Lets get some info from your machine, to get things rolling.
Step 1: Reset Host File
- Click here to download RstHosts v2.0
- Save the file to your desktop.
- Right Click and Run as Administrator.
- Click on Restaurer, then click OK at the prompt.
- This will restore the default host file.
- Next Click on Creer Un Rapport.
- This will open a logfile, post that in your next reply.
Step 2: MiniToolBox Scan
Please download
MINITOOLBOX and run it.
Checkmark following boxes:
Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)
Click Go
post the result.
Step 3: Autoruns Scan.
Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe
After the scan is finished then click on File>>>>>>>>>>>Save
The default name will be autoruns.arn make sure to save it as
Autoruns.txt under the file type option.
in other words make sure it is a .txt file instead of .arn
Attach the text in your next reply.
Step 4: HijackThis.
1- Please click
HERE to download
HijackThis.
2- Run the program.
3- Click on the
Main Menu button if not already there.
4- Select
Do a system scan and save a logfile.
5- Copy paste the log here.
Step 1: Here is my log file it created.
-|x| RstHosts v2.0 - Rapport créé le 01/07/2017 à 02:28:46
-|x| Système d'exploitation : Windows 10 Pro (64 bits)
-|x| Nom d'utilisateur : conno - DESKTOP-TCF7HVN (Administrateur)
-|x|- Informations -|x|-
Emplacement : C:\Windows\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 01/07/2017 - 02:28:15
Date de modification : 01/07/2017 - 02:28:43
Date de dernier accès : 01/07/2017 - 02:28:43
-|x|- Contenu du fichier -|x|-
# Fichier Hosts créé par RstHosts
127.0.0.1 localhost
::1 localhost
-|x|- E.O.F - C:\RstHosts.txt - 609 bytes -|x|-
Step 2:
MiniToolBox by Farbar Version: 17-06-2016
Ran by conno (administrator) on 01-07-2017 at 02:30:53
Running from "C:\Users\conno\Downloads"
Microsoft Windows 10 Pro (X64)
Model: MS-7998 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Intel(R) Ethernet Connection (2) I219-V = Ethernet (Connected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : DESKTOP-TCF7HVN
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel(R) Ethernet Connection (2) I219-V
Physical Address. . . . . . . . . : 4C-CC-6A-29-42-97
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : fdaa:bbcc:ddee:0:5dd5:3f91:eb5c:6b1a(Preferred)
Temporary IPv6 Address. . . . . . : fdaa:bbcc:ddee:0:317a:26fb:3990:93d2(Deprecated)
Temporary IPv6 Address. . . . . . : fdaa:bbcc:ddee:0:6975:520b:50ef:c96b(Deprecated)
Temporary IPv6 Address. . . . . . : fdaa:bbcc:ddee:0:7d77:e7c2:38f6:a83d(Deprecated)
Temporary IPv6 Address. . . . . . : fdaa:bbcc:ddee:0:a062:c4e0:fb13:14c4(Preferred)
Temporary IPv6 Address. . . . . . : fdaa:bbcc:ddee:0:d535:42e5:fccd:2252(Deprecated)
Link-local IPv6 Address . . . . . : fe80::5dd5:3f91:eb5c:6b1a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.131(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 30 June 2017 17:26:48
Lease Expires . . . . . . . . . . : 02 July 2017 02:11:50
Default Gateway . . . . . . . . . : fe80::2620:c7ff:fe6b:7149%11
192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 38587498
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-74-F7-BC-4C-CC-6A-29-42-97
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Local Area Connection* 10:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::247f:2b7:a959:6c63%3(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 234881024
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-74-F7-BC-4C-CC-6A-29-42-97
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.home:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: bthub
Address: 192.168.1.254
Name: google.com
Addresses: 2a00:1450:4009:80d::200e
216.58.208.174
Pinging google.com [216.58.208.174] with 32 bytes of data:
Reply from 216.58.208.174: bytes=32 time=13ms TTL=54
Reply from 216.58.208.174: bytes=32 time=13ms TTL=54
Ping statistics for 216.58.208.174:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 13ms, Average = 13ms
Server: bthub
Address: 192.168.1.254
Name: yahoo.com
Addresses: 2001:4998:c:a06::2:4008
2001:4998:58:c02::a9
2001:4998:44:204::a7
206.190.36.45
98.138.253.109
98.139.180.149
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=153ms TTL=48
Reply from 206.190.36.45: bytes=32 time=153ms TTL=48
Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 153ms, Maximum = 153ms, Average = 153ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...4c cc 6a 29 42 97 ......Intel(R) Ethernet Connection (2) I219-V
1...........................Software Loopback Interface 1
3...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.131 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.131 291
192.168.1.131 255.255.255.255 On-link 192.168.1.131 291
192.168.1.255 255.255.255.255 On-link 192.168.1.131 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.131 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.131 291
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 291 ::/0 fe80::2620:c7ff:fe6b:7149
1 331 ::1/128 On-link
11 291 fdaa:bbcc:ddee::/64 On-link
11 291 fdaa:bbcc:ddee::/64 fe80::2620:c7ff:fe6b:7149
11 291 fdaa:bbcc:ddee:0:317a:26fb:3990:93d2/128
On-link
11 291 fdaa:bbcc:ddee:0:5dd5:3f91:eb5c:6b1a/128
On-link
11 291 fdaa:bbcc:ddee:0:6975:520b:50ef:c96b/128
On-link
11 291 fdaa:bbcc:ddee:0:7d77:e7c2:38f6:a83d/128
On-link
11 291 fdaa:bbcc:ddee:0:a062:c4e0:fb13:14c4/128
On-link
11 291 fdaa:bbcc:ddee:0:d535:42e5:fccd:2252/128
On-link
11 291 fe80::/64 On-link
3 331 fe80::/64 On-link
3 331 fe80::247f:2b7:a959:6c63/128
On-link
11 291 fe80::5dd5:3f91:eb5c:6b1a/128
On-link
1 331 ff00::/8 On-link
11 291 ff00::/8 On-link
3 331 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/01/2017 02:19:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (07/01/2017 02:18:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (06/30/2017 11:30:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156
Error: (06/30/2017 11:30:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156
Error: (06/30/2017 11:30:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/30/2017 11:21:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (06/30/2017 05:30:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (06/29/2017 12:06:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (06/28/2017 01:20:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110
Error: (06/28/2017 01:20:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110
System errors:
=============
Error: (07/01/2017 02:12:04 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/30/2017 11:30:49 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (06/30/2017 11:21:30 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1 = Incorrect function.
Error: (06/30/2017 11:21:30 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1 = Incorrect function.
Error: (06/30/2017 11:21:30 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1 = Incorrect function.
Error: (06/30/2017 11:21:30 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1 = Incorrect function.
Error: (06/30/2017 11:21:30 PM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1 = Incorrect function.
