Solved Port 65000

GeekInPink · Feb 25, 2017

hello

I have an issue with a possible Trojan on port 65000. Is this the correct forum to address this ?

jmarket · Feb 25, 2017

Hi GeekInPink and Welcome to PCHF

I have moved your thread to the Malware Removal area. Please follow the below instructions

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu.

If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.

Accept the default whitelist options,
If the additions.txt options box is not checked please select it.
Then select "Scan"

Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

Please Copy and Paste the contents of these logs in your next post for review by our Security Team

GeekInPink · Feb 25, 2017

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-02-2017

Click to expand...

Ran by Lynn (administrator) on WHITEFALCON-Z17 (25-02-2017 00:24:21)
Running from C:\Users\Lynn\Desktop
Loaded Profiles: Lynn (Available Profiles: Lynn)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe
(DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ESET) C:\Program Files\ESET\ESET Smart Security Premium\egui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ESET) C:\Program Files\ESET\ESET Password Manager\pwm.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(ESET) C:\Program Files\ESET\ESET Password Manager\pwmUIAManager.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSI Gaming Lan Manager\MSI_Gaming_Lan_Manager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(ESET) C:\Program Files\ESET\ESET Password Manager\pwmNMHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\HxMail.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9198592 2017-02-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSI Gaming Lan Manager] => C:\MSI\MSI Gaming Lan Manager\MSI_Gaming_Lan_Manager.exe [4471224 2017-02-08] (Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2016-12-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.)
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [92672 2016-11-28] (ESET)
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2016-08-09] (DESlock Limited)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2a69efde-1263-41b0-962d-33c9e9e50c3a}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1733025421-183912762-1257700198-1002 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1733025421-183912762-1257700198-1002 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-12]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-07] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Profile 8
CHR StartupUrls: Profile 8 -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-14]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-01-14]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-01-14]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 5 [2017-01-14]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 6 [2017-01-14]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 7 [2017-01-14]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8 [2017-02-25]
CHR Extension: (Google Slides) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-08]
CHR Extension: (Google Docs) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-08]
CHR Extension: (Google Drive) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-08]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-01-08]
CHR Extension: (YouTube) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-08]
CHR Extension: (Etsy Seller Tools by Tailored Apps) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\cjbmmdpgaimembhmnolnckiljmblildk [2017-01-08]
CHR Extension: (Search by Image (by Google)) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-01-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Pandora) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\fbangkleohkafngihneedemihgfeikcl [2017-01-08]
CHR Extension: (Google Sheets) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-08]
CHR Extension: (Page Analytics (by Google)) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2017-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-08]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2017-01-08]
CHR Extension: (Adobe Edge Inspect CC) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ijoeapleklopieoejahbpdnhkjjgddem [2017-01-08]
CHR Extension: (iPiccy Photo Editor) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2017-01-08]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2017-01-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (GIFPAL) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2017-01-08]
CHR Extension: (My Chrome Theme) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2017-01-08]
CHR Extension: (ESET Password Manager Autofill Engine) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ofcefbdcehappcfljclmpmappkogffoe [2017-02-16]
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2017-01-08]
CHR Extension: (Evernote Web Clipper) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-02-09]
CHR Extension: (Gmail) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-08]
CHR Extension: (Chrome Media Router) - C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
CHR Profile: C:\Users\Lynn\AppData\Local\Google\Chrome\User Data\System Profile [2017-02-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-28] (cFos Software GmbH)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [540864 2016-07-08] (DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe [2836296 2016-12-14] (ESET)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-01-12] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [68024 2017-01-18] (Micro-Star INT'L CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-09] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-01-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [179712 2016-08-04] (DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121184 2016-08-09] (DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98304 2016-08-04] (DESlock Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [543184 2016-07-26] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-01-17] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-01-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2017-01-17] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-01-17] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-01-17] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-01-17] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-01-17] (ESET)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-29] (Intel Corporation)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [184632 2016-08-29] (Intel Corporation)
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [282424 2016-08-29] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-26] (Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
S3 NTIOLib_OCKit_MB; C:\Program Files (x86)\MSI\MSI OC Kit\Driver_Service\NTIOLib_X64.sys [13776 2016-09-08] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-01-05] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135736 2016-08-04] (DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-02-08] (Zemana Ltd.)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-07 19:35 - 2016-10-13 02:38 - 00425080 _____ (Intel Corporation) C:\WINDOWS\system32\PROUnstl.exe
2017-11-07 19:35 - 2016-10-07 16:25 - 00002291 ____N C:\WINDOWS\system32\SetupBD.din
2017-11-07 19:34 - 2017-02-22 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-11-07 19:34 - 2017-02-22 23:58 - 00000000 ____D C:\MSI
2017-11-07 19:34 - 2017-02-22 01:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-11-07 19:34 - 2017-02-12 00:33 - 00000000 ____D C:\Program Files\Intel
2017-11-07 19:31 - 2017-02-19 22:21 - 00002360 _____ C:\Users\Lynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-07 19:31 - 2017-02-19 22:21 - 00000000 ___RD C:\Users\Lynn\OneDrive
2017-11-07 19:29 - 2017-11-07 19:29 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-FIMC3MU_defaultuser0_HistoryPrediction.bin
2017-11-07 19:29 - 2017-11-07 19:29 - 00000000 ____D C:\Users\Lynn\AppData\Local\TileDataLayer
2017-11-07 19:29 - 2017-11-07 19:29 - 00000000 ____D C:\Users\Lynn\AppData\Local\Publishers
2017-11-07 19:29 - 2017-02-21 21:50 - 00000000 ____D C:\Users\Lynn\AppData\Local\Packages
2017-11-07 19:29 - 2017-02-09 22:26 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\Adobe
2017-11-07 19:29 - 2017-01-16 01:35 - 00000000 ____D C:\Users\Lynn\AppData\Local\VirtualStore
2017-02-25 00:24 - 2017-02-25 00:24 - 00025125 _____ C:\Users\Lynn\Desktop\FRST.txt
2017-02-25 00:23 - 2017-02-25 00:23 - 02423296 _____ (Farbar) C:\Users\Lynn\Desktop\FRST64.exe
2017-02-25 00:11 - 2017-02-25 00:23 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-25 00:11 - 2017-02-25 00:21 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-02-22 23:58 - 2017-02-22 23:58 - 17124742 _____ C:\Users\Lynn\Desktop\WHITEFALCON-Z17-2.arn
2017-02-22 23:19 - 2017-02-22 23:20 - 16536594 _____ C:\Users\Lynn\Desktop\WHITEFALCON-Z17.arn
2017-02-22 23:14 - 2017-02-22 23:14 - 00000000 ____D C:\Users\Lynn\Downloads\Autoruns
2017-02-22 23:00 - 2017-02-22 23:00 - 00000127 _____ C:\Users\Lynn\Desktop\ckfiles.txt
2017-02-22 04:35 - 2017-02-22 04:37 - 34820824 _____ (Adlice Software ) C:\Users\Lynn\Downloads\setup.exe
2017-02-22 04:34 - 2017-02-22 04:34 - 05659775 _____ (Swearware) C:\Users\Lynn\Downloads\ComboFix.exe
2017-02-22 04:14 - 2017-02-22 04:40 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-22 04:13 - 2017-02-22 04:40 - 00000000 ____D C:\ProgramData\RogueKiller
2017-02-22 03:56 - 2017-02-22 03:56 - 01305227 _____ C:\Users\Lynn\Downloads\Autoruns.zip
2017-02-22 03:21 - 2017-02-25 00:19 - 00000000 ___RD C:\Users\Lynn\iCloudDrive
2017-02-22 03:21 - 2017-02-22 03:21 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-02-22 03:21 - 2017-02-22 03:21 - 00000000 ____D C:\Users\Lynn\AppData\Local\Apple Inc
2017-02-22 03:20 - 2017-02-22 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-02-22 03:05 - 2017-02-22 03:05 - 00051478 _____ C:\Users\Lynn\Desktop\avz_ports.htm
2017-02-22 02:17 - 2017-02-22 02:17 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\MSI
2017-02-22 01:25 - 2017-02-22 01:25 - 01726976 _____ C:\Users\Lynn\Downloads\authserver_enu.msi
2017-02-22 01:25 - 2017-02-22 01:25 - 00000000 ____D C:\Program Files (x86)\ESET
2017-02-22 01:00 - 2017-02-22 01:00 - 00003190 _____ C:\WINDOWS\System32\Tasks\MSIGH_Host
2017-02-22 01:00 - 2017-02-22 01:00 - 00003132 _____ C:\WINDOWS\System32\Tasks\MSIOSDx86_Host
2017-02-22 01:00 - 2017-02-22 01:00 - 00003132 _____ C:\WINDOWS\System32\Tasks\MSIOSDx64_Host
2017-02-22 01:00 - 2017-02-22 01:00 - 00003058 _____ C:\WINDOWS\System32\Tasks\MSISW_Host
2017-02-22 01:00 - 2017-02-22 01:00 - 00001837 _____ C:\Users\Public\Desktop\Dragon Eye.lnk
2017-02-22 01:00 - 2017-02-22 01:00 - 00000000 ____D C:\Program Files\MSI
2017-02-22 00:59 - 2017-02-22 00:59 - 00001194 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2017-02-22 00:59 - 2015-08-18 09:51 - 01692840 _____ (MSI) C:\WINDOWS\SysWOW64\muachost.exe
2017-02-22 00:59 - 2015-07-27 01:37 - 00041760 _____ (FINTEK Corp.) C:\WINDOWS\system32\Drivers\I2cHkBurn.sys
2017-02-22 00:59 - 2015-07-27 01:37 - 00031520 _____ (TODO: <公司名稱>) C:\WINDOWS\system32\FintekIcon1.dll
2017-02-22 00:59 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-02-22 00:59 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-02-22 00:59 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-02-22 00:59 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-02-22 00:59 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-02-22 00:59 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-02-22 00:59 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-02-22 00:59 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-02-22 00:59 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-02-22 00:59 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-02-22 00:59 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-02-22 00:59 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-02-22 00:59 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-02-22 00:59 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-02-22 00:59 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-02-22 00:59 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-02-22 00:59 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-02-22 00:59 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-02-22 00:59 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-02-22 00:59 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-02-22 00:59 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-02-22 00:59 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-02-22 00:59 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-02-22 00:59 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-02-22 00:59 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-02-22 00:59 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-02-22 00:59 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-02-22 00:59 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-02-22 00:59 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-02-22 00:59 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-02-22 00:59 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-02-22 00:59 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-02-22 00:59 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-02-22 00:59 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-02-22 00:59 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-02-22 00:59 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-02-22 00:59 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-02-22 00:59 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-02-22 00:59 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-02-22 00:59 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-02-22 00:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-02-22 00:59 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-02-22 00:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-02-22 00:59 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-02-22 00:59 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-02-22 00:59 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-02-22 00:59 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-02-22 00:59 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-02-22 00:59 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-02-22 00:59 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-02-22 00:59 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-02-22 00:59 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-02-22 00:59 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-02-22 00:59 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-02-22 00:59 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-02-22 00:59 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-02-22 00:59 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-02-22 00:59 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-02-22 00:59 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-02-22 00:59 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-02-22 00:59 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-02-22 00:59 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-02-22 00:59 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-02-22 00:59 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-02-22 00:59 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-02-22 00:59 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-02-22 00:59 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-02-22 00:59 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-02-22 00:59 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-02-22 00:59 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-02-22 00:59 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-02-22 00:59 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-02-22 00:59 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-02-22 00:59 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-02-22 00:59 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-02-22 00:59 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-02-22 00:59 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-02-22 00:59 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-02-22 00:59 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-02-22 00:59 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-02-22 00:59 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-02-22 00:59 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-02-22 00:59 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-02-22 00:59 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-02-22 00:59 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-02-22 00:59 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-02-22 00:59 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-02-22 00:59 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-02-22 00:59 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-02-22 00:59 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-02-22 00:59 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-02-22 00:59 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-02-22 00:59 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-02-22 00:59 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-02-22 00:59 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-02-22 00:59 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-02-22 00:59 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-02-22 00:59 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-02-22 00:59 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-02-22 00:59 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-02-22 00:59 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-02-22 00:59 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-02-22 00:59 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-02-22 00:59 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-02-22 00:59 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-02-22 00:59 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-02-22 00:59 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-02-22 00:59 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-02-22 00:59 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-02-22 00:59 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-02-22 00:59 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-02-22 00:59 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-02-22 00:59 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-02-22 00:59 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-02-22 00:59 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-02-22 00:59 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-02-22 00:59 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-02-22 00:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-02-22 00:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-02-22 00:59 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-02-22 00:59 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-02-22 00:59 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-02-22 00:59 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-02-22 00:59 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-02-22 00:59 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-02-22 00:59 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-02-22 00:59 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-02-22 00:59 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-02-22 00:59 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-02-22 00:59 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-02-22 00:59 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-02-22 00:59 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-02-22 00:59 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-02-22 00:59 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-02-22 00:59 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-02-22 00:59 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-02-22 00:59 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-02-22 00:59 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-02-22 00:59 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-02-22 00:59 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-02-22 00:59 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-02-22 00:59 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-02-22 00:59 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-02-22 00:59 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-02-22 00:59 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-02-22 00:59 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-02-22 00:59 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-02-22 00:59 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-02-22 00:59 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-02-22 00:59 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-02-22 00:59 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-02-22 00:59 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-02-22 00:59 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-02-22 00:58 - 2017-02-22 00:58 - 00000000 ____D C:\Users\Lynn\Downloads\gaming_app_6
