2015/05/18 10:45:24 N . (.ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) -- C:\WINDOWS\System32\drivers\IOMap64.sys [24824] =>.ASUSTeK Computer Inc.®
O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108960] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [123808] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [103328] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82848] =>.Microsoft Windows®
O58 - SDL:2016/02/11 18:01:54 A . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Dr.) -- C:\WINDOWS\System32\drivers\lvrs64.sys [351520] =>.Logitech, Inc.®
O58 - SDL:2012/10/22 22:13:10 A . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\System32\drivers\lvuvc64.sys [4758176] =>.Logitech, Inc.®
O58 - SDL:2017/05/25 11:58:02 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\mbae64.sys [77376] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/16 13:31:25 A . (.Malwarebytes - Malwarebytes Real-Time Protection.) -- C:\WINDOWS\System32\drivers\mbam.sys [44960] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/16 13:31:38 A . (.Malwarebytes - Malwarebytes Chameleon.) -- C:\WINDOWS\System32\drivers\MBAMChameleon.sys [188312] =>.Malwarebytes Corporation®
O58 - SDL:2017/06/16 13:31:17 A . (.Malwarebytes - Malwarebytes SwissArmy.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [252832] =>.Malwarebytes Corporation®
O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59808] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [64416] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575904] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842656] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63904] =>.Microsoft Windows®
O58 - SDL:2017/06/16 13:34:46 A . (.Malwarebytes - Malwarebytes Web Protection.) -- C:\WINDOWS\System32\drivers\mwac.sys [93600] =>.Malwarebytes Corporation®
O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108960] =>.Microsoft Windows®
O58 - SDL:2013/02/28 21:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [36600] =>.Riverbed Technology, Inc.®
O58 - SDL:2017/06/07 21:45:45 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\WINDOWS\System32\drivers\nvhda64v.sys [218712] =>.NVIDIA Corporation®
O58 - SDL:2017/03/18 16:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150432] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166304] =>.Microsoft Windows®
O58 - SDL:2017/05/03 16:21:29 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad64v.sys [48248] =>.NVIDIA Corporation®
O58 - SDL:2017/05/18 03:35:05 A . (.NVIDIA Corporation - Virtual USB Host Controller driver.) -- C:\WINDOWS\System32\drivers\nvvhci.sys [57792] =>.NVIDIA Corporation®
O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58784] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61848] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:26 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [604160] =>.Realtek
O58 - SDL:2015/06/24 22:57:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4504320] =>.Realtek Semiconductor Corp®
O58 - SDL:2013/12/10 20:14:26 A . (.Razer, Inc. - Razer Ovrlay Support.) -- C:\WINDOWS\System32\drivers\RzDxgk.sys [129472] =>.Razer Inc.®
O58 - SDL:2013/12/10 20:14:26 A . (.Razer, Inc. - Kernel-mode user input redirection driver.) -- C:\WINDOWS\System32\drivers\RzFilter.sys [74432] =>.Razer Inc.®
O58 - SDL:2013/05/31 10:19:10 A . (.SteelSeries Corporation - SteelSeries HID Driver.) -- C:\WINDOWS\System32\drivers\SAlpham64.sys [38016] =>.SteelSeries Corporation
O58 - SDL:2014/02/07 13:17:24 A . (.Screaming Bee LLC - Screaming Bee Audio Driver.) -- C:\WINDOWS\System32\drivers\ScreamingBAudio64.sys [38992] =>.Screaming Bee LLC®
O58 - SDL:2017/03/18 16:56:26 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\SDFRd.sys [31128] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44960] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81824] =>.Microsoft Windows®
O58 - SDL:2017/04/06 12:03:24 A . (.SteelSeries ApS - SteelSeries Device Factory Driver.) -- C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440] =>.SteelSeries ApS®
O58 - SDL:2017/05/12 14:48:06 A . (.SteelSeries ApS - SteelSeries HID Driver.) -- C:\WINDOWS\System32\drivers\sshid.sys [45896] =>.SteelSeries ApS®
O58 - SDL:2013/10/30 12:15:32 A . (.SteelSeries Corporation - SteelSeries Bus Enumerator.) -- C:\WINDOWS\System32\drivers\SteelBus64.sys [140800] =>.SteelSeries Corporation
O58 - SDL:2017/03/18 16:56:25 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31136] =>.Microsoft Windows®
O58 - SDL:2017/03/15 17:18:51 A . (.Symantec Corporation - Symantec Event Library.) -- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS [102608] =>.Symantec Corporation®
O58 - SDL:2016/04/21 05:10:04 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2017/06/15 12:22:25 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\TrueSight.sys [28272] =>.Adlice®
O58 - SDL:2015/06/17 18:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc.
O58 - SDL:2016/09/12 23:57:29 A . (.Windows (R) Win 7 DDK provider - VB Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win7.sys [41192] =>.Vincent Burel®
O58 - SDL:2008/12/26 13:56:04 A . (.Avnex - Avnex Ltd. Virtual Audio Device (WDM).) -- C:\WINDOWS\System32\drivers\vcsvad.sys [21504]
O58 - SDL:2010/02/15 23:07:14 A . (.Eugene V. Muzychenko - Kernel-mode WDM driver.) -- C:\WINDOWS\System32\drivers\vrtaucbl.sys [66728] =>.NTONYX Ltd.®
O58 - SDL:2017/03/18 16:56:25 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166816] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305568] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32160] =>.Microsoft Windows®
O58 - SDL:2017/03/18 16:56:25 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64920] =>.Microsoft Windows®
O58 - SDL:2015/10/02 21:53:24 A . (.Authors - .) -- C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [35344] =>.CACE Technologies, Inc.®
O58 - SDL:2017/06/16 13:39:26 A . (.Zemana Ltd. - ZAM.) -- C:\WINDOWS\System32\drivers\zam64.sys [203680] =>.Zemana Ltd.®
O58 - SDL:2017/06/16 13:39:26 A . (.Zemana Ltd. - ZAM.) -- C:\WINDOWS\System32\drivers\zamguard64.sys [203680] =>.Zemana Ltd.®