Error: (06/30/2017 05:27:08 PM) (Source: DCOM) (User: DESKTOP-TCF7HVN)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-TCF7HVNconnoS-1-5-21-497336108-4179217523-1964201633-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (06/30/2017 05:27:08 PM) (Source: DCOM) (User: DESKTOP-TCF7HVN)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-TCF7HVNconnoS-1-5-21-497336108-4179217523-1964201633-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (06/30/2017 05:27:08 PM) (Source: DCOM) (User: DESKTOP-TCF7HVN)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-TCF7HVNconnoS-1-5-21-497336108-4179217523-1964201633-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Microsoft Office Sessions:
=========================
Error: (07/01/2017 02:19:26 AM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (07/01/2017 02:18:05 AM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (06/30/2017 11:30:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156
Error: (06/30/2017 11:30:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156
Error: (06/30/2017 11:30:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/30/2017 11:21:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
Error: (06/30/2017 05:30:06 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (06/29/2017 12:06:28 AM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
Error: (06/28/2017 01:20:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1110
Error: (06/28/2017 01:20:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1110
CodeIntegrity Errors:
===================================
Date: 2017-06-27 20:47:56.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-27 20:47:54.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-06-19 15:20:00.096
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-22 21:51:12.008
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-14 22:32:38.025
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-10 10:05:51.992
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-10 10:05:38.582
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-05 03:16:06.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-05 03:16:06.511
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-02 16:54:47.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Assassins Creed Syndicate Gold Edition version 1.5.0.0 (HKLM-x32\...\Assassins Creed Syndicate Gold Edition_is1) (Version: 1.5.0.0 - Mr DJ)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.50.17863 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brackets (HKLM-x32\...\{B2F571A7-E9D3-4030-B167-57373D2D61D7}) (Version: 1.9 - brackets.io)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Cities Skylines Mass Transit (HKLM-x32\...\Cities Skylines Mass Transit_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Depth (HKLM\...\Steam App 274940) (Version: - Digital Confectioners)
Discord (HKCU\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts)
FileZilla Client 3.25.1 (HKLM-x32\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
FL Studio 12.1.2 (HKLM\...\FL Studio 12.1.2_is1) (Version: - )
FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Intel Extreme Tuning Utility (HKLM-x32\...\{79E98F35-0524-446C-8EF5-4E863C4D87E2}) (Version: 6.2.0.24 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
iTunes (HKLM\...\{F11677B7-0D8E-4F34-BEBB-6869FE861CDF}) (Version: 12.5.2.36 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LEGO MARVEL Super Heroes (HKLM-x32\...\LEGO MARVEL Super Heroes_is1) (Version: - Warner Bros. Games)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.87 (HKLM\...\Logitech Gaming Software) (Version: 8.87.116 - Logitech Inc.)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8201.2102 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft1.10 (HKLM-x32\...\Minecraft1.10) (Version: - )
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 2.0.0.45 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.22 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.11 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.13 - MSI)
MusicLab RealGuitar (HKLM\...\{1864B4F0-8888-5A57-9930-C2B307597966}) (Version: 3.0 - MusicLab, Inc.)
MusicLab Virtual MIDI Driver (HKLM\...\{A30B7FD7-04A1-46e1-ABDF-FD592C113253}) (Version: 2.0.1.0 - MusicLab, Inc.)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.0.533 - Native Instruments)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
Nicky Romero Kickstart 1.0.9 (HKLM\...\Kickstart_is1) (Version: 1.0.9 - Nicky Romero)
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.3.0.5 - GOG.com)
No Man's Sky Pre-order DLC (HKLM-x32\...\2022706229_is1) (Version: 2.0.0.2 - GOG.com)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.80 - Symantec Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.)
Outlast 2 (HKLM-x32\...\Outlast 2_is1) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
Sylenth1 v1.01.3 (HKLM-x32\...\Sylenth1_is1) (Version: - )
Toy Story 3 - The Video Game (HKLM-x32\...\Toy Story 3 - The Video Game_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Uplay (HKLM-x32\...\Uplay) (Version: 23.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
========================= Memory info: ===================================
Percentage of memory in use: 23%
Total physical RAM: 16344.02 MB
Available physical RAM: 12548.9 MB
Total Virtual: 18776.02 MB
Available Virtual: 14637.26 MB
========================= Partitions: =====================================
1 Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
2 Drive c: () (Fixed) (Total:223.55 GB) (Free:44.84 GB) NTFS
3 Drive d: () (Fixed) (Total:930.56 GB) (Free:126.12 GB) NTFS
4 Drive e: (LEGO MARVEL Super Heroes) (CDROM) (Total:6.17 GB) (Free:0 GB) UDF
========================= Users: ========================================
User accounts for \\DESKTOP-TCF7HVN
Administrator conno DefaultAccount
defaultuser0 Guest
**** End of log ****
Step 3:
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "03/04/2017 18:42" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" "17/05/2015 15:36" ""
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe" "13/10/2016 18:07" ""
+ "Launch LCore" "Logitech Gaming Framework" "Logitech Inc." "c:\program files\logitech gaming software\lcore.exe" "30/08/2016 01:03" ""
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui64.exe" "28/03/2017 10:42" ""
+ "ShadowPlay" "NVIDIA Capture Server Proxy" "NVIDIA Corporation" "c:\windows\system32\nvspcap64.dll" "03/05/2017 16:36" ""
+ "WindowsDefender" "Windows Defender notification icon" "Microsoft Corporation" "c:\program files\windows defender\msascuil.exe" "28/04/2017 00:52" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "17/06/2017 09:11" ""
+ "Command Center" "" "MSI" "c:\program files (x86)\msi\command center\startcommandcenter.exe" "15/11/2016 02:54" ""
+ "Fast Boot" "" "" "c:\program files (x86)\msi\fast boot\startfastboot.exe" "22/04/2015 04:23" ""
+ "Live Update" "Live Update 6 Application" "Micro-Star INT'L CO., LTD." "c:\program files (x86)\msi\live update\live update.exe" "07/03/2017 07:29" ""
+ "SunJavaUpdateSched" "Java Update Scheduler" "Oracle Corporation" "c:\program files (x86)\common files\java\java update\jusched.exe" "15/03/2017 10:43" ""
+ "Super Charger" "Super Charger" "MSI" "c:\program files (x86)\msi\super charger\super charger.exe" "17/03/2017 06:51" ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "27/06/2017 23:16" ""