2017-02-22 00:57 - 2017-02-22 00:57 - 00000000 ____D C:\Users\Lynn\Downloads\USB_Speed_Up
2017-02-22 00:56 - 2017-02-22 00:56 - 00000000 ____D C:\Users\Lynn\Downloads\SuperCharger_mb
2017-02-22 00:55 - 2017-02-22 00:55 - 00000000 ____D C:\Users\Lynn\Downloads\gaming_lan_manager
2017-02-22 00:55 - 2017-02-22 00:55 - 00000000 ____D C:\Users\Lynn\AppData\Local\cFos
2017-02-22 00:55 - 2017-02-22 00:55 - 00000000 ____D C:\ProgramData\cFos
2017-02-22 00:55 - 2017-02-22 00:55 - 00000000 ____D C:\Program Files\cFosSpeed
2017-02-22 00:55 - 2015-09-28 22:16 - 02004904 _____ (cFos Software GmbH) C:\WINDOWS\system32\Drivers\cfosspeed6.sys
2017-02-22 00:48 - 2017-02-22 00:48 - 00000000 ____D C:\Users\Lynn\Downloads\intel_Serial_IO_w10
2017-02-22 00:45 - 2017-02-22 00:45 - 00000000 ____D C:\Users\Lynn\Downloads\intel_me_skl
2017-02-22 00:29 - 2017-02-22 00:29 - 00000000 ____D C:\Users\Lynn\Downloads\intel_sgx
2017-02-22 00:22 - 2017-02-22 00:22 - 00000000 ____D C:\Users\Lynn\Downloads\asmedia_usb31_w10
2017-02-22 00:11 - 2017-02-22 00:11 - 00000000 ____D C:\Users\Lynn\Downloads\intel_chipse_9_w10
2017-02-22 00:08 - 2017-02-22 00:02 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-02-22 00:08 - 2017-02-22 00:02 - 15202032 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 10283532 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-02-22 00:08 - 2017-02-22 00:02 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 05611520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-02-22 00:08 - 2017-02-22 00:02 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 03503040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 03410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 03299816 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 03203416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 03122648 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 03014656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-02-22 00:08 - 2017-02-22 00:02 - 02993712 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 02830480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 02444688 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 02202624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 02190976 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01516896 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01382232 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01363096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01353816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01337632 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 01003512 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00984904 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00965016 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00962120 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00866096 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00859912 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00856296 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00785608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00726632 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00689872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00680504 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00601144 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00518528 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00426560 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00416504 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00381400 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00366112 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00360336 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00203832 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00190928 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00179592 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00158688 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00154360 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00083616 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00075536 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2017-02-22 00:08 - 2017-02-22 00:02 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-02-22 00:02 - 2017-02-22 00:02 - 00000000 ____D C:\Users\Lynn\Downloads\realtek_hd_audio
2017-02-21 23:57 - 2017-02-21 23:57 - 00000000 ____D C:\Users\Lynn\Downloads\Intel_Network_skl
2017-02-21 23:52 - 2017-02-21 23:54 - 254883191 _____ C:\Users\Lynn\Downloads\gaming_app_6.zip
2017-02-21 23:48 - 2017-02-21 23:48 - 03550215 _____ C:\Users\Lynn\Downloads\E7984v1.0.zip
2017-02-21 23:47 - 2017-02-21 23:49 - 249085970 _____ C:\Users\Lynn\Downloads\intel_vga_skl.zip
2017-02-21 23:44 - 2017-02-21 23:44 - 02723156 _____ C:\Users\Lynn\Downloads\intel_chipse_9_w10.zip
2017-02-21 23:39 - 2017-02-21 23:39 - 07235623 _____ C:\Users\Lynn\Downloads\7984v1D.zip
2017-02-20 01:29 - 2017-02-20 01:29 - 01178367 _____ C:\Users\Lynn\Downloads\BusSet3 Poster2.indt.zip
2017-02-20 01:18 - 2017-02-20 01:18 - 00000000 ____D C:\Users\Lynn\Downloads\Flyer3.indt
2017-02-20 01:17 - 2017-02-20 01:17 - 00518423 _____ C:\Users\Lynn\Downloads\Flyer3.indt.zip
2017-02-20 01:06 - 2017-02-20 01:06 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsignfe695dfd5a8b60af
2017-02-20 01:06 - 2017-02-20 01:06 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsigne6b59e0d04c8e627
2017-02-20 01:06 - 2017-02-20 01:06 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign1e1ce360451226a2
2017-02-19 22:22 - 2017-02-19 22:22 - 02087237 _____ C:\Users\Lynn\Desktop\Nationwide.pdf
2017-02-17 23:12 - 2017-02-17 23:12 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-17 23:01 - 2017-02-21 01:19 - 00468480 _____ () C:\Users\Lynn\Desktop\CKScanner.exe
2017-02-17 22:45 - 2017-02-17 22:45 - 01181552 _____ C:\Users\Lynn\Desktop\SysInspector-WHITEFALCON-Z17-170214-223822.txt
2017-02-17 22:44 - 2017-02-17 22:44 - 00000000 ____D C:\Users\Lynn\AppData\LocalLow\Temp
2017-02-17 02:47 - 2017-02-17 02:47 - 00000000 ___HD C:\$SysReset
2017-02-17 02:23 - 2017-02-22 23:57 - 00000000 ____D C:\ProgramData\Emsisoft
2017-02-17 00:26 - 2017-02-17 00:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-17 00:07 - 2017-02-17 00:07 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\NVIDIA
2017-02-16 23:48 - 2017-02-16 23:48 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsigne6b1ed0e83974ba5
2017-02-16 23:48 - 2017-02-16 23:48 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign9a0378f857c9b00a
2017-02-16 23:48 - 2017-02-16 23:48 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign88c5f5367f720894
2017-02-16 22:20 - 2017-02-16 22:21 - 00087972 _____ C:\TDSSKiller.3.1.0.12_16.02.2017_22.20.36_log.txt
2017-02-16 21:51 - 2017-02-20 01:20 - 00000000 ___SD C:\Users\Lynn\Documents\Password Manager
2017-02-16 21:14 - 2017-02-16 21:18 - 12110996 _____ C:\Users\Lynn\Downloads\essp_logs.zip
2017-02-16 21:13 - 2017-02-16 21:13 - 00987776 _____ (ESET) C:\Users\Lynn\Downloads\ESETLogCollector_enu.exe
2017-02-15 01:23 - 2017-02-17 01:47 - 00000000 ____D C:\Users\Lynn\Desktop\wound
2017-02-15 00:36 - 2017-02-09 15:13 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-15 00:36 - 2017-02-09 14:57 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-15 00:36 - 2017-02-09 14:57 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-15 00:36 - 2017-02-09 14:57 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-15 00:36 - 2017-02-09 14:57 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-15 00:36 - 2017-02-09 14:57 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-15 00:36 - 2017-02-09 14:57 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-15 00:36 - 2017-02-09 14:57 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-15 00:36 - 2017-02-09 14:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-15 00:36 - 2017-02-09 14:39 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-02-15 00:35 - 2017-02-09 18:33 - 00512960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-02-15 00:35 - 2017-02-09 18:33 - 00418752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 01600056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00944224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00719856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00618416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00217528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-02-15 00:34 - 2017-02-09 18:33 - 00047664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-02-15 00:34 - 2017-02-09 18:33 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-15 00:34 - 2017-02-09 18:33 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-02-15 00:34 - 2017-02-09 18:33 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-02-15 00:21 - 2017-02-15 00:21 - 00000000 ____D C:\Users\Lynn\Downloads\avz4
2017-02-14 23:46 - 2017-02-15 00:19 - 09317168 _____ (ESET, spol. s r.o.) C:\Users\Lynn\Downloads\eset_sysrescue_live_creator_enu.exe
2017-02-14 23:34 - 2017-02-14 23:34 - 07097928 _____ (VS Revo Group ) C:\Users\Lynn\Downloads\revosetup.exe
2017-02-14 23:20 - 2017-02-14 23:20 - 00001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2017.lnk
2017-02-14 23:07 - 2017-02-14 23:07 - 00029048 _____ C:\ProgramData\agent.1487142424.bdinstall.bin
2017-02-14 22:59 - 2017-02-17 00:05 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-02-14 22:32 - 2017-02-14 22:32 - 00000000 ____D C:\Users\Lynn\AppData\Local\DESlock+
2017-02-12 00:46 - 2017-02-12 00:46 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsignf14df003b8b671cd
2017-02-12 00:46 - 2017-02-12 00:46 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsigne9960af73da9c17e
2017-02-12 00:46 - 2017-02-12 00:46 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign8ffade731bb357e4
2017-02-12 00:39 - 2017-02-17 02:32 - 00003102 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-02-12 00:32 - 2017-02-17 02:32 - 00003134 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
2017-02-12 00:32 - 2017-02-17 02:32 - 00002768 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
2017-02-12 00:32 - 2016-08-04 17:47 - 00003130 _____ C:\WINDOWS\system32\e1d65x64.din
2017-02-12 00:32 - 2016-07-26 09:48 - 00543184 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1d65x64.sys
2017-02-12 00:32 - 2016-07-22 02:19 - 00091088 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2017-02-12 00:32 - 2016-04-15 14:47 - 00080848 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2017-02-12 00:32 - 2014-04-18 13:17 - 00125728 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo4.dll
2017-02-11 01:38 - 2017-02-11 01:38 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign2ff941b5a5b8646a
2017-02-11 01:36 - 2017-02-11 01:36 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\ESET
2017-02-11 00:58 - 2017-02-25 00:17 - 00002156 _____ C:\Users\Public\Desktop\ESET Banking & Payment protection.lnk
2017-02-11 00:58 - 2017-02-25 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-11 00:58 - 2017-02-25 00:13 - 00000000 ____D C:\ProgramData\ESET
2017-02-11 00:58 - 2017-02-16 21:51 - 00000000 ____D C:\Program Files\ESET
2017-02-11 00:57 - 2017-02-11 00:57 - 03137152 _____ (ESET) C:\Users\Lynn\Downloads\eset_smart_security_premium_live_installer_us (1).exe
2017-02-11 00:57 - 2017-02-11 00:57 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign1dab62d62a16c2bb
2017-02-11 00:57 - 2017-02-11 00:57 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign01633935c9b53fc3
2017-02-11 00:54 - 2017-02-11 00:54 - 00220597 _____ C:\ProgramData\cl.uninstall.1486803204.bdinstall.bin
2017-02-11 00:53 - 2017-02-11 00:53 - 00036711 _____ C:\ProgramData\dm.uninstall.1486803218.bdinstall.bin
2017-02-11 00:49 - 2017-02-11 00:49 - 00090722 _____ C:\ProgramData\cl.1486802951.bdinstall.bin
2017-02-11 00:48 - 2017-02-11 00:48 - 03137152 _____ (ESET) C:\Users\Lynn\Downloads\eset_smart_security_premium_live_installer_us.exe
2017-02-11 00:43 - 2017-02-11 00:43 - 00025600 ____R (Gibson Research Corp.) C:\Users\Lynn\Downloads\LeakTest.exe
2017-02-10 23:30 - 2017-02-11 01:01 - 00000000 ____D C:\Users\Lynn\AppData\Local\ESET
2017-02-10 23:30 - 2017-02-10 23:30 - 06771840 _____ (ESET spol. s r.o.) C:\Users\Lynn\Downloads\esetonlinescanner_enu.exe
2017-02-10 22:54 - 2017-02-10 22:54 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign95b849ee30d1578b
2017-02-10 22:53 - 2017-02-10 22:53 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign412cf58799821c78
2017-02-09 22:26 - 2017-02-09 22:26 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign49a3e6e87338a3b3
2017-02-09 22:25 - 2017-02-09 22:25 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2017.lnk
2017-02-09 22:12 - 2017-02-09 22:12 - 00040875 _____ C:\ProgramData\dm.update.1486707160.bdinstall.bin
2017-02-09 20:14 - 2017-02-09 20:14 - 00676558 _____ C:\Users\Public\Desktop\bdsyslog.zip
2017-02-09 20:05 - 2017-02-09 20:06 - 06590976 _____ (Bitdefender S.R.L) C:\Users\Lynn\Downloads\BDSysLog_i.exe
2017-02-08 03:18 - 2017-02-08 03:18 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign875f8aafa0efcf92
2017-02-08 03:18 - 2017-02-08 03:18 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign027ce268c2e243f3
2017-02-08 03:17 - 2017-02-08 03:17 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsignec0ad1b2f6f56e86
2017-02-08 03:15 - 2017-02-08 03:15 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsignf8fa78a0f64908e2
2017-02-08 03:15 - 2017-02-08 03:15 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign37f32ce15d7be2d4
2017-02-08 03:12 - 2017-02-08 03:12 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsigna79fd1cf015cd54c
2017-02-08 03:12 - 2017-02-08 03:12 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsign0b423cf37e880182
2017-02-08 03:05 - 2017-02-25 00:24 - 00036354 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-02-08 03:05 - 2017-02-17 00:04 - 00155737 _____ C:\WINDOWS\ZAM.krnl.trace
2017-02-08 03:04 - 2017-02-08 03:04 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-02-08 03:04 - 2017-02-08 03:04 - 00000000 ____D C:\Users\Lynn\AppData\Local\Zemana
2017-02-07 21:21 - 2017-02-12 00:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
2017-02-07 21:21 - 2017-02-07 21:21 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\9-lab
2017-02-07 21:21 - 2017-02-07 21:21 - 00000000 ____D C:\ProgramData\9-lab
2017-02-07 21:19 - 2017-02-07 21:20 - 06466144 _____ C:\Users\Lynn\Downloads\rmtool-setup-x64.exe
2017-02-07 21:04 - 2017-02-07 21:16 - 00000000 ____D C:\Users\Lynn\Desktop\avz
2017-02-07 21:04 - 2017-02-07 21:04 - 10112832 _____ C:\Users\Lynn\Downloads\avz4.zip
2017-02-07 00:05 - 2017-02-07 00:05 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\Sun
2017-02-07 00:05 - 2017-02-07 00:05 - 00000000 ____D C:\Users\Lynn\AppData\LocalLow\Sun
2017-02-07 00:05 - 2017-02-07 00:05 - 00000000 ____D C:\ProgramData\Oracle
2017-02-06 23:47 - 2017-02-06 23:47 - 00395491 _____ C:\ProgramData\cl.repair.1486453559.bdinstall.bin
2017-02-06 23:04 - 2017-02-06 23:04 - 00002850 _____ C:\Users\Lynn\Desktop\startup.txt
2017-02-06 22:44 - 2017-02-22 00:09 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2017-02-06 22:43 - 2017-02-22 00:08 - 00000000 ____D C:\WINDOWS\system32\DAX3
2017-02-06 22:43 - 2017-02-06 22:43 - 00000000 ____D C:\ProgramData\Audyssey Labs
2017-02-06 22:43 - 2017-02-06 22:43 - 00000000 ____D C:\Program Files\Realtek
2017-02-06 22:43 - 2017-02-06 22:36 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2017-02-06 22:40 - 2017-02-06 22:40 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsignf1fe3099cc6c5805
2017-02-06 22:40 - 2017-02-06 22:40 - 00000000 ____D C:\Users\Lynn\AppData\Local\Tempzxpsigna0527a423c1f159f
2017-02-06 22:33 - 2017-02-06 22:33 - 00028191 _____ C:\ProgramData\agent.1486449217.bdinstall.bin
2017-02-06 22:12 - 2017-02-06 22:12 - 00000000 ____D C:\Program Files (x86)\Setup Files
2017-02-06 02:25 - 2017-02-06 02:25 - 07928606 _____ C:\Users\Lynn\Desktop\VID00051.MP4
2017-02-05 03:53 - 2017-02-05 02:47 - 00008500 _____ C:\Users\Lynn\Desktop\1486285491_1_01.xml
2017-02-03 23:06 - 2017-02-22 22:57 - 00007605 _____ C:\Users\Lynn\AppData\Local\resmon.resmoncfg
2017-02-03 22:48 - 2017-02-03 22:48 - 00396269 _____ C:\ProgramData\cl.repair.1486190810.bdinstall.bin
2017-02-03 19:21 - 2017-02-06 20:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-02-03 19:19 - 2017-02-03 21:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-01-27 09:16 - 2017-01-27 09:16 - 00038284 _____ C:\Users\Lynn\Desktop\Promotional Trainer Flexmls.pdf
2017-01-26 21:08 - 2017-01-26 21:08 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\SolidDocuments
2017-01-26 21:08 - 2017-01-26 21:08 - 00000000 ____D C:\ProgramData\SolidDocuments
2017-01-26 20:10 - 2017-01-26 20:10 - 00028191 _____ C:\ProgramData\agent.1485490204.bdinstall.bin
2017-01-26 19:57 - 2017-02-17 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2017-01-26 02:36 - 2017-01-26 02:36 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-26 02:29 - 2017-01-26 01:58 - 00006061 _____ C:\Users\Lynn\Desktop\1485424380_1_01.xml