---\\ Last modified or created user files (1) - 3s
O61 - LFC: 2017/06/11 20:28:31 A . (..) -- C:\Users\Motion\AppData\Roaming\Apowersoft\ApowersoftVideoHelper.dll [7744415]

---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (4) - 4s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com

---\\ Search Svchost Services (48) - 0s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [189952] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [303616] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1269248] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [934912] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [996864] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [138752] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [150016] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [108032] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [877568] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [221696] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [133120] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [413696] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [385536] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [91648] =>.Microsoft Corporation
O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [192512] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1135104] =>.Microsoft Corporation
O83 - Search Svchost Services: NaturalAuthentication (NaturalAuthentication) . (.Microsoft Corporation - Natural Authentication Service.) -- C:\WINDOWS\System32\NaturalAuth.dll [723968] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2155008] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [877568] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [1013248] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [536064] =>.Microsoft Corporation
O83 - Search Svchost Services: xbgm (xbgm) . (.Microsoft Corporation - Xbox Game Monitoring Service.) -- C:\WINDOWS\System32\xbgmsvc.dll [301216] =>.Microsoft Windows Publisher®
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: TokenBroker (TokenBroker) . (.Microsoft Corporation - Token Broker.) -- C:\Windows\System32\TokenBroker.dll [1054208] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\WINDOWS\System32\lfsvc.dll [43520] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\System32\irmon.dll [24576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [104448] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [871936] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [490496] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [69632] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [537600] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [306688] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2443776] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1159680] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [612864] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [55296] =>.Microsoft Corporation
O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\WINDOWS\system32\flightsettings.dll [699904] =>.Microsoft Corporation
O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\system32\WpnService.dll [276480] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [385536] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1067008] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [681984] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [261632] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [233984] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167424] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxGipSvc (XboxGipSvc) . (.Microsoft Corporation - Xbox Gip Management Service.) -- C:\WINDOWS\System32\XboxGipSvc.dll [18944] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [196096] =>.Microsoft Corporation

---\\ Additional Scan (O88) (2) - 1s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect

---\\ Summary of the elements found (1) - 0s
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect

~ Unselected Options:
~ End of the scan, 54835 items in 02mn37s (1233)(0)

Report ZHPFix 2015.10.19.9 by Nicolas Coolman, the Update 19/10/2015
Registry export file:
Run by Motion at 6/18/2017 6:33:52 PM
High Elevated Privileges : OK
Windows 8 Business Edition, 64-bit Service Pack 1 (15063)

Recycle Bin emptied (06mn AMs)

========== Software ==========
REMOVES: ASUS Product Register Program
REMOVES: Java 7 Update 71