+ "DAEMON Tools Lite Automount" "DAEMON Tools Lite" "Disc Soft Ltd" "c:\program files\daemon tools lite\dtagent.exe" "29/08/2016 14:52" ""
+ "Discord" "Discord" "Hammer & Chisel, Inc." "c:\users\conno\appdata\local\discord\app-0.0.297\discord.exe" "04/01/2017 23:14" ""
+ "Gyazo" "Gyazo Station" "Nota Inc." "c:\program files (x86)\gyazo\gystation.exe" "16/05/2017 09:29" ""
+ "Lync" "Skype for Business" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\lync.exe" "23/06/2017 16:40" ""
+ "OneDrive" "Microsoft OneDrive" "Microsoft Corporation" "c:\users\conno\appdata\local\microsoft\onedrive\onedrive.exe" "07/06/2017 21:59" ""
+ "Spotify" "Spotify" "Spotify Ltd" "c:\users\conno\appdata\roaming\spotify\spotify.exe" "04/05/2017 17:33" ""
+ "Spotify Web Helper" "SpotifyWebHelper" "Spotify Ltd" "c:\users\conno\appdata\roaming\spotify\spotifywebhelper.exe" "04/05/2017 17:32" ""
"C:\Users\conno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "15/06/2017 22:16" ""
+ "OneDrive for Business.lnk" "Microsoft OneDrive for Business" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\groove.exe" "23/06/2017 14:27" ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "12/10/2016 00:57" ""
+ "Google Chrome" "Google Chrome Installer" "Google Inc." "c:\program files (x86)\google\chrome\application\59.0.3071.115\installer\chrmstp.exe" "23/06/2017 03:23" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "16/07/2016 03:25" ""
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "12/10/2016 00:57" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "16/07/2016 02:41" ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "04/04/2017 15:20" ""
+ "ANotepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files\notepad++\nppshell_06.dll" "12/05/2014 10:49" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\windows defender\shellext.dll" "28/04/2017 00:53" ""
+ "MEGA (Context menu)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll" "14/08/2016 20:15" ""
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "16/07/2016 12:49" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\windows defender\shellext.dll" "28/04/2017 00:53" ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "08/03/2017 04:04" ""
+ "MEGA (Context menu)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll" "" ""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "08/03/2017 04:04" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\windows defender\shellext.dll" "28/04/2017 00:53" ""
+ "MEGA (Context menu)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll" "" ""
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" "" "28/04/2017 00:17" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files\filezilla ftp client\fzshellext_64.dll" "30/01/1919 15:24" ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "16/02/2017 01:41" ""
+ "NvCplDesktopContext" "NVIDIA Display Shell Extension" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll" "08/06/2017 00:41" ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "25/09/2016 01:33" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll" "14/08/2016 20:15" ""
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "25/09/2016 01:33" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll" "14/08/2016 20:15" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "01/07/2017 02:31" ""
+ " MEGA (Pending)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll" "" ""
+ " MEGA (Synced)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll" "" ""
+ " MEGA (Syncing)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll" "" ""
+ " SkyDrivePro1 (ErrorConflict)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\grooveex.dll" "11/06/2017 11:16" ""
+ " SkyDrivePro2 (SyncInProgress)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\grooveex.dll" "11/06/2017 11:16" ""
+ " SkyDrivePro3 (InSync)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\grooveex.dll" "11/06/2017 11:16" ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "30/05/2017 13:48" ""
+ " MEGA (Pending)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX32.dll" "" ""
+ " MEGA (Synced)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX32.dll" "" ""
+ " MEGA (Syncing)" "" "" "File not found: C:\Users\conno\AppData\Local\MEGAsync\ShellExtX32.dll" "" ""
+ " SkyDrivePro1 (ErrorConflict)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\grooveex.dll" "11/06/2017 09:35" ""
+ " SkyDrivePro2 (SyncInProgress)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\grooveex.dll" "11/06/2017 09:35" ""
+ " SkyDrivePro3 (InSync)" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\grooveex.dll" "11/06/2017 09:35" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "01/07/2017 02:31" ""
+ "Lync Browser Helper" "Skype for Business" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\ochelper.dll" "11/06/2017 11:22" ""
+ "Microsoft OneDrive for Business Browser Helper" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\grooveex.dll" "11/06/2017 11:16" ""
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "30/05/2017 13:48" ""
+ "Java(tm) Plug-In 2 SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre1.8.0_131\bin\jp2ssv.dll" "15/03/2017 10:18" ""
+ "Java(tm) Plug-In SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre1.8.0_131\bin\ssv.dll" "15/03/2017 10:18" ""
+ "Lync Browser Helper" "Skype for Business" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\ochelper.dll" "09/05/2017 17:18" ""
+ "Microsoft OneDrive for Business Browser Helper" "Microsoft OneDrive for Business Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\grooveex.dll" "11/06/2017 09:35" ""
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "01/07/2017 02:31" ""
+ "Lync Click to Call" "Skype for Business" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\ochelper.dll" "11/06/2017 11:22" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\onbttnielinkednotes.dll" "11/06/2017 11:15" ""
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilesx64\microsoft office\office16\onbttnie.dll" "11/06/2017 11:16" ""
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "01/07/2017 02:31" ""
+ "Lync Click to Call" "Skype for Business" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\ochelper.dll" "09/05/2017 17:18" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\onbttnielinkednotes.dll" "11/06/2017 09:31" ""
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\onbttnie.dll" "11/06/2017 09:30" ""
"Task Scheduler" "" "" "" "" ""
+ "\AdobeAAMUpdater-1.0-MicrosoftAccount-connor.rugman@outlook.com" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe" "17/05/2015 15:36" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "13/06/2017 14:44" ""
+ "\GyazoUpdateTaskMachine" "Gyazo Auto Update Machine" "" "c:\program files (x86)\gyazo\gyazoupdate.exe" "01/01/1970 01:00" ""
+ "\GyazoUpdateTaskMachineDaily" "Gyazo Auto Update Machine" "" "c:\program files (x86)\gyazo\gyazoupdate.exe" "01/01/1970 01:00" ""
+ "\Microsoft\Office\Office Automatic Updates" "Microsoft Office Click-to-Run Client" "Microsoft Corporation" "c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe" "23/06/2017 19:44" ""