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-07 19:22 - 2015-07-16 09:13 - 00000000 ____D C:\WINDOWS\CSC
2017-02-25 00:24 - 2017-01-08 15:37 - 00000000 ____D C:\FRST
2017-02-25 00:24 - 2015-07-16 08:39 - 01990566 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-25 00:22 - 2017-01-08 04:02 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-02-25 00:22 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 00:21 - 2017-01-08 03:40 - 00000000 ____D C:\Users\Lynn\AppData\Local\Adobe
2017-02-25 00:20 - 2017-01-07 18:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-25 00:20 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-25 00:20 - 2016-07-16 03:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-25 00:18 - 2017-01-14 02:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-25 00:18 - 2016-07-15 22:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-23 00:41 - 2017-01-14 02:01 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-22 23:58 - 2017-01-08 04:05 - 00000000 ____D C:\Users\Lynn\AppData\Local\CrashDumps
2017-02-22 23:58 - 2017-01-07 18:40 - 00000000 ____D C:\Program Files (x86)\MSI
2017-02-22 03:21 - 2017-01-16 23:47 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\Apple Computer
2017-02-22 03:21 - 2017-01-14 02:02 - 00000000 ____D C:\Users\Lynn
2017-02-22 03:21 - 2017-01-08 03:47 - 00000000 ___RD C:\Users\Lynn\Creative Cloud Files
2017-02-22 03:21 - 2017-01-08 03:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-02-22 01:35 - 2017-01-25 00:57 - 00000000 ____D C:\Users\Lynn\AppData\Local\ElevatedDiagnostics
2017-02-22 00:45 - 2017-01-14 02:04 - 00003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-02-22 00:09 - 2017-01-14 02:01 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-22 00:09 - 2017-01-07 18:35 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-02-22 00:08 - 2017-01-14 02:01 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-18 00:38 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-17 03:22 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-02-17 02:33 - 2017-01-14 02:04 - 00002846 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-17 02:32 - 2017-01-14 02:04 - 00002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-17 02:32 - 2017-01-14 02:04 - 00002830 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-FIMC3MU-Lynn
2017-02-16 23:57 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-15 00:42 - 2017-01-08 03:10 - 00000000 ____D C:\AdwCleaner
2017-02-15 00:36 - 2017-01-14 02:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-15 00:36 - 2017-01-14 02:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-15 00:36 - 2017-01-14 02:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-15 00:36 - 2017-01-07 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-15 00:36 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\Help
2017-02-14 23:20 - 2017-01-08 03:47 - 00000000 ____D C:\Program Files\Adobe
2017-02-14 23:16 - 2017-01-14 02:04 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-02-14 23:16 - 2017-01-08 04:02 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-02-14 23:16 - 2017-01-08 04:02 - 00002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2017-02-12 00:39 - 2017-01-07 18:38 - 00000000 ____D C:\ProgramData\Intel
2017-02-12 00:32 - 2017-01-07 18:39 - 00000000 ____D C:\Program Files (x86)\Intel
2017-02-11 00:58 - 2016-07-16 03:47 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2017-02-11 00:54 - 2017-01-07 19:31 - 00038283 _____ C:\bdlog.txt
2017-02-11 00:54 - 2017-01-07 19:20 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\Bitdefender
2017-02-11 00:54 - 2017-01-07 19:20 - 00000000 ____D C:\ProgramData\Bitdefender
2017-02-10 00:21 - 2017-01-08 03:42 - 00000000 ____D C:\ProgramData\Adobe
2017-02-09 22:26 - 2017-01-17 21:41 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-09 21:51 - 2017-01-14 00:49 - 00000673 _____ C:\Users\Lynn\Desktop\JRT.txt
2017-02-06 23:46 - 2016-07-15 22:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-02-06 22:40 - 2017-01-08 03:52 - 00001919 _____ C:\Users\Lynn\Documents\MuseLog.txt
2017-02-06 11:48 - 2016-07-16 03:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 11:48 - 2016-07-16 03:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 21:53 - 2015-07-10 01:05 - 00000000 ____D C:\Users\Default.migrated
2017-02-03 21:49 - 2017-01-22 15:05 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-03 21:49 - 2017-01-22 15:05 - 00002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-26 20:10 - 2017-01-07 19:21 - 00000000 ____D C:\ProgramData\BDLogging
2017-01-26 18:29 - 2017-01-17 21:44 - 00000000 ____D C:\Users\Lynn\Documents\Adobe
2017-01-26 00:30 - 2017-01-25 20:53 - 00000000 ____D C:\Users\Lynn\Desktop\part 107 test