========== Memory modules ==========
REMOVES Reboot: Memory Module: C:\WINDOWS\system32\dmwappushsvc.dll

========== Registry keys ==========
REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}]
REMOVES: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217051FF}]
REMOVES: Service: PnkBstrA
REMOVES: HKCU\SOFTWARE\Chromium
REMOVES: Services Svchost: dmwappushservice
REMOVES: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

========== Registry values ==========
ProxyFix : Proxy configuration successfully removed
REMOVES ProxyServer Value
REMOVES ProxyEnable Value
REMOVES EnableHttp1_1 Value
REMOVES ProxyHttp1.1 Value
REMOVES ProxyOverride Value

========== Preferences browser ==========
NOW Chrome File: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://ajax.googleapis.com
NOW Chrome File: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://apis.google.com
NOW Chrome File: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://clients5.google.com
NOW Chrome File: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://lh3.googleusercontent.com
NOW Chrome File: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://ogs.google.com
NOW Chrome File: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://ssl.gstatic.com
NOW Chrome File: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://www.gstatic.com
REMOVES Folder Chrome: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn

========== Folders ==========
No folders empty CLSID Local user
REMOVES: C:\Users\Motion\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn
REMOVES: C:\ProgramData\McAfee
REMOVES: C:\ProgramData\Intel Telemetry
REMOVES: C:\Users\Motion\AppData\Local\Chromium
REMOVES: C:\Users\Motion\AppData\Local\GWX
Deletes temporary Windows (0)

========== Files ==========
REMOVES Flash Cookies (0) (0 octets)
Deletes temporary Windows (0) (0 octets)

========== System restore ==========
The system successfully created restore point


========== Summary ==========
1 : Memory modules
6 : Registry keys
6 : Registry values
7 : Folders
2 : Files
2 : Software
15 : Preferences browser
1 : System restore


End of clean in 46mn AMs

========== Path to file report ==========
C:\Users\Motion\AppData\Roaming\ZHP\ZHPFix[R1].txt - 6/18/2017 6:33:59 PM [3191]


Pierre13 restrictions Inspection Report (CTR 2.5.0.0 Version) 18 \ 06 \ 2017 6:36:33 p.m.
Motion PC
Microsoft Windows 10 Pro (64 bits) [10.0.15063]

Repair mistake made in 2203.

Checking presence restrictions

[TROJ_POWELIKS.B] deleted feature_browser_emulation key.
[BKDR_BLACKEN.A] corrected WarnOnClose key.
Sponsor Java installation license (x86) removed.
Sponsor Java installation license (x64) removed.
Viewing Recent Documents restriction removed.
Viewing Restriction deleted documents.
Background synchronization Restricting deleted information flows and Web Slices.
Restricting discovery of RSS feeds and Web Slices deleted.
Restriction UpperFilters Bluetooth deleted.
activated keypad.
User Restriction for Windows Installer removed.
Windows Update restored.
Windows Firewall Service enabled.
Windows Firewall settings when default and enabled.

240 controlled restrictions.

13 restriction (s) repaired (s).
Re boot the PC to take into account or repairs.


The report is on the desktop (C: \ Users \ Motion \ Desktop \ CTR.txt)

Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.17

Platform: x64 Windows 10 (Pro), 10.0.15063 (ReleaseId: 1703), Service Pack: 0
Time: 18.06.2017 - 18:40
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Motion (group: Administrator) on MOTION-PC