+ "\Microsoft\Office\Office ClickToRun Service Monitor" "Microsoft Office Click-to-Run Client" "Microsoft Corporation" "c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe" "23/06/2017 19:44" ""
+ "\Microsoft\Office\OfficeBackgroundTaskHandlerLogon" "" "" "c:\program files (x86)\microsoft office\root\office16\officebackgroundtaskhandler.exe" "11/06/2017 09:35" ""
+ "\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration" "" "" "c:\program files (x86)\microsoft office\root\office16\officebackgroundtaskhandler.exe" "11/06/2017 09:35" ""
+ "\Microsoft\Office\OfficeTelemetryAgentFallBack2016" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\msoia.exe" "23/06/2017 14:26" ""
+ "\Microsoft\Office\OfficeTelemetryAgentLogOn2016" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\msoia.exe" "23/06/2017 14:26" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "16/07/2016 12:42" ""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "28/04/2017 00:56" ""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "28/04/2017 00:56" ""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "28/04/2017 00:56" ""
+ "\Microsoft\Windows\Windows Defender\Windows Defender Verification" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "28/04/2017 00:56" ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "16/07/2016 03:25" ""
+ "\Norton Security Scan for conno" "Norton Security Scan" "Symantec Corporation" "c:\program files (x86)\norton security scan\engine\4.6.1.80\nss.exe" "03/11/2016 03:36" ""
+ "\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA Container" "NVIDIA Corporation" "c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe" "02/05/2017 22:57" ""
+ "\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA GeForce Experience" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia geforce experience\nvidia geforce experience.exe" "03/05/2017 20:59" ""
+ "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA nodejs launcher" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvnode\nvnodejslauncher.exe" "03/05/2017 20:24" ""
+ "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA driver profile updater" "NVIDIA Corporation" "c:\program files\nvidia corporation\update core\nvprofileupdater64.exe" "27/04/2017 11:35" ""
+ "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA driver profile updater" "NVIDIA Corporation" "c:\program files\nvidia corporation\update core\nvprofileupdater64.exe" "27/04/2017 11:35" ""
+ "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA telemetry monitor" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\update core\nvtmmon.exe" "27/04/2017 11:30" ""
+ "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA crash and telemetry reporter" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\update core\nvtmrep.exe" "27/04/2017 11:30" ""
+ "\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" "NVIDIA crash and telemetry reporter" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\update core\nvtmrep.exe" "27/04/2017 11:30" ""
+ "\OneDrive Standalone Update Task v2" "Standalone Updater" "Microsoft Corporation" "c:\users\conno\appdata\local\microsoft\onedrive\onedrivestandaloneupdater.exe" "07/06/2017 21:58" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "01/07/2017 02:18" ""
+ "Apple Mobile Device Service" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe" "13/02/2015 04:18" ""
+ "BEService" "" "" "c:\program files (x86)\common files\battleye\beservice.exe" "12/12/2016 13:50" ""
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "12/08/2015 23:47" ""
+ "ClickToRunSvc" "Manages resource coordination, background streaming, and system integration of Microsoft Office products and their related updates. This service is required to run during the use of any Microsoft Office program, during initial streaming installation and all subsequent updates." "Microsoft Corporation" "c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe" "23/06/2017 19:33" ""
+ "Disc Soft Lite Bus Service" "Disc Soft Bus Service Lite" "Disc Soft Ltd" "c:\program files\daemon tools lite\discsoftbusservicelite.exe" "29/08/2016 14:52" ""
+ "EasyAntiCheat" "EasyAntiCheat Service" "EasyAntiCheat Ltd" "c:\windows\syswow64\easyanticheat.exe" "21/04/2017 11:05" ""
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "15/07/2016 08:29" ""
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "15/07/2016 08:29" ""
+ "Intel(R) Capability Licensing Service TCP IP Interface" "Version: 1.43.301.1" "Intel(R) Corporation" "c:\program files\intel\icls client\socketheciserver.exe" "26/07/2016 14:48" ""
+ "Intel(R) Online Connect" "Intel(R) Online Connect" "Intel Corporation" "c:\program files\intel\intel(r) online connect\ioc.exe" "05/10/2016 01:06" ""
+ "Intel(R) Online Connect Helper" "Intel(R) Online Connect Helper" "Intel Corporation" "c:\program files\intel\intel(r) online connect\iochelperservice.exe" "05/10/2016 01:05" ""
+ "Intel(R) Online Connect Software Asset Manager" "Intel(R) Online Connect Software Asset Manager helps you keep your system up-to-date." "Intel Corporation" "c:\program files (x86)\intel\intel(r) online connect access\intel(r) software asset manager\bin\intelsoftwareassetmanagerservice.exe" "12/10/2015 21:28" ""
+ "Intel(R) PROSet Monitoring Service" "The Intel(R) PROSet Monitoring Service actively monitors changes to the system and updates affected network devices to keep them running in optimal condition. Stopping this service may negatively affect the performance of the network devices on the system." "Intel Corporation" "c:\windows\system32\iprosetmonitor.exe" "18/08/2016 19:58" ""
+ "Intel(R) TechnologyAccessLegacyCSLoader" "Legacy Capability Servicer Loader for Intel(R) Online Connect Access" "Intel(R) Corporation" "c:\program files\intel\intel(r) online connect access\legacycsloaderservice.exe" "05/10/2016 20:14" ""
+ "Intel(R) TechnologyAccessService" "Software that enables Intel(R) Online Connect Access" "Intel(R) Corporation" "c:\program files\intel\intel(r) online connect access\inteltechnologyaccessservice.exe" "05/10/2016 20:13" ""
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe" "13/10/2016 18:07" ""
+ "jhi_service" "Intel(R) Dynamic Application Loader Host Interface Service - Allows applications to access the local Intel (R) DAL" "Intel Corporation" "c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe" "19/10/2016 23:27" ""
+ "LMS" "Intel(R) Management and Security Application Local Management Service - Provides OS-related Intel(R) ME functionality." "Intel Corporation" "c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe" "19/10/2016 23:27" ""
+ "LogiRegistryService" "Logitech Surround Sound Service" "Logitech Inc." "c:\program files\logitech gaming software\drivers\aposervice\logiregistryservice.exe" "30/08/2016 00:56" ""
+ "MSI_FastBoot" "FastBootService" "MSI" "c:\program files (x86)\msi\fast boot\fastbootservice.exe" "04/06/2015 04:54" ""
+ "MSI_LiveUpdate_Service" "MSI Live Update Service" "Micro-Star INT'L CO., LTD." "c:\program files (x86)\msi\live update\msi_liveupdate_service.exe" "06/03/2017 06:59" ""
+ "MSI_RAMDisk_Service" "MSI RAMDisk Service" "Micro-Star Int'l Co., Ltd." "c:\program files (x86)\msi\ramdisk\msi_ramdisk_service.exe" "02/12/2016 02:51" ""
+ "MSI_SuperCharger" "Super Charger Service" "MSI" "c:\program files (x86)\msi\super charger\chargeservice.exe" "17/03/2017 06:20" ""