==================== Files in the root of some directories =======

2017-01-17 22:02 - 2017-01-25 22:07 - 0000033 _____ () C:\Users\Lynn\AppData\Roaming\AdobeWLCMCache.dat
2017-02-03 23:06 - 2017-02-22 22:57 - 0007605 _____ () C:\Users\Lynn\AppData\Local\resmon.resmoncfg
2017-01-07 19:18 - 2017-01-07 19:18 - 0047483 _____ () C:\ProgramData\agent.1483845505.bdinstall.bin
2017-01-16 22:56 - 2017-01-16 22:56 - 0028937 _____ () C:\ProgramData\agent.1484636169.bdinstall.bin
2017-01-16 23:13 - 2017-01-16 23:13 - 0028936 _____ () C:\ProgramData\agent.1484637210.bdinstall.bin
2017-01-26 20:10 - 2017-01-26 20:10 - 0028191 _____ () C:\ProgramData\agent.1485490204.bdinstall.bin
2017-02-06 22:33 - 2017-02-06 22:33 - 0028191 _____ () C:\ProgramData\agent.1486449217.bdinstall.bin
2017-02-14 23:07 - 2017-02-14 23:07 - 0029048 _____ () C:\ProgramData\agent.1487142424.bdinstall.bin
2017-01-07 19:21 - 2017-01-07 19:21 - 0386219 _____ () C:\ProgramData\cl.1483845580.bdinstall.bin
2017-01-16 23:30 - 2017-01-16 23:30 - 0393757 _____ () C:\ProgramData\cl.1484638161.bdinstall.bin
2017-02-11 00:49 - 2017-02-11 00:49 - 0090722 _____ () C:\ProgramData\cl.1486802951.bdinstall.bin
2017-01-21 02:27 - 2017-01-21 02:27 - 0395987 _____ () C:\ProgramData\cl.repair.1484994420.bdinstall.bin
2017-02-03 22:48 - 2017-02-03 22:48 - 0396269 _____ () C:\ProgramData\cl.repair.1486190810.bdinstall.bin
2017-02-06 23:47 - 2017-02-06 23:47 - 0395491 _____ () C:\ProgramData\cl.repair.1486453559.bdinstall.bin
2017-02-11 00:54 - 2017-02-11 00:54 - 0220597 _____ () C:\ProgramData\cl.uninstall.1486803204.bdinstall.bin
2017-01-07 19:21 - 2017-01-07 19:21 - 0055647 _____ () C:\ProgramData\dm.1483845709.bdinstall.bin
2017-01-21 02:26 - 2017-01-21 02:26 - 0035461 _____ () C:\ProgramData\dm.1484994402.bdinstall.bin
2017-01-21 02:33 - 2017-01-21 02:33 - 0055959 _____ () C:\ProgramData\dm.1484994788.bdinstall.bin
2017-02-11 00:53 - 2017-02-11 00:53 - 0036711 _____ () C:\ProgramData\dm.uninstall.1486803218.bdinstall.bin
2017-02-09 22:12 - 2017-02-09 22:12 - 0040875 _____ () C:\ProgramData\dm.update.1486707160.bdinstall.bin
2017-01-14 02:01 - 2017-01-14 02:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-07 23:34 - 2017-01-15 21:38 - 0005943 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-07 23:34 - 2017-01-15 15:42 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
2017-02-22 04:13 - 2017-01-14 01:57 - 1886344 _____ (Microsoft Corporation) C:\Users\Lynn\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-15 21:20

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017

Click to expand...