Chrome: 59.0.3071.86
Edge: 11.0.15063.332
Internet Explorer: 11.0.15063.0

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
6 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
2 C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\n360.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
2 C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe
1 C:\Users\Motion\Desktop\MemCompression
1 C:\Users\Motion\Desktop\hijackthis.exe
2 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
1 C:\Windows\SysWOW64\UStorSrv.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\mqsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
70 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: SuggestionsURL = http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&market={language}
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: SuggestionsURLFallback = http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&market={language}
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: TopResultURL = http://www.bing.com/search?q={searchTerms}&src=IE-TopResult&FORM=IETR02
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: TopResultURLFallback = http://www.bing.com/search?q={searchTerms}&src=IE-TopResult&FORM=IETR02
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: URL = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\coIEPlg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
O2-32 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O2-32 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2-32 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\coIEPlg.dll
O2-32 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\coIEPlg.dll
O3-32 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.9.4.8\coIEPlg.dll
O4 - Global User Startup: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Motion\AppData\Roaming\Spotify\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [Spotify] C:\Users\Motion\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized
O4 - HKLM\..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
O4 - HKLM\..\Run: [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe /minimized
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4-32 - HKLM\..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O17 - HKLM\System\CSS\Services\Tcpip\..\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: NameServer = 8.8.4.4
O17 - HKLM\System\CSS\Services\Tcpip\..\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: NameServer = 8.8.8.8
O17 - HKLM\System\ControlSet001\Services\Tcpip\..\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: NameServer = 8.8.4.4
O17 - HKLM\System\ControlSet001\Services\Tcpip\..\{847c0a9b-7e1c-4968-ad35-83173d8ea7bc}: NameServer = 8.8.8.8
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - C:\WINDOWS\system32\usoclient.exe ScanInstallWait
O22 - Task (Ready): Norton WSC Integration - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\WSCStub.exe /taskschd
O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\compattelrunner.exe
O22 - Task (Ready): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\WINDOWS\system32\compattelrunner.exe -maintenance
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O22 - Task (Ready): \Norton 360\Norton Security Suite Autofix - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\SymErr.exe /ui
O22 - Task (Ready): \Norton 360\Norton Security Suite Error Analyzer - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\SymErr.exe /analyze
O22 - Task (Ready): \Norton 360\Norton Security Suite Error Processor - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\SymErr.exe /submit
O22 - Task (Ready): \Remediation\AntimalwareMigrationTask - C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe /upgrade /user_logon
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service R2: Norton 360 - (N360) - C:\Program Files (x86)\Norton Security Suite\Engine\22.9.4.8\N360.exe
O23 - Service R2: TeamViewer 12 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: UStorage Server Service - C:\Windows\SysWOW64\UStorSrv.exe
O23 - Service R2: ZAM Controller Service - (ZAMSvc) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: BitRaider Mini-Support Service Stub Loader - (BRSptStub) - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service S3: iPod Service - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - Time spent: 9 sec. - 25880 bytes, CRC32: FFFFFFFF. Sign: ꫳ

Well the weird text disappearing has stopped but fps dropping is still a thing. Gonna play some more games today to see if it does it still with some others.

Ok I will do this once I get home!

Did a fresh install of the drivers, will see how it runs. Posting mini box below!

MiniToolBox by Farbar Version: 17-06-2016
Ran by Motion (administrator) on 20-06-2017 at 22:56:20
Running from "C:\Users\Motion\Downloads"
Microsoft Windows 10 Pro (X64)
Model: MS-7693 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Motion-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : D4-3D-7E-BF-72-EE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2601:584:c401:4090::2(Preferred)
Lease Obtained. . . . . . . . . . : Tuesday, June 20, 2017 10:30:26 PM
Lease Expires . . . . . . . . . . : Tuesday, June 20, 2017 10:57:11 PM
IPv6 Address. . . . . . . . . . . : 2601:584:c401:4090:5110:a862:a242:a85b(Preferred)
Temporary IPv6 Address. . . . . . : 2601:584:c401:4090:ad57:4d33:8842:bf89(Preferred)
Link-local IPv6 Address . . . . . : fe80::5110:a862:a242:a85b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 20, 2017 10:30:25 PM
Lease Expires . . . . . . . . . . : Tuesday, June 20, 2017 11:30:25 PM
Default Gateway . . . . . . . . . : fe80::d604:cdff:fef8:8840%10
192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 248790398
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-41-2D-9A-D4-3D-7E-BF-72-EE
DNS Servers . . . . . . . . . . . : 2001:4860:4860::8888
2001:4860:4860::8844
8.8.8.8
8.8.4.4
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: google-public-dns-a.google.com
Address: 2001:4860:4860::8888

Name: google.com
Addresses: 2607:f8b0:4008:802::200e
172.217.8.110


Pinging google.com [2607:f8b0:4008:802::200e] with 32 bytes of data:
Reply from 2607:f8b0:4008:802::200e: time=13ms
Reply from 2607:f8b0:4008:802::200e: time=12ms

Ping statistics for 2607:f8b0:4008:802::200e:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 13ms, Average = 12ms
Server: google-public-dns-a.google.com
Address: 2001:4860:4860::8888

Name: yahoo.com
Addresses: 2001:4998:44:204::a7
2001:4998:58:c02::a9
2001:4998:c:a06::2:4008
98.139.180.149
98.138.253.109
206.190.36.45


Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Reply from 2001:4998:44:204::a7: time=66ms
Reply from 2001:4998:44:204::a7: time=67ms

Ping statistics for 2001:4998:44:204::a7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 66ms, Maximum = 67ms, Average = 66ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...d4 3d 7e bf 72 ee ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.8 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.0.0 255.255.255.0 On-link 192.168.0.8 281
192.168.0.8 255.255.255.255 On-link 192.168.0.8 281
192.168.0.255 255.255.255.255 On-link 192.168.0.8 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.0.8 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.0.8 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 281 ::/0 fe80::d604:cdff:fef8:8840
1 331 ::1/128 On-link
10 281 2601:584:c401:4090::/60 fe80::d604:cdff:fef8:8840
10 281 2601:584:c401:4090::/64 On-link
10 281 2601:584:c401:4090::2/128
On-link
10 281 2601:584:c401:4090:5110:a862:a242:a85b/128
On-link
10 281 2601:584:c401:4090:ad57:4d33:8842:bf89/128
On-link
10 281 fe80::/64 On-link
10 281 fe80::5110:a862:a242:a85b/128
On-link
1 331 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/20/2017 10:31:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweakII.exe, version: 1.3.7.0, time stamp: 0x57c7d9f7
Faulting module name: Vender.dll, version: 1.1.5.8, time stamp: 0x57b428be
Exception code: 0xc000041d
Fault offset: 0x000106cb
Faulting process id: 0x2290
Faulting application start time: 0xGPUTweakII.exe0
Faulting application path: GPUTweakII.exe1
Faulting module path: GPUTweakII.exe2
Report Id: GPUTweakII.exe3
Faulting package full name: GPUTweakII.exe4
Faulting package-relative application ID: GPUTweakII.exe5

Error: (06/20/2017 10:30:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweakII.exe, version: 1.3.7.0, time stamp: 0x57c7d9f7
Faulting module name: Vender.dll, version: 1.1.5.8, time stamp: 0x57b428be
Exception code: 0xc0000005
Fault offset: 0x000106cb
Faulting process id: 0x2290
Faulting application start time: 0xGPUTweakII.exe0
Faulting application path: GPUTweakII.exe1
Faulting module path: GPUTweakII.exe2
Report Id: GPUTweakII.exe3
Faulting package full name: GPUTweakII.exe4
Faulting package-relative application ID: GPUTweakII.exe5

Error: (06/20/2017 10:10:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweakII.exe, version: 1.3.7.0, time stamp: 0x57c7d9f7
Faulting module name: Vender.dll, version: 1.1.5.8, time stamp: 0x57b428be
Exception code: 0xc000041d
Fault offset: 0x000106cb
Faulting process id: 0x2798
Faulting application start time: 0xGPUTweakII.exe0
Faulting application path: GPUTweakII.exe1
Faulting module path: GPUTweakII.exe2
Report Id: GPUTweakII.exe3
Faulting package full name: GPUTweakII.exe4
Faulting package-relative application ID: GPUTweakII.exe5

Error: (06/20/2017 10:10:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweakII.exe, version: 1.3.7.0, time stamp: 0x57c7d9f7
Faulting module name: Vender.dll, version: 1.1.5.8, time stamp: 0x57b428be
Exception code: 0xc0000005
Fault offset: 0x000106cb
Faulting process id: 0x2798
Faulting application start time: 0xGPUTweakII.exe0
Faulting application path: GPUTweakII.exe1
Faulting module path: GPUTweakII.exe2
Report Id: GPUTweakII.exe3
Faulting package full name: GPUTweakII.exe4
Faulting package-relative application ID: GPUTweakII.exe5

Error: (06/20/2017 10:03:16 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (06/20/2017 10:03:03 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f4f7c528-847b-420d-8dc7-d553506ddf99}

Error: (06/20/2017 09:53:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweakII.exe, version: 1.3.7.0, time stamp: 0x57c7d9f7
Faulting module name: Vender.dll, version: 1.1.5.8, time stamp: 0x57b428be
Exception code: 0xc000041d
Fault offset: 0x000106cb
Faulting process id: 0x207c
Faulting application start time: 0xGPUTweakII.exe0
Faulting application path: GPUTweakII.exe1
Faulting module path: GPUTweakII.exe2
Report Id: GPUTweakII.exe3
Faulting package full name: GPUTweakII.exe4
Faulting package-relative application ID: GPUTweakII.exe5