+ "MSIClock_CC" "MSI Command Center Clock Service" "MSI" "c:\program files (x86)\msi\command center\clockgen\msiclockservice.exe" "23/11/2016 19:34" ""
+ "MSICOMM_CC" "MSI Command Center Comm Service" "MSI" "c:\program files (x86)\msi\command center\msicommservice.exe" "06/01/2017 04:06" ""
+ "MSICPU_CC" "MSI Command Center CPU Service" "MSI" "c:\program files (x86)\msi\command center\cpu\msicpuservice.exe" "14/12/2016 04:39" ""
+ "MSICTL_CC" "MSI Command Center control Service" "MSI" "c:\program files (x86)\msi\command center\msicontrolservice.exe" "15/11/2016 07:24" ""
+ "MSIDDR_CC" "MSI Command Center DDR Service" "MSI" "c:\program files (x86)\msi\command center\ddr\msiddrservice.exe" "05/12/2016 04:38" ""
+ "MSISMB_CC" "MSI Command Center SMBus Service" "MSI" "c:\program files (x86)\msi\command center\smbus\msismbservice.exe" "05/12/2016 04:38" ""
+ "MSISuperIO_CC" "MSI Command Center SuperIO Service" "MSI" "c:\program files (x86)\msi\command center\superio\msisuperioservice.exe" "22/12/2016 10:40" ""
+ "NvContainerLocalSystem" "Container service for NVIDIA root features" "NVIDIA Corporation" "c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe" "02/05/2017 22:57" ""
+ "NvContainerNetworkService" "Container service for NVIDIA network features" "NVIDIA Corporation" "c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe" "02/05/2017 22:57" ""
+ "NVDisplay.ContainerLocalSystem" "Container service for NVIDIA root features" "NVIDIA Corporation" "c:\program files\nvidia corporation\display.nvcontainer\nvdisplay.container.exe" "08/06/2017 00:47" ""
+ "NvTelemetryContainer" "Container service for NVIDIA Telemetry" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvtelemetry\nvtelemetrycontainer.exe" "02/05/2017 22:55" ""
+ "Origin Client Service" "OriginClientService" "Electronic Arts" "c:\program files (x86)\origin\originclientservice.exe" "01/06/2017 20:09" ""
+ "Origin Web Helper Service" "OriginWebHelperService" "Electronic Arts" "c:\program files (x86)\origin\originwebhelperservice.exe" "01/06/2017 20:10" ""
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "23/06/2017 14:06" ""
+ "PnkBstrA" "PunkBuster Service Component [v1041]
http://www.evenbalance.com" "" "c:\windows\system32\pnkbstra.exe" "02/06/2014 23:51" ""
+ "Sense" "Windows Defender Advanced Threat Protection service helps protect against advanced threats by monitoring and reporting security events that happen on the computer." "Microsoft Corporation" "c:\program files\windows defender advanced threat protection\mssense.exe" "15/09/2016 17:31" ""
+ "Service KMSELDI" "Service_KMS" "@ByELDI" "c:\program files\kmspico\service_kms.exe" "01/11/2015 03:39" ""
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe" "08/06/2017 05:33" ""
+ "WdNisSvc" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\windows defender\nissrv.exe" "28/04/2017 00:56" ""
+ "WinDefend" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\msmpeng.exe" "28/04/2017 01:02" ""
+ "WMPNetworkSvc" "Shares Windows Media Player libraries with other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "07/09/2016 05:41" ""
+ "XTU3SERVICE" "The XTU Service allows client access to overclocking functionality" "Intel(R) Corporation" "c:\program files (x86)\intel\intel(r) extreme tuning utility\xtuservice.exe" "23/02/2017 06:34" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "01/07/2017 02:18" ""
+ "3ware" "LSI 3ware SCSI Storport Driver" "LSI" "c:\windows\system32\drivers\3ware.sys" "18/05/2015 23:28" ""
+ "_hid_0738_1703" "Saitek Hid Driver" "Saitek" "c:\windows\system32\drivers\_hid_0738_1703.sys" "18/07/2016 11:17" ""
+ "_usb_0738_1703" "Saitek Usb Driver" "Saitek" "c:\windows\system32\drivers\_usb_0738_1703.sys" "18/07/2016 11:17" ""
+ "ADP80XX" "PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller" "PMC-Sierra" "c:\windows\system32\drivers\adp80xx.sys" "09/04/2015 21:49" ""
+ "amdsata" "AHCI 1.3 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "14/05/2015 13:14" ""
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "11/12/2012 22:21" ""
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "01/05/2015 01:55" ""
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "PMC-Sierra, Inc." "c:\windows\system32\drivers\arcsas.sys" "09/04/2015 20:12" ""
+ "b06bdrv" "QLogic Gigabit Ethernet VBD" "QLogic Corporation" "c:\windows\system32\drivers\bxvbda.sys" "25/05/2016 08:03" ""
+ "bcmfn" "BCM Function 2 Device Driver" "Windows (R) Win 7 DDK provider" "c:\windows\system32\drivers\bcmfn.sys" "08/06/2015 09:32" ""
+ "bcmfn2" "BCM Function 2 Device Driver" "Windows (R) Win 7 DDK provider" "c:\windows\system32\drivers\bcmfn2.sys" "16/03/2014 11:07" ""
+ "cht4iscsi" "Chelsio iSCSI VMiniport Driver" "Chelsio Communications" "c:\windows\system32\drivers\cht4sx64.sys" "20/04/2016 10:54" ""
+ "cht4vbd" "Virtual Bus Driver for Chelsio ® T4 Chipset" "Chelsio Communications" "c:\windows\system32\drivers\cht4vx64.sys" "15/04/2016 08:32" ""
+ "CM_VENDER_CMD" "Kernel Mode Driver" "Windows (R) Win 7 DDK provider" "c:\program files\common files\logitech\g430install\cmvc64.sys" "13/09/2013 04:34" ""
+ "CorsairAudioFilter" "Corsair Vengeance Headset Driver" "Corsair Components, Inc." "c:\windows\system32\drivers\corsveng2kamd64.sys" "14/08/2014 15:08" ""
+ "cpuz140" "CPUID Driver" "CPUID" "c:\users\conno\appdata\local\temp\cpuz140\cpuz140_x64.sys" "14/08/2016 20:15" ""
+ "dtlitescsibus" "DAEMON Tools Lite Virtual SCSI Bus Driver" "Disc Soft Ltd" "c:\windows\system32\drivers\dtlitescsibus.sys" "24/09/2015 21:17" ""
+ "dtliteusbbus" "DAEMON Tools Lite Virtual USB Bus Driver" "Disc Soft Ltd" "c:\windows\system32\drivers\dtliteusbbus.sys" "28/12/2015 14:05" ""
+ "e1dexpress" "Intel(R) Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1d65x64.sys" "26/07/2016 17:48" ""
+ "e1iexpress" "Intel(R) Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1i63x64.sys" "04/03/2016 22:46" ""
+ "ebdrv" "QLogic 10 GigE VBD" "QLogic Corporation" "c:\windows\system32\drivers\evbda.sys" "25/05/2016 08:01" ""
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "26/03/2013 22:36" ""
+ "iagpio" "Intel(R) Serial IO GPIO Controller Driver" "Intel(R) Corporation" "c:\windows\system32\drivers\iagpio.sys" "18/02/2016 08:35" ""
+ "iai2c" "Intel(R) Serial IO I2C Driver" "Intel(R) Corporation" "c:\windows\system32\drivers\iai2c.sys" "22/09/2015 07:53" ""
+ "iaLPSS2_GPIO2" "Intel(R) Serial IO GPIO Driver v2" "Intel Corporation" "c:\windows\system32\drivers\ialpss2_gpio2.sys" "09/08/2016 03:23" ""
+ "iaLPSS2_I2C" "Intel(R) Serial IO I2C Driver v2" "Intel Corporation" "c:\windows\system32\drivers\ialpss2_i2c.sys" "09/08/2016 03:22" ""
+ "iaLPSS2_UART2" "Intel(R) Serial IO UART Driver" "Intel Corporation" "c:\windows\system32\drivers\ialpss2_uart2.sys" "09/08/2016 03:23" ""
+ "iaLPSS2i_GPIO2" "Intel(R) Serial IO GPIO Driver v2" "Intel Corporation" "c:\windows\system32\drivers\ialpss2i_gpio2.sys" "03/03/2016 03:06" ""
+ "iaLPSS2i_I2C" "Intel(R) Serial IO I2C Driver v2" "Intel Corporation" "c:\windows\system32\drivers\ialpss2i_i2c.sys" "03/03/2016 03:06" ""
+ "iaLPSSi_GPIO" "Intel(R) Serial IO GPIO Controller Driver" "Intel Corporation" "c:\windows\system32\drivers\ialpssi_gpio.sys" "02/02/2015 10:00" ""
+ "iaLPSSi_I2C" "Intel(R) Serial IO I2C Controller Driver" "Intel Corporation" "c:\windows\system32\drivers\ialpssi_i2c.sys" "24/02/2015 16:52" ""