Ran by Lynn (25-02-2017 00:24:46)
Running from C:\Users\Lynn\Desktop
Windows 10 Pro Version 1607 (X64) (2017-01-14 10:07:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1733025421-183912762-1257700198-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1733025421-183912762-1257700198-503 - Limited - Disabled)
Guest (S-1-5-21-1733025421-183912762-1257700198-501 - Limited - Disabled)
Lynn (S-1-5-21-1733025421-183912762-1257700198-1002 - Administrator - Enabled) => C:\Users\Lynn

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security Premium 10.0.390.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security Premium 10.0.390.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.8 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32\...\MUSE_2017_0_2) (Version: 2017.0.2.60 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Ansel (Version: 378.66 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.36.1 - Asmedia Technology)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MX330 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX330_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
cFosSpeed v10.11 (HKLM\...\cFosSpeed) (Version: 10.11 - cFos Software GmbH, Bonn)
ESET Premium Line Encryption (Version: 1.0.11 - ESET) Hidden
ESET Smart Security Premium (HKLM\...\{404E2172-0D0E-49CF-8149-3AB69CB05735}) (Version: 10.0.390.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
iCloud (HKLM\...\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}) (Version: 6.1.2.13 - Apple Inc.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Microsoft OneDrive (HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MSI DragonEye (HKLM\...\{7116875E-F251-4C33-AB3F-37DE05B15595}_is1) (Version: 0.0.2.5 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.1.0.18 - MSI)
MSI Gaming Lan Manager (HKLM-x32\...\{3318282C-D4D6-4B29-BBD5-95FC34B54FF0}_is1) (Version: 1.0.0.36 - MSI)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8059 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1733025421-183912762-1257700198-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-56006BBD6A19}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1733025421-183912762-1257700198-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E1A4552-6CC9-4717-A1A3-A3368D430499} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {16E53271-5CDF-481C-A918-18F83E5329B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-07] (Google Inc.)
Task: {1DB9F156-F279-4991-975C-15B778BA0D3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2D689024-A4C1-4AFD-880D-E9C27F35F434} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {2E85D532-69FF-4B36-A43E-7013200F6755} - System32\Tasks\AdobeAAMUpdater-1.0-WHITEFALCON-Z17-Lynn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {2F65F470-7AD7-4F2B-8A4A-99BA5CC64EBC} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [2017-01-19] (Micro-Star INT'L CO., LTD.)
Task: {3479582F-AAF4-4AB4-83E5-86B83BF2A022} - System32\Tasks\Microsoft\Windows\RestartManager\{4542322D-7561-47a4-8305-2F68364047E4} => C:\WINDOWS\system32\rmclient.exe [2016-07-16] (Microsoft Corporation)
Task: {456BDA09-5100-4A52-ACEE-808F99A13FB5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation)
Task: {4872B112-FF92-4AC9-BBEE-4A537617AE59} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {57E0A395-AF14-4A9F-B041-DBAB39EA52A9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {5FF9C437-8C1F-4A7B-8BA6-4E1ED2A644FF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {69123442-CAB0-48D7-8488-6B8634648F39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {792DC694-CFE0-4C7C-98DD-91EA3201D572} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-FIMC3MU-Lynn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {8920A27B-5D03-4D7F-890B-B985B3A90EB0} - System32\Tasks\Microsoft\Windows\RestartManager\{8A122A9B-B772-4a34-89C3-2CAD6CD223B8} => C:\WINDOWS\system32\rmclient.exe [2016-07-16] (Microsoft Corporation)
Task: {937AD738-0384-48DA-908E-9A816DE80459} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {A0D65FD9-44C1-47B0-9E0D-C931EFA01FDA} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {A6B1F3C5-2418-4356-9A42-E26F6D23720D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation)
Task: {A8FDDEF5-DB9A-4CCF-8912-672E8C38BF1D} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWoW64\muachost.exe [2015-08-18] (MSI)
Task: {AB2791B2-ACEB-42FD-BCEB-1D5700D58ED4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-07] (Google Inc.)
Task: {AD24E314-594C-418D-AC54-987CC320E697} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation)
Task: {C6273471-4FB8-40BA-9D5C-43CFEC36424F} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {D9A9A621-A200-44AE-8645-C0AEB9461E1A} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {EEBA40AE-EE20-4180-BB90-8C95F96B6996} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation)
Task: {F2A43EDF-61BE-4797-BFB5-265376DCBB54} - System32\Tasks\Microsoft\Windows\RestartManager\{0A1EB79E-8D76-4952-923D-DC24C16FD499} => C:\WINDOWS\system32\rmclient.exe [2016-07-16] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 03:42 - 2016-07-16 03:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-15 00:36 - 2017-02-09 14:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-07 21:53 - 2017-01-20 10:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-07 21:53 - 2017-01-20 10:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2016-10-07 15:48 - 2016-10-07 15:48 - 00461880 ____R () C:\Program Files\Intel\NCS2\WmiProv\Ncs2Provider.dll
2016-10-07 15:48 - 2016-10-07 15:48 - 00282168 ____R () C:\Program Files\Intel\NCS2\Agent\AdapterAgnt.DLL
2017-02-22 00:59 - 2016-06-14 16:35 - 00187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-03 21:49 - 2017-02-01 01:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-03 21:49 - 2017-02-01 01:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2016-10-04 17:09 - 2016-10-04 17:09 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2017-02-21 21:50 - 2017-02-21 21:50 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-21 21:50 - 2017-02-21 21:50 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-21 21:50 - 2017-02-21 21:50 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 00:58 - 2017-02-06 00:59 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-01-14 01:57 - 2017-01-14 01:57 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 03:43 - 2016-07-16 06:28 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 03:43 - 2016-07-16 06:27 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 03:43 - 2016-07-16 06:28 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 03:43 - 2016-07-16 06:28 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 03:43 - 2016-07-16 06:28 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 03:43 - 2016-07-16 06:28 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 03:43 - 2016-07-16 06:27 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 03:43 - 2016-07-16 06:27 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2017-02-09 20:04 - 2017-02-09 20:04 - 13170368 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-02-09 20:04 - 2017-02-09 20:04 - 01200840 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7903.40527.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-01-07 21:53 - 2017-01-20 10:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-07 21:53 - 2017-01-20 10:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-01-07 21:53 - 2017-01-20 10:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-22 00:59 - 2016-06-14 16:35 - 00163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2016-12-13 01:24 - 2016-12-13 01:24 - 40523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-16 21:51 - 2016-07-07 14:34 - 00796160 _____ () C:\Program Files\ESET\ESET Password Manager\DLLs\unicodedata.pyd
2017-02-16 21:51 - 2016-07-07 14:34 - 00231936 _____ () C:\Program Files\ESET\ESET Password Manager\DLLs\pyexpat.pyd
2016-10-20 01:28 - 2016-10-20 01:28 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-07 21:53 - 2017-01-20 05:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-01-07 21:53 - 2017-01-20 05:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-01-07 21:53 - 2017-01-20 05:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-01-07 21:53 - 2017-01-20 05:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-01-07 21:53 - 2017-01-20 05:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-01-07 21:53 - 2017-01-20 05:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-01-07 21:53 - 2017-01-20 05:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2017-01-07 23:34 - 2017-01-20 05:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Lynn\Downloads\BDSysLog_i.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\esetonlinescanner_enu.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\eset_smart_security_premium_live_installer_us.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\iCloudSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\LeakTest.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\mb3-setup-consumer-3.0.5.1299.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 03:04 - 2017-02-11 00:37 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1733025421-183912762-1257700198-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lynn\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{7f16eeac-79cc-40ec-9b50-8c04fd4d86bb}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: isaHelperSvc => 2
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ZAM"
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{241E2289-3D49-4E8A-B47E-8618861DB71C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{BF9B6BD4-D82C-4C03-B269-E2289DC27D55}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{6AE845FC-591A-4737-BBA5-9B8D79AC3F03}] => (Allow) %ProgramFiles% (x86)\ESET\ESET Authentication Server\EHttpSrv.exe

==================== Restore Points =========================

03-02-2017 19:08:09 yoyoyuoy
06-02-2017 22:43:21 Installed Realtek High Definition Audio Driver
09-02-2017 21:50:31 JRT Pre-Junkware Removal
11-02-2017 02:11:53 eset
17-02-2017 03:21:26 Windows Modules Installer
22-02-2017 00:06:09 Removed Realtek High Definition Audio Driver
25-02-2017 00:12:46 Removed ESET Authentication Server

==================== Faulty Device Manager Devices =============

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2017 12:18:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:18:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:18:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:18:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app Microsoft.People_8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:18:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:18:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app Microsoft.People_8wekyb3d8bbwe!x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:18:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:18:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WHITEFALCON-Z17)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/25/2017 12:16:06 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (02/25/2017 12:16:06 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

System errors:
=============
Error: (02/25/2017 12:23:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: Mail and Calendar.

Error: (02/25/2017 12:19:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service.