Error: (06/20/2017 09:52:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: GPUTweakII.exe, version: 1.3.7.0, time stamp: 0x57c7d9f7
Faulting module name: Vender.dll, version: 1.1.5.8, time stamp: 0x57b428be
Exception code: 0xc0000005
Fault offset: 0x000106cb
Faulting process id: 0x207c
Faulting application start time: 0xGPUTweakII.exe0
Faulting application path: GPUTweakII.exe1
Faulting module path: GPUTweakII.exe2
Report Id: GPUTweakII.exe3
Faulting package full name: GPUTweakII.exe4
Faulting package-relative application ID: GPUTweakII.exe5

Error: (06/20/2017 09:46:39 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (06/20/2017 09:46:27 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {00b56108-e9c9-42be-a0ef-b77f46b480f4}


System errors:
=============
Error: (06/20/2017 10:30:25 PM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (06/20/2017 10:30:24 PM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error:
%%50 = The request is not supported.


Error: (06/20/2017 10:15:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0248: NVIDIA - Display - 5/1/2017 12:00:00 AM - 22.21.13.8205.

Error: (06/20/2017 10:09:40 PM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (06/20/2017 10:09:38 PM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error:
%%50 = The request is not supported.


Error: (06/20/2017 10:09:02 PM) (Source: DCOM) (User: MOTION-PC)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/20/2017 10:08:48 PM) (Source: DCOM) (User: MOTION-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/20/2017 10:08:48 PM) (Source: DCOM) (User: MOTION-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/20/2017 10:08:48 PM) (Source: DCOM) (User: MOTION-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (06/20/2017 10:08:48 PM) (Source: DCOM) (User: MOTION-PC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


Microsoft Office Sessions:
=========================
Error: (06/20/2017 10:31:00 PM) (Source: Application Error)(User: )
Description: GPUTweakII.exe1.3.7.057c7d9f7Vender.dll1.1.5.857b428bec000041d000106cb229001d2ea3668c7530aC:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exeC:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll145b3f46-745a-4d81-8ad2-a733ee2f6a0c

Error: (06/20/2017 10:30:56 PM) (Source: Application Error)(User: )
Description: GPUTweakII.exe1.3.7.057c7d9f7Vender.dll1.1.5.857b428bec0000005000106cb229001d2ea3668c7530aC:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exeC:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll3a03ec13-c3ea-4232-abef-2d510f8fbdae

Error: (06/20/2017 10:10:12 PM) (Source: Application Error)(User: )
Description: GPUTweakII.exe1.3.7.057c7d9f7Vender.dll1.1.5.857b428bec000041d000106cb279801d2ea3382227eadC:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exeC:\Program Files (x86)\ASUS\GPU TweakII\Vender.dllb28b3f81-5990-4a62-bd0b-97e795dbe629

Error: (06/20/2017 10:10:10 PM) (Source: Application Error)(User: )
Description: GPUTweakII.exe1.3.7.057c7d9f7Vender.dll1.1.5.857b428bec0000005000106cb279801d2ea3382227eadC:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exeC:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll69063021-03cb-408c-9cb4-9b7bdbe01195

Error: (06/20/2017 10:03:16 PM) (Source: VSS)(User: )
Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (06/20/2017 10:03:03 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f4f7c528-847b-420d-8dc7-d553506ddf99}

Error: (06/20/2017 09:53:01 PM) (Source: Application Error)(User: )
Description: GPUTweakII.exe1.3.7.057c7d9f7Vender.dll1.1.5.857b428bec000041d000106cb207c01d2ea311a72e8e2C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exeC:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll40caed1b-862f-4b45-969c-27b5afd97510

Error: (06/20/2017 09:52:57 PM) (Source: Application Error)(User: )
Description: GPUTweakII.exe1.3.7.057c7d9f7Vender.dll1.1.5.857b428bec0000005000106cb207c01d2ea311a72e8e2C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exeC:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll0f9a9a8d-1b7e-4966-8f8a-8196382dcf4a

Error: (06/20/2017 09:46:39 PM) (Source: VSS)(User: )
Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (06/20/2017 09:46:27 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {00b56108-e9c9-42be-a0ef-b77f46b480f4}