+ "iaStorAV" "Intel(R) Rapid Storage Technology driver (inbox) - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorav.sys" "19/02/2015 13:08" ""
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "11/04/2011 19:48" ""
+ "ibbus" "InfiniBand Fabric Bus Driver" "Mellanox" "c:\windows\system32\drivers\ibbus.sys" "10/04/2016 14:46" ""
+ "ICCWDT" "Intel(R) Watchdog Timer Driver (Intel(R) WDT)" "Intel Corporation" "c:\windows\system32\drivers\iccwdt.sys" "13/03/2016 12:44" ""
+ "IntcAzAudAddService" "Realtek(r) High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys" "28/03/2017 14:33" ""
+ "iocbios2" "Intel(R) Overclocking Device Driver" "Intel Corporation" "c:\program files (x86)\intel\intel(r) extreme tuning utility\drivers\iocdriver\64bit\iocbios2.sys" "15/07/2016 05:39" ""
+ "LADF_CaptureOnly" "Capture Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfgscamd64.sys" "15/04/2013 19:39" ""
+ "LADF_RenderOnly" "DPL2/EQ Filter Driver" "Logitech" "c:\windows\system32\drivers\ladfgsramd64.sys" "15/04/2013 19:39" ""
+ "ladfGSS" "Surround Filter Driver" "Logitech Inc." "c:\windows\system32\drivers\ladfgss.sys" "03/08/2016 22:57" ""
+ "LGBusEnum" "Logitech WingMan Virtual Bus Enumerator Driver" "Logitech Inc." "c:\windows\system32\drivers\lgbusenum.sys" "13/06/2016 19:47" ""
+ "LGCoreTemp" "CPU Core Temperature Monitor" "Logitech" "c:\program files\logitech gaming software\drivers\lgcoretemp\lgcoretemp.sys" "09/06/2015 17:52" ""
+ "LGJoyXlCore" "Logitech Gaming Software Joystick Translation Driver" "Logitech Inc." "c:\windows\system32\drivers\lgjoyxlcore.sys" "13/06/2016 19:47" ""
+ "LGVirHid" "Logitech GamePanel Virtual Hid Device Driver" "Logitech Inc." "c:\windows\system32\drivers\lgvirhid.sys" "13/06/2016 19:47" ""
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "25/03/2015 20:36" ""
+ "LSI_SAS2i" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2i.sys" "28/03/2016 19:49" ""
+ "LSI_SAS3i" "Avago SAS Gen3 Driver (StorPort)" "Avago Technologies" "c:\windows\system32\drivers\lsi_sas3i.sys" "28/03/2016 19:49" ""
+ "LSI_SSS" "LSI SSS PCIe/Flash Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sss.sys" "16/03/2013 00:39" ""
+ "megasas" "MEGASAS RAID Controller Driver for Windows" "Avago Technologies" "c:\windows\system32\drivers\megasas.sys" "05/03/2015 03:36" ""
+ "megasas2i" "MEGASAS RAID Controller Driver for Windows" "Avago Technologies" "c:\windows\system32\drivers\megasas2i.sys" "22/07/2016 22:36" ""
+ "megasr" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "03/06/2013 23:02" ""
+ "MEIx64" "Intel(R) Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\teedriverw8x64.sys" "15/09/2016 18:08" ""
+ "mlkumidi" "MusicLab Virtual MIDI Device" "MusicLab, Inc." "c:\windows\system32\drivers\mlkumidi.sys" "29/08/2012 11:50" ""
+ "mlx4_bus" "MLX4 Bus Driver" "Mellanox" "c:\windows\system32\drivers\mlx4_bus.sys" "10/04/2016 14:49" ""
+ "MpKsl7a4bcd25" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\windows defender\definition updates\{b69c7476-7d6f-4dbf-8e59-0fa4528c25d9}\mpksl7a4bcd25.sys" "20/05/2015 02:50" ""
+ "MpKslc2fddd3b" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\windows defender\definition updates\{9fb02d74-e2f3-4e20-b333-f615e8a80deb}\mpkslc2fddd3b.sys" "20/05/2015 02:50" ""
+ "MpKslcc5ad966" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\windows defender\definition updates\{5b07a240-af9a-4be1-9d1d-f067a1343e6b}\mpkslcc5ad966.sys" "20/05/2015 02:50" ""
+ "MpKsld0bf6302" "KSLDriver" "Microsoft Corporation" "c:\programdata\microsoft\windows defender\definition updates\{9fb02d74-e2f3-4e20-b333-f615e8a80deb}\mpksld0bf6302.sys" "20/05/2015 02:50" ""
+ "mvumis" "Marvell Flash Controller Driver" "Marvell Semiconductor, Inc." "c:\windows\system32\drivers\mvumis.sys" "23/05/2014 21:39" ""
+ "NAL" "Intel(R) Network Adapter Diagnostic Driver" "Intel Corporation " "c:\windows\system32\drivers\iqvw64e.sys" "24/08/2016 02:52" ""
+ "ndfltr" "NetworkDirect Support Filter Driver" "Mellanox" "c:\windows\system32\drivers\ndfltr.sys" "10/04/2016 14:46" ""
+ "ndisrd" "@oem73.inf,%ndisrfl_Desc%;Intel(R) Technology Access Filter Driver" "Intel Corporation" "c:\windows\system32\drivers\ndisrfl.sys" "09/07/2015 18:06" ""
+ "Netaapl" "Apple Mobile Device Ethernet" "Apple Inc." "c:\windows\system32\drivers\netaapl64.sys" "15/07/2013 23:39" ""
+ "NetAdapterCx" "" "" "c:\windows\system32\drivers\netadaptercx.sys" "16/07/2016 03:28" ""
+ "NTIOLib_FastBoot" "NTIOLib" "MSI" "c:\program files (x86)\msi\fast boot\ntiolib_x64.sys" "26/10/2012 02:46" ""
+ "NTIOLib_MSIDDR_CC" "NTIOLib for MSIDDR_CC" "MSI" "c:\program files (x86)\msi\command center\ddr\ntiolib_x64.sys" "26/11/2012 11:11" ""
+ "NTIOLib_OCKit_MB" "NTIOLib" "MSI" "c:\program files (x86)\msi\msi oc kit\driver_service\ntiolib_x64.sys" "08/09/2016 03:55" ""
+ "NTIOLib_SuperCharger" "NTIOLib_SuperCharger Driver" "MSI" "c:\program files (x86)\msi\super charger\ntiolib_x64.sys" "15/03/2017 10:37" ""
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys" "16/05/2017 14:02" ""
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 382.53 " "NVIDIA Corporation" "c:\windows\system32\driverstore\filerepository\nv_dispi.inf_amd64_2d81f3535ced17c6\nvlddmkm.sys" "08/06/2017 00:03" ""
+ "nvraid" "NVIDIA® nForce(TM) RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "21/04/2014 19:28" ""
+ "nvstor" "NVIDIA® nForce(TM) Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "21/04/2014 19:34" ""
+ "NvStreamKms" "Nvidia Streaming Kernel Service" "NVIDIA Corporation" "c:\program files\nvidia corporation\nvstreamsrv\nvstreamkms.sys" "20/04/2017 23:38" ""
+ "nvvad_WaveExtensible" "NVIDIA Virtual Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvvad64v.sys" "05/04/2017 22:21" ""
+ "nvvhci" "Virtual USB Host Controller driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvvhci.sys" "28/12/2016 02:44" ""
+ "percsas2i" "MEGASAS RAID Controller Driver for Windows" "Avago Technologies" "c:\windows\system32\drivers\percsas2i.sys" "15/03/2016 01:50" ""
+ "percsas3i" "MEGASAS RAID Controller Driver for Windows" "Avago Technologies" "c:\windows\system32\drivers\percsas3i.sys" "04/03/2016 22:22" ""
+ "pmxdrv" "" "" "c:\windows\system32\drivers\pmxdrv.sys" "27/01/2010 22:53" ""
+ "RAMDriv" "RAMDisk Driver (x64)" "Micro-Star Int'l Co., Ltd." "c:\windows\system32\drivers\ramdriv.sys" "10/03/2016 09:00" ""
+ "SaiMini" "Saitek Magic Mini Driver" "Saitek" "c:\windows\system32\drivers\saimini.sys" "18/07/2016 11:21" ""
+ "SaiNtBus" "Smart Technology Helpers" "Saitek" "c:\windows\system32\drivers\saibus.sys" "18/07/2016 11:21" ""
+ "ScpVBus" "Scp Virtual Bus Driver" "Scarlet.Crush Productions" "c:\windows\system32\drivers\scpvbus.sys" "05/05/2013 22:31" ""
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "24/09/2008 19:28" ""
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "01/10/2008 22:56" ""
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows x64" "Promise Technology, Inc." "c:\windows\system32\drivers\stexstor.sys" "27/11/2012 01:02" ""
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys" "11/06/2015 07:08" ""
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "22/04/2014 20:21" ""
+ "VSTXRAID" "VIA StorX RAID Controller Driver" "VIA Corporation" "c:\windows\system32\drivers\vstxraid.sys" "21/01/2013 20:00" ""