Error: (02/25/2017 12:18:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/25/2017 12:18:07 AM) (Source: DCOM) (EventID: 10010) (User: WHITEFALCON-Z17)
Description: The server microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (02/25/2017 12:18:07 AM) (Source: DCOM) (EventID: 10010) (User: WHITEFALCON-Z17)
Description: The server App.AppX85gcbw533amccd2rr8qswxymhfj649t2.mca did not register with DCOM within the required timeout.

Error: (02/25/2017 12:18:07 AM) (Source: DCOM) (EventID: 10010) (User: WHITEFALCON-Z17)
Description: The server Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca did not register with DCOM within the required timeout.

Error: (02/25/2017 12:18:07 AM) (Source: DCOM) (EventID: 10010) (User: WHITEFALCON-Z17)
Description: The server x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXzejyt9r85hqcnkedyedn8h8akaf9sz0q.mca did not register with DCOM within the required timeout.

Error: (02/25/2017 12:18:07 AM) (Source: DCOM) (EventID: 10010) (User: WHITEFALCON-Z17)
Description: The server App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca did not register with DCOM within the required timeout.

Error: (02/25/2017 12:18:06 AM) (Source: DCOM) (EventID: 10010) (User: WHITEFALCON-Z17)
Description: The server x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca did not register with DCOM within the required timeout.

Error: (02/25/2017 12:18:04 AM) (Source: DCOM) (EventID: 10010) (User: WHITEFALCON-Z17)
Description: The server Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

CodeIntegrity:
===================================
Date: 2017-02-25 00:23:15.619
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:23:15.617
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:22:35.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:22:35.967
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:22:35.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:22:35.667
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:22:34.708
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:22:34.707
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:21:57.421
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-25 00:21:57.420
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\ESET\ESET Smart Security Premium\ekrn.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 10%
Total physical RAM: 32730.66 MB
Available physical RAM: 29376.23 MB
Total Virtual: 34778.66 MB
Available Virtual: 31275.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.25 GB) (Free:29.3 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1495.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Malnutrition · Feb 25, 2017

FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Clean up temp files and reduce startup load with CCleaner.

Note: This tool will clean your browsing history as well.

Download CCleaner from here.
After install Click Options.
Go to monitoring.
Uncheck All Monitoring items.
Go to advanced -- Click close program after cleaning.
Go to settings -- click run ccleaner when the computer starts.
Now that you have ccleaner installed and set-up:
Open the program.
Go to Tools
Go to Startup
Now double click each item. To Disable.
Leave only your antivirus enabled.
Then disable All items in your scheduled task as well.
Unless they are related to windows defender.Or your antivirus.
Reboot the machine.

ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.

2. Once you have started the program, you will need to click the scanner button.

The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.

Eliminate System Restrictions with this tool.

Temporarily disable your antivirus
Download SupRestric.exe save to your desktop.
Close all running programs.
Double click the file to launch it.
Windows: 7/8/10 Vista and run as administrator
Click Yes at any prompt.
The analysis takes only a few moments.
The report is on the desktop ( CTR.txt )
Copy paste report in next reply.
A reboot is needed to complete the repairs.

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log is saved to your desktop and will automatically open.
Please post the JRT log.

Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

GeekInPink · Feb 25, 2017

Malnutrition said:
FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Clean up temp files and reduce startup load with CCleaner.

Note: This tool will clean your browsing history as well.

Download CCleaner from here.

After install Click Options.

Go to monitoring.

Uncheck All Monitoring items.

Go to advanced -- Click close program after cleaning.

Go to settings -- click run ccleaner when the computer starts.

Now that you have ccleaner installed and set-up:

Open the program.

Go to Tools

Go to Startup

Now double click each item. To Disable.

Leave only your antivirus enabled.

Then disable All items in your scheduled task as well.

Unless they are related to windows defender.Or your antivirus.

Reboot the machine.

ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.

2. Once you have started the program, you will need to click the scanner button.

The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.

Eliminate System Restrictions with this tool.

Temporarily disable your antivirus

Download SupRestric.exe save to your desktop.

Close all running programs.

Double click the file to launch it.

Windows: 7/8/10 Vista and run as administrator

Click Yes at any prompt.

The analysis takes only a few moments.

The report is on the desktop ( CTR.txt )

Copy paste report in next reply.

A reboot is needed to complete the repairs.

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log is saved to your desktop and will automatically open.

Please post the JRT log.

Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.

Double click on adwcleaner.exe to run the tool.

Click on Scan button.

When the scan has finished click on Clean button.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the contents of that logfile with your next reply.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

GeekInPink · Feb 26, 2017

Can you tell me what you see and if you are looking at open ports or investigating the network side of things?
I have done fixes in the past and ran this and that program to correct malware and/or viruses that end up on my PC because of the Trojan - but no one has said "yes there is a Trojan and yes it has access to your PC remotely and there is evidence of this.

Malnutrition · Feb 26, 2017

What makes you think there is a Trojan?

GeekInPink · Feb 26, 2017

Because I keep seeing this

>>> Attention: Port 65000 TCP - Devil v1.03, Stacheldracht (nvcontainer.exe)

I have done a few scans of the open ports etc and I keep seeing this on port 65000 and last time I also saw some other Trojan backdoor. I will find the scan file and show you...right now I am busy on the list you gave me

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-02-2017
Ran by Lynn (25-02-2017 16:23:38) Run:1
Running from C:\Users\Lynn\Desktop
Loaded Profiles: Lynn (Available Profiles: Lynn)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
Closeprocesses:
Emptytemp:
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-02-08] (Zemana Ltd.)
C:\Users\Lynn\AppData\Local\Zemana
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
C:\Program Files (x86)\Kaspersky Lab
GroupPolicyScripts: Restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2a69efde-1263-41b0-962d-33c9e9e50c3a}: [DhcpNameServer] 192.168.1.1
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-07] (Google Inc.)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
C:\Users\Lynn\AppData\Local\Tempzxpsignfe695dfd5a8b60af
C:\Users\Lynn\AppData\Local\Tempzxpsigne6b59e0d04c8e627
C:\Users\Lynn\AppData\Local\Tempzxpsign1e1ce360451226a2
C:\ProgramData\Emsisoft
C:\Users\Lynn\AppData\Local\Tempzxpsigne6b1ed0e83974ba5
C:\Users\Lynn\AppData\Local\Tempzxpsign9a0378f857c9b00a
C:\Users\Lynn\AppData\Local\Tempzxpsign88c5f5367f720894
C:\ProgramData\agent.1487142424.bdinstall.bin
C:\Users\Lynn\AppData\Local\Tempzxpsignf14df003b8b671cd
C:\Users\Lynn\AppData\Local\Tempzxpsigne9960af73da9c17e
C:\Users\Lynn\AppData\Local\Tempzxpsign8ffade731bb357e4
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
C:\Users\Lynn\AppData\Local\Tempzxpsign2ff941b5a5b8646a
C:\Users\Lynn\AppData\Local\Tempzxpsign1dab62d62a16c2bb
C:\Users\Lynn\AppData\Local\Tempzxpsign01633935c9b53fc3
C:\ProgramData\cl.uninstall.1486803204.bdinstall.bin
C:\ProgramData\dm.uninstall.1486803218.bdinstall.bin
C:\ProgramData\cl.1486802951.bdinstall.bin
C:\Users\Lynn\AppData\Local\Tempzxpsign95b849ee30d1578b
C:\Users\Lynn\AppData\Local\Tempzxpsign412cf58799821c78
C:\Users\Lynn\AppData\Local\Tempzxpsign49a3e6e87338a3b3
C:\ProgramData\dm.update.1486707160.bdinstall.bin
C:\Users\Public\Desktop\bdsyslog.zip
C:\Users\Lynn\Downloads\BDSysLog_i.exe
C:\Users\Lynn\AppData\Local\Tempzxpsign875f8aafa0efcf92
C:\Users\Lynn\AppData\Local\Tempzxpsign027ce268c2e243f3
C:\Users\Lynn\AppData\Local\Tempzxpsignec0ad1b2f6f56e
C:\Users\Lynn\AppData\Local\Tempzxpsign37f32ce15d7be2d4
C:\Users\Lynn\AppData\Local\Tempzxpsignec0ad1b2f6f56e86
C:\Users\Lynn\AppData\Local\Tempzxpsignf8fa78a0f64908e2
C:\Users\Lynn\AppData\Local\Tempzxpsigna79fd1cf015cd54c
C:\Users\Lynn\AppData\Local\Tempzxpsign0b423cf37e880182
C:\ProgramData\cl.repair.1486453559.bdinstall.bin
C:\Users\Lynn\AppData\Local\Tempzxpsignf1fe3099cc6c5805
C:\Users\Lynn\AppData\Local\Tempzxpsigna0527a423c1f159f
C:\ProgramData\agent.1486449217.bdinstall.bin
C:\Program Files (x86)\Setup Files
C:\ProgramData\cl.repair.1486190810.bdinstall.bin
C:\ProgramData\Kaspersky Lab
C:\ProgramData\Kaspersky Lab Setup Files
C:\ProgramData\agent.1485490204.bdinstall.bin
C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
C:\Program Files (x86)\Temp
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-FIMC3MU-Lynn
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-02-11 00:54 - 2017-01-07 19:31 - 00038283 _____ C:\bdlog.txt
2017-02-11 00:54 - 2017-01-07 19:20 - 00000000 ____D C:\Users\Lynn\AppData\Roaming\Bitdefender
2017-02-11 00:54 - 2017-01-07 19:20 - 00000000 ____D C:\ProgramData\Bitdefender
2017-01-07 19:18 - 2017-01-07 19:18 - 0047483 _____ () C:\ProgramData\agent.1483845505.bdinstall.bin
2017-01-16 22:56 - 2017-01-16 22:56 - 0028937 _____ () C:\ProgramData\agent.1484636169.bdinstall.bin
2017-01-16 23:13 - 2017-01-16 23:13 - 0028936 _____ () C:\ProgramData\agent.1484637210.bdinstall.bin
2017-01-26 20:10 - 2017-01-26 20:10 - 0028191 _____ () C:\ProgramData\agent.1485490204.bdinstall.bin
2017-02-06 22:33 - 2017-02-06 22:33 - 0028191 _____ () C:\ProgramData\agent.1486449217.bdinstall.bin
2017-02-14 23:07 - 2017-02-14 23:07 - 0029048 _____ () C:\ProgramData\agent.1487142424.bdinstall.bin
2017-01-07 19:21 - 2017-01-07 19:21 - 0386219 _____ () C:\ProgramData\cl.1483845580.bdinstall.bin
2017-01-16 23:30 - 2017-01-16 23:30 - 0393757 _____ () C:\ProgramData\cl.1484638161.bdinstall.bin
2017-02-11 00:49 - 2017-02-11 00:49 - 0090722 _____ () C:\ProgramData\cl.1486802951.bdinstall.bin
2017-01-21 02:27 - 2017-01-21 02:27 - 0395987 _____ () C:\ProgramData\cl.repair.1484994420.bdinstall.bin
2017-02-03 22:48 - 2017-02-03 22:48 - 0396269 _____ () C:\ProgramData\cl.repair.1486190810.bdinstall.bin
2017-02-06 23:47 - 2017-02-06 23:47 - 0395491 _____ () C:\ProgramData\cl.repair.1486453559.bdinstall.bin
2017-02-11 00:54 - 2017-02-11 00:54 - 0220597 _____ () C:\ProgramData\cl.uninstall.1486803204.bdinstall.bin
2017-01-07 19:21 - 2017-01-07 19:21 - 0055647 _____ () C:\ProgramData\dm.1483845709.bdinstall.bin
2017-01-21 02:26 - 2017-01-21 02:26 - 0035461 _____ () C:\ProgramData\dm.1484994402.bdinstall.bin
2017-01-21 02:33 - 2017-01-21 02:33 - 0055959 _____ () C:\ProgramData\dm.1484994788.bdinstall.bin
2017-02-11 00:53 - 2017-02-11 00:53 - 0036711 _____ () C:\ProgramData\dm.uninstall.1486803218.bdinstall.bin
2017-02-09 22:12 - 2017-02-09 22:12 - 0040875 _____ () C:\ProgramData\dm.update.1486707160.bdinstall.bin
2017-01-14 02:01 - 2017-01-14 02:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-07 23:34 - 2017-01-15 21:38 - 0005943 _____ () C:\ProgramData\NvTelemetryContainer.log
2017-01-07 23:34 - 2017-01-15 15:42 - 0010108 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
CustomCLSID: HKU\S-1-5-21-1733025421-183912762-1257700198-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-56006BBD6A19}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {16E53271-5CDF-481C-A918-18F83E5329B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-07] (Google Inc.)
Task: {1DB9F156-F279-4991-975C-15B778BA0D3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {2D689024-A4C1-4AFD-880D-E9C27F35F434} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {2E85D532-69FF-4B36-A43E-7013200F6755} - System32\Tasks\AdobeAAMUpdater-1.0-WHITEFALCON-Z17-Lynn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {4872B112-FF92-4AC9-BBEE-4A537617AE59} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {57E0A395-AF14-4A9F-B041-DBAB39EA52A9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {792DC694-CFE0-4C7C-98DD-91EA3201D572} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-FIMC3MU-Lynn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {AB2791B2-ACEB-42FD-BCEB-1D5700D58ED4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-07] (Google Inc.)
AlternateDataStreams: C:\Users\Lynn\Downloads\BDSysLog_i.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\esetonlinescanner_enu.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\eset_smart_security_premium_live_installer_us.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\iCloudSetup.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\LeakTest.exe:BDU [0]
AlternateDataStreams: C:\Users\Lynn\Downloads\mb3-setup-consumer-3.0.5.1299.exe:BDU [0]
C:\WINDOWS\system32\Drivers\etc\hosts
Hosts:
MSCONFIG\Services: isaHelperSvc => 2
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "ZAM"
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
CMD: ipconfig /flushdns
reboot:
end