CodeIntegrity Errors:
===================================
Date: 2017-06-18 18:33:52.256
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Motion\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:47:47.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\WinSxS\Temp\InFlight\c898b66540e5d201f4020000882bec24\amd64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.15063.332_none_d3d416dc8d9a5f18\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:47:47.435
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\WinSxS\Temp\InFlight\c898b66540e5d201f4020000882bec24\amd64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.15063.332_none_d3d416dc8d9a5f18\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:45:56.638
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\aadcloudap.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:45:56.633
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\aadcloudap.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:45:55.031
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\BioCredProv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:45:55.029
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\BioCredProv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:45:49.915
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\DmNotificationBroker.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:45:49.911
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\DmNotificationBroker.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-06-16 13:45:43.193
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\System32\DsmUserTask.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.7.0 - ASUSTek COMPUTER INC.)
Audiosurf (HKLM\...\Steam App 12900) (Version: - Dylan Fitterer)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beats Updater (HKLM-x32\...\{321BEA75-4A58-4A42-911F-24933AE3E077}) (Version: 3.1.9.0 - Apple Inc.)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blue Satin Skin (HKLM-x32\...\{B0C00181-ECF5-4124-A6DE-14EA663D4799}) (Version: 2.2.0 - Screaming Bee)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.88 - NCH Software)
Discord (HKCU\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
FLV Cutter 1.0 (HKLM-x32\...\FLV Cutter_is1) (Version: - spgsoft.com)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GoldWave v6.15 (HKLM\...\GoldWave v6.15) (Version: 6.15 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.86 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
H1Z1: King of the Kill Test Server (HKLM\...\Steam App 439700) (Version: - Daybreak Game Company)
HD Video Converter Factory Pro 8.6 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 8.6 - WonderFox Soft, Inc.)
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_10.0.26.0396) (Version: 10.0.26.0396 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): Core (HKLM-x32\...\{4BAB7070-1D73-11E6-8844-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration (HKLM-x32\...\{676C639E-1D73-11E6-BF2F-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): User Segmentation (HKLM-x32\...\{51040000-1D73-11E6-A45D-2C44FD873B55}) (Version: 10.0.26.396 - Intel Corporation) Hidden
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Word 2010 (HKLM-x32\...\Office14.WORD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Mumble 1.2.17 (HKLM-x32\...\{95A0093C-0C81-4D0B-BCA7-3CE11755A6BD}) (Version: 1.2.17 - Thorvald Natvig)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.9.4.8 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Parsec (HKCU\...\a53dc3b81e52c50e) (Version: 1.0.0.53 - Parsec)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version: - Bluehole, Inc.)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RogueKiller version 12.11.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.1.0 - Adlice Software)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0000-0000-0000000FF1CE}_Office14.WORD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarParse (HKCU\...\{fxApplication}}_is1) (Version: 1.0 - Ixale)
SteelSeries Engine 3.10.2 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.2 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78313 - TeamViewer)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warcraft Logs Uploader (HKLM-x32\...\{8363B16F-C0CB-02BE-1CD5-4F9239491460}) (Version: 4.14 - UNKNOWN) Hidden
Warcraft Logs Uploader (HKLM-x32\...\com.warcraft.logs) (Version: 4.14 - UNKNOWN)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Apple, Inc. (KernelModeUSB) USBDevice (03/30/2017 11.40.49.146) (HKLM\...\183E383A1862B0622EB93E70D34D830E28AFFBAA) (Version: 03/30/2017 11.40.49.146 - Apple, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.49 - Zemana Ltd.)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 15%
Total physical RAM: 16332 MB
Available physical RAM: 13775.35 MB
Total Virtual: 17356 MB
Available Virtual: 14765.44 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.35 GB) (Free:56.69 GB) NTFS

========================= Users: ========================================

User accounts for \\MOTION-PC

Administrator DefaultAccount Guest
Motion


**** End of log ****

Sadly it's still doing it. Did a custom game of overwatch with just me and a friend for an hour and it did not do it once, but if it's a quickplay or ranked game it does it. Seems like it doesn't do it with two players but it will with 12 total. Same with H1Z1 after maybe 10 minutes it just drops fps. Doesn't do it at all with WoW though. I can run multiple games of WoW at the same time and it doesn't do it. This seems a little weird. Goes back to normal after the drop for a few then it drops again for 10 to 15 seconds.

I will let you know tomorrow night! Busy day today. By the way thank you for all the help!