+ "WinMad" "Kernel WinMad" "Mellanox" "c:\windows\system32\drivers\winmad.sys" "10/04/2016 14:46" ""
+ "WinVerbs" "Kernel WinVerbs" "Mellanox" "c:\windows\system32\drivers\winverbs.sys" "10/04/2016 14:46" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers" "" "" "" "16/07/2016 12:49" ""
+ "Adobe Type Manager" "Windows NT OpenType/Type 1 Font Driver" "Adobe Systems Incorporated" "c:\windows\system32\atmfd.dll" "03/06/2017 10:12" ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "30/06/2017 17:40" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "16/07/2016 03:26" ""
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS
http://hp.vector.co.jp/authors/VA012897/" "c:\windows\system32\vorbis.acm" "15/11/2012 17:16" ""
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "30/06/2017 17:40" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "16/07/2016 02:41" ""
+ "msacm.vorbis" "Ogg Vorbis CODEC for MSACM" "HMS
http://hp.vector.co.jp/authors/VA012897/" "c:\windows\syswow64\vorbis.acm" "03/08/2009 05:09" ""
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "16/07/2016 02:42" ""
+ "vidc.VP60" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll" "02/10/2003 21:38" ""
+ "vidc.VP61" "VP6 VIDEO FOR WINDOWS CODEC " "On2.com" "c:\windows\syswow64\vp6vfw.dll" "02/10/2003 21:38" ""
"HKLM\Software\Classes\Filter" "" "" "" "13/03/2017 01:00" ""
+ "MusicLab RealGuitar2" "RealStrat DXi Adapter" "MusicLab, Inc." "c:\program files\image-line\fl studio 12.1\plugins\vst\realguitar.dxi" "28/10/2008 14:33" ""
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)" "" "" "" "22/09/2016 04:12" ""
+ "C:\Program Files\Internet Explorer\iexplore.exe" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe" "04/03/2017 07:25" ""
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls" "" "" "" "16/07/2016 12:48" ""
+ "_Wow64" "" "" "File not found: C:\Windows\SysWOW64\Wow64.dll" "" ""
+ "_Wow64cpu" "" "" "File not found: C:\Windows\SysWOW64\Wow64cpu.dll" "" ""
+ "_Wow64win" "" "" "File not found: C:\Windows\SysWOW64\Wow64win.dll" "" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "28/10/2016 02:22" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll" "12/08/2015 23:48" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "28/10/2016 02:22" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "12/08/2015 23:47" ""
"HKLM\Software\Microsoft\Office\Outlook\Addins" "" "" "" "28/10/2016 02:22" ""
+ "Connect Class" "OutlookChangeNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\outlookchangenotifieraddin.dll" "21/04/2016 07:32" ""
"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins" "" "" "" "23/12/2016 00:15" ""
+ "LyncAddin Class" "Skype for Business" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\ucaddin.dll" "11/06/2017 09:35" ""
Step 4:
Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24
Platform: x64 Windows 10 (Pro), 10.0.14393 (ReleaseId: 1607), Service Pack: 0
Time: 01.07.2017 - 02:41
Language: OS: English (0x809). Display: English (0x809). Non-Unicode: English (0x809)
Elevated: Yes
Ran by: conno (group: Administrator) on DESKTOP-TCF7HVN
Chrome: 59.0.3071.115
Edge: 11.0.14393.1358
Internet Explorer: 11.0.14393.953
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
8 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
1 C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
1 C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
1 C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
1 C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
1 C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
1 C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
1 C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE
1 C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
1 C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files (x86)\Origin\OriginWebHelperService.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
1 C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
1 C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
1 C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
1 C:\Program Files\KMSpico\Service_KMS.exe
1 C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
1 C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Speccy\Speccy64.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
3 C:\Users\conno\AppData\Local\Discord\app-0.0.297\Discord.exe
1 C:\Users\conno\Desktop\HiJackThis.exe
1 C:\Windows\SysWOW64\notepad.exe
1 C:\Windows\System32\IPROSetMonitor.exe
1 C:\Windows\System32\PnkBstrA.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\notepad.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
19 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O2-32 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O2-32 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2-32 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2-32 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKCU\..\Run: [Discord] C:\Users\conno\AppData\Local\Discord\app-0.0.297\Discord.exe
O4 - HKCU\..\Run: [Lync] C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe /fromrunkey
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] (2016/10/24)C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun
O4 - HKCU\..\StartupApproved\Run: [Gyazo] (2017/05/12)C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\StartupApproved\Run: [OneDrive] (2016/10/24)C:\Users\conno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background
O4 - HKCU\..\StartupApproved\Run: [Spotify Web Helper] (2016/10/24)C:\Users\conno\AppData\Roaming\Spotify\SpotifyWebHelper.exe
O4 - HKCU\..\StartupApproved\Run: [Spotify] (2016/10/24)C:\Users\conno\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized
O4 - HKCU\..\StartupApproved\StartupFolder: OneDrive for Business.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE /RunFolderSync /TrayOnly (2016/10/24)
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\StartupApproved\Run32: [Command Center] (2017/05/12)C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKLM\..\StartupApproved\Run32: [Live Update] (2017/05/12)C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\StartupApproved\Run32: [Super Charger] (2017/05/12)C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] (2017/05/12)C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\StartupApproved\Run: [Launch LCore] (2016/10/29)C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\StartupApproved\Run: [ShadowPlay] (2016/10/24)C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\StartupApproved\Run: [WindowsDefender] (2016/10/29)C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] (2016/10/29)C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4-32 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Send to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
O9-32 - Extra 'Tools' menuitem: Lync Click to Call - HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9-32 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9-32 - Extra 'Tools' menuitem: Se&nd to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9-32 - Extra button: Lync Click to Call - HKLM\..\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9-32 - Extra button: OneNote Lin&ked Notes - HKLM\..\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9-32 - Extra button: Send to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O17 - DHCP DNS - 1: 192.168.1.254