*****************

Restore point was successfully created.
Processes closed successfully.
ZAM_Guard => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ZAM_Guard => key removed successfully
ZAM_Guard => service removed successfully
C:\Users\Lynn\AppData\Local\Zemana => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\KSS => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value removed successfully
"C:\Program Files (x86)\Kaspersky Lab" => not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2a69efde-1263-41b0-962d-33c9e9e50c3a}\\DhcpNameServer => value removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll => not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully
HKLM\System\CurrentControlSet\Services\AdobeUpdateService => key removed successfully
AdobeUpdateService => service removed successfully
HKLM\System\CurrentControlSet\Services\ZAM => key removed successfully
ZAM => service removed successfully
C:\Users\Lynn\AppData\Local\Tempzxpsignfe695dfd5a8b60af => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsigne6b59e0d04c8e627 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign1e1ce360451226a2 => moved successfully
C:\ProgramData\Emsisoft => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsigne6b1ed0e83974ba5 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign9a0378f857c9b00a => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign88c5f5367f720894 => moved successfully
C:\ProgramData\agent.1487142424.bdinstall.bin => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsignf14df003b8b671cd => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsigne9960af73da9c17e => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign8ffade731bb357e4 => moved successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => moved successfully
C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign2ff941b5a5b8646a => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign1dab62d62a16c2bb => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign01633935c9b53fc3 => moved successfully
C:\ProgramData\cl.uninstall.1486803204.bdinstall.bin => moved successfully
C:\ProgramData\dm.uninstall.1486803218.bdinstall.bin => moved successfully
C:\ProgramData\cl.1486802951.bdinstall.bin => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign95b849ee30d1578b => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign412cf58799821c78 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign49a3e6e87338a3b3 => moved successfully
C:\ProgramData\dm.update.1486707160.bdinstall.bin => moved successfully
C:\Users\Public\Desktop\bdsyslog.zip => moved successfully
C:\Users\Lynn\Downloads\BDSysLog_i.exe => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign875f8aafa0efcf92 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign027ce268c2e243f3 => moved successfully
"C:\Users\Lynn\AppData\Local\Tempzxpsignec0ad1b2f6f56e" => not found.
C:\Users\Lynn\AppData\Local\Tempzxpsign37f32ce15d7be2d4 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsignec0ad1b2f6f56e86 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsignf8fa78a0f64908e2 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsigna79fd1cf015cd54c => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsign0b423cf37e880182 => moved successfully
C:\ProgramData\cl.repair.1486453559.bdinstall.bin => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsignf1fe3099cc6c5805 => moved successfully
C:\Users\Lynn\AppData\Local\Tempzxpsigna0527a423c1f159f => moved successfully
C:\ProgramData\agent.1486449217.bdinstall.bin => moved successfully
C:\Program Files (x86)\Setup Files => moved successfully
C:\ProgramData\cl.repair.1486190810.bdinstall.bin => moved successfully
C:\ProgramData\Kaspersky Lab => moved successfully
C:\ProgramData\Kaspersky Lab Setup Files => moved successfully
C:\ProgramData\agent.1485490204.bdinstall.bin => moved successfully
C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification => moved successfully
C:\Program Files (x86)\Temp => moved successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-FIMC3MU-Lynn => moved successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
C:\bdlog.txt => moved successfully
C:\Users\Lynn\AppData\Roaming\Bitdefender => moved successfully
C:\ProgramData\Bitdefender => moved successfully
C:\ProgramData\agent.1483845505.bdinstall.bin => moved successfully
C:\ProgramData\agent.1484636169.bdinstall.bin => moved successfully
C:\ProgramData\agent.1484637210.bdinstall.bin => moved successfully
"C:\ProgramData\agent.1485490204.bdinstall.bin" => not found.
"C:\ProgramData\agent.1486449217.bdinstall.bin" => not found.
"C:\ProgramData\agent.1487142424.bdinstall.bin" => not found.
C:\ProgramData\cl.1483845580.bdinstall.bin => moved successfully
C:\ProgramData\cl.1484638161.bdinstall.bin => moved successfully
"C:\ProgramData\cl.1486802951.bdinstall.bin" => not found.
C:\ProgramData\cl.repair.1484994420.bdinstall.bin => moved successfully
"C:\ProgramData\cl.repair.1486190810.bdinstall.bin" => not found.
"C:\ProgramData\cl.repair.1486453559.bdinstall.bin" => not found.
"C:\ProgramData\cl.uninstall.1486803204.bdinstall.bin" => not found.
C:\ProgramData\dm.1483845709.bdinstall.bin => moved successfully
C:\ProgramData\dm.1484994402.bdinstall.bin => moved successfully
C:\ProgramData\dm.1484994788.bdinstall.bin => moved successfully
"C:\ProgramData\dm.uninstall.1486803218.bdinstall.bin" => not found.
"C:\ProgramData\dm.update.1486707160.bdinstall.bin" => not found.
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\NvTelemetryContainer.log => moved successfully
C:\ProgramData\NvTelemetryContainer.log_backup1 => moved successfully
HKU\S-1-5-21-1733025421-183912762-1257700198-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-56006BBD6A19} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16E53271-5CDF-481C-A918-18F83E5329B7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16E53271-5CDF-481C-A918-18F83E5329B7} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1DB9F156-F279-4991-975C-15B778BA0D3A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DB9F156-F279-4991-975C-15B778BA0D3A} => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D689024-A4C1-4AFD-880D-E9C27F35F434} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D689024-A4C1-4AFD-880D-E9C27F35F434} => key removed successfully
C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel PTT EK Recertification => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E85D532-69FF-4B36-A43E-7013200F6755} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E85D532-69FF-4B36-A43E-7013200F6755} => key removed successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-WHITEFALCON-Z17-Lynn => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-WHITEFALCON-Z17-Lynn => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4872B112-FF92-4AC9-BBEE-4A537617AE59} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4872B112-FF92-4AC9-BBEE-4A537617AE59} => key removed successfully
C:\WINDOWS\System32\Tasks\Apple\AppleSoftwareUpdate => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57E0A395-AF14-4A9F-B041-DBAB39EA52A9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57E0A395-AF14-4A9F-B041-DBAB39EA52A9} => key removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{792DC694-CFE0-4C7C-98DD-91EA3201D572} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{792DC694-CFE0-4C7C-98DD-91EA3201D572} => key removed successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-FIMC3MU-Lynn => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-DESKTOP-FIMC3MU-Lynn => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB2791B2-ACEB-42FD-BCEB-1D5700D58ED4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB2791B2-ACEB-42FD-BCEB-1D5700D58ED4} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
"C:\Users\Lynn\Downloads\BDSysLog_i.exe" => ":BDU" ADS not found.
C:\Users\Lynn\Downloads\esetonlinescanner_enu.exe => ":BDU" ADS removed successfully.
C:\Users\Lynn\Downloads\eset_smart_security_premium_live_installer_us.exe => ":BDU" ADS removed successfully.
C:\Users\Lynn\Downloads\iCloudSetup.exe => ":BDU" ADS removed successfully.
C:\Users\Lynn\Downloads\LeakTest.exe => ":BDU" ADS could not remove.
C:\Users\Lynn\Downloads\mb3-setup-consumer-3.0.5.1299.exe => ":BDU" ADS removed successfully.
C:\WINDOWS\system32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\isaHelperSvc => key removed successfully
HKLM\System\CurrentControlSet\Services\isaHelperSvc => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Logitech Download Assistant => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Logitech Download Assistant => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Malwarebytes TrayApp => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes TrayApp => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Live Update => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Live Update => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Super Charger => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Super Charger => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Acrobat Assistant 8.0 => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Adobe Creative Cloud => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Creative Cloud => value removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\ZAM => value removed successfully
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ZAM => value not found.
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\OneDrive => value removed successfully
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\OneDrive => value not found.
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value not found.

========= RemoveProxy: =========

HKU\S-1-5-21-1733025421-183912762-1257700198-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1733025421-183912762-1257700198-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state Off =========

Ok.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 6367888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8690915 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 1460319 B
Edge => 1363 B
Chrome => 13748578 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6144 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 707492 B
LocalService => 3282 B
NetworkService => 0 B
Lynn => 215986300 B

RecycleBin => 280850 B
EmptyTemp: => 235.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:24:05 ====

Malnutrition · Feb 26, 2017

(nvcontainer.exe) _____________________

https://pchelpforum.net/resources/remove-nvidia-telemetry-with-autoruns.94/

Malnutrition · Feb 26, 2017

When you have completed all the other steps....

Auto logger scan!

Disable your Antivirus & Anti spyware applications!!
Download Autologger to your desktop.
Unzip it there. -- If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----
Right click Autologger and run as admin. (Xp user double click)
AVZ4 will open and scan your machine, allow this to complete.
Upload Collectionlog.zip to your next reply.

GeekInPink · Feb 26, 2017

Question : In CC Cleaner there is an option under the Scheduled Tasks called "advanced" that allows the user to see all of the scheduled tasks. Do you want me to check the advanced box or no?

Malnutrition · Feb 26, 2017

GeekInPink said:
Do you want me to check the advanced box or no?

No, leave that alone. Or do so at your own risk. There is no need to dive into that here.

GeekInPink · Feb 26, 2017

Just checkin' I didnt look like something I would want to mess around with. I am almost done with my to-do list

GeekInPink · Feb 26, 2017

~ ZHPCleaner v2017.2.24.35 by Nicolas Coolman (2017/02/24)

~ Run by Lynn (Administrator) (25/02/2017 18:15:50)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Lynn\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Lynn\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 14393)

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (0)
~ No malicious or unnecessary items found.

---\\ Hosts file (1)
~ The hosts file is legitimate (1)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (60)
MOVED file: C:\Windows\Installer\wix{516ACA6A-47FB-4AB1-959C-F938168E8948}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{75FE588B-F158-4BB3-A283-A8D18E522A52}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{7D84E343-A23D-451C-B123-0195B2D903A6}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{A8BB205F-3FB7-4945-9C47-CB3FF90BB1EC}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign0a209271c5f3e349 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign137771dcc1bf6b70 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign14808d37c3a19382 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign168e82c03968a12c =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign36284415ef1d7584 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign38bbdbf46a0d7b98 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign3b7f748a484d0b5b =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign3d36eb46cd150557 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign3e11bcc46813b7af =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign42f4d4feda7008cc =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign440fc1198339279c =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign463bfb04e98ecd87 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign558a3a451ab53459 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign658e8d499858928f =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign678a55375351ce24 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign6a5f2f224b4f5e0f =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign7277eebcf1297198 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign845af235cc88ffc5 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign867f47491aaad37a =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsign8906564fafe7471b =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsigna61c72725806f1f3 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsigna8562b99b4aa8fcc =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignab94e6fd2e0d9d6e =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignaf4f58566c258294 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignb563d30915dea6eb =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignb57a85a1154451b2 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignc3b2eb05eeda1927 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignd06e0631f720edb5 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignd300607ea9fc6ef2 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignd3c9f27c2356a8f6 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignd524e6fc0a0cf6db =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignd5c271e38ca55e43 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignd8872983c73c4534 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignd8fb26bb80174e36 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsigndfb468cc82df03fb =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsigne1cb03a269f5d779 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsigne498e456af721846 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignf0196a32e248457a =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignf2855f95524e9af7 =>.Superfluous.Temporary
MOVED folder: C:\Users\Lynn\AppData\Local\Tempzxpsignf87a7f6972f7069d =>.Superfluous.Temporary
MOVED folder: C:\WINDOWS\Installer\MSI1816.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSI536.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSI6FF2.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSI7198.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSI813B.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSI8257.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSID39F.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSID5A5.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSID644.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSID6E1.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSIDC71.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSIFB1B.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSIFC00.tmp- =>.Superfluous.Empty
MOVED folder: C:\WINDOWS\Installer\MSIFE25.tmp- =>.Superfluous.Empty

---\\ Registry ( Key, Value, Data) (1)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect

---\\ Summary of the elements found (3)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Temporary
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect

---\\ Other deletions. (20)
~ Registry Keys Tracing deleted (20)
~ Remove the old reports ZHPCleaner. (0)

---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)

---\\ Statistics
~ Items scanned : 549
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 61

~ End of clean in 00h00mn04s
~====================
ZHPCleaner-[R]-25022017-18_15_54.txt
ZHPCleaner-~~-25022017-17_51_30.txt~~

GeekInPink · Feb 26, 2017

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Pro x64
Ran by Lynn (Administrator) on Sat 02/25/2017 at 18:21:35.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/25/2017 at 18:23:29.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GeekInPink · Feb 26, 2017

The AdwCleaner found nothing.

GeekInPink · Feb 26, 2017

# AdwCleaner v6.043 - Logfile created 25/02/2017 at 18:40:08
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-01-06.1 [Local]
# Operating System : Windows 10 Pro (X64)
# Username : Lynn - WHITEFALCON-Z17
# Running from : C:\Users\Lynn\Desktop\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared
:: "Prefetch" files deleted
:: Proxy settings cleared
:: Firewall rules cleared

*************************

GeekInPink · Feb 26, 2017

Not sure the Autologger scan is functioning correctly. It opens up a program window and then tells me to check my computer date. Cant find any zip file to upload either. but there was a log file

script ver. 2017.02.14
DefaultLanguage = 0409
Autologger’s localization was made in English.
Log collection started at 2017.02.25-18:43:21
C:\Users\Lynn\Desktop\AutoLogger\AutoLogger\
C:\Users\Lynn\AppData\Local\Temp\
AutoLogger has been run with local Administrator rights.
Elevation of privileges of rights is successful.
This is not a Server System.
Last update was on = 2017.02.26
Current date is = 2017.02.25
Please, check your system date. It’s set to 2017.02.25

GeekInPink · Feb 26, 2017

AVZ Toolkit opens up and then stops with a pop up window telling me to check my computer date.

GeekInPink · Feb 26, 2017

Under the Context tab in CCCleaner there are certain items that I dont have the authority to disable. is that normal? Should I be concerned with any of those items? What are those items anyways?

Thanks

GeekInPink

jmarket

PCHF's Almighty Ruler

GeekInPink

Malnutrition

Malnurished Mod

Attachments

GeekInPink

GeekInPink

Malnutrition

Malnurished Mod

GeekInPink

Malnutrition

Malnurished Mod

Malnutrition

Malnurished Mod

GeekInPink

Malnutrition

Malnurished Mod

GeekInPink

GeekInPink

GeekInPink

GeekInPink

GeekInPink

GeekInPink

GeekInPink

GeekInPink

Search

Search

Solved Port 65000