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O21 - ShellIconOverlayIdentifiers: MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - ShellIconOverlayIdentifiers: MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - ShellIconOverlayIdentifiers: MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\conno\AppData\Local\MEGAsync\ShellExtX64.dll (file missing)
O21 - ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) - {8BA85C75-763B-4103-94EB-9470F12FE0F7} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21 - ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\conno\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - ShellIconOverlayIdentifiers: MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\conno\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - ShellIconOverlayIdentifiers: MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\conno\AppData\Local\MEGAsync\ShellExtX32.dll (file missing)
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) - {8BA85C75-763B-4103-94EB-9470F12FE0F7} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O21-32 - ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O22 - Task (Disabled): \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 - C:\Windows\system32\UNP\UNPCampaignManager.exe
O22 - Task (Ready): AdobeAAMUpdater-1.0-MicrosoftAccount-connor.rugman@outlook.com - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
O22 - Task (Ready): AutoPico Daily Restart - C:\Program Files\KMSpico\AutoPico.exe /silent
O22 - Task (Ready): CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): GyazoUpdateTaskMachine - C:\Program Files (x86)\Gyazo\GyazoUpdate.exe
O22 - Task (Ready): GyazoUpdateTaskMachineDaily - C:\Program Files (x86)\Gyazo\GyazoUpdate.exe
O22 - Task (Ready): IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Task (Ready): Intel PTT EK Recertification - C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe
O22 - Task (Ready): IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 - C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task (Ready): IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon - C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Task (Ready): KMSAutoNet - C:\ProgramData\KMSAutoS\KMSAuto Net.exe /off=act (file missing)
O22 - Task (Ready): NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Task (Ready): Norton Security Scan for conno - C:\PROGRA~2\NORTON~2\Engine\461~1.80\Nss.exe /scan-quick /scheduled
O22 - Task (Ready): NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Task (Ready): NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Task (Ready): NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task (Ready): NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task (Ready): NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
O22 - Task (Ready): NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
O22 - Task (Ready): NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
O22 - Task (Ready): \Intel\Intel Telemetry 2 (x86) - C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe
O22 - Task (Ready): \Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
O22 - Task (Ready): \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
O22 - Task (Ready): \Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
O22 - Task (Ready): \Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
O22 - Task (Ready): \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
O22 - Task (Ready): \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload
O22 - Task (Ready): \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon - C:\Windows\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger Logon
O22 - Task (Ready): \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle - C:\Windows\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger OnIdle
O22 - Task (Ready): \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle - C:\Windows\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger OutOfIdle
O22 - Task (Ready): \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time - C:\Windows\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger Time
O22 - Task (Ready): \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock - C:\Windows\system32\UNP\UNPUXLauncher.exe /campaignId {91be532c-f9f1-406a-9858-43697c6f437a} /launchtype scheduled /trigger Unlock
O22 - Task (Ready): \Microsoft\Windows\UNP\RunCampaignManager - C:\Windows\System32\UNP\UNPCampaignManager.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) Extreme Tuning Utility Service - (XTU3SERVICE) - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Online Connect Access - (Intel(R) TechnologyAccessService) - C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
O23 - Service R2: Intel(R) Online Connect Access Legacy CS Loader - (Intel(R) TechnologyAccessLegacyCSLoader) - C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
O23 - Service R2: Intel(R) PROSet Monitoring Service - C:\Windows\system32\IProsetMonitor.exe
O23 - Service R2: Logitech Gaming Registry Service - (LogiRegistryService) - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service R2: MSI Command Center DDR Service - (MSIDDR_CC) - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service R2: MSI Command Center control Service - (MSICTL_CC) - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service R2: MSI Live Update Service - (MSI_LiveUpdate_Service) - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service R2: MSI_FastBoot - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service R2: MSI_RAMDisk_Service - C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
O23 - Service R2: MSI_SuperCharger - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service R2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service R2: PnkBstrA - C:\Windows\system32\PnkBstrA.exe
O23 - Service R2: Service KMSELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service R2: Windows Defender Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service R3: Intel(R) Online Connect - C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
O23 - Service R3: Windows Defender Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S2: Intel(R) Online Connect Helper - C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: EasyAntiCheat - C:\Windows\SysWow64\EasyAntiCheat.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) Online Connect Software Asset Manager - C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: MSI Command Center CPU Service - (MSICPU_CC) - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service S3: MSI Command Center Clock Service - (MSIClock_CC) - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service S3: MSI Command Center Comm Service - (MSICOMM_CC) - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service S3: MSI Command Center SMBus Service - (MSISMB_CC) - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service S3: MSI Command Center SuperIO Service - (MSISuperIO_CC) - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service S3: Windows Defender Advanced Threat Protection Service - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
O23 - Service S3: iPod Service - C:\Program Files\iPod\bin\iPodService.exe
--
End of file - Time spent: 7 sec. - 49230 bytes, CRC32: FFFFFFFF. Sign: �լ