Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Audio output device is installed


  • This topic is locked This topic is locked
4 replies to this topic

#1 drazenm

drazenm

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 25 June 2018 - 08:05 PM

Hello everyone, i was here once before and i remember the help that i received from these great people , very grateful for it. But unfortunately i have a bit of a problem again that im not able to resolve myself.

 

Lately, maybe in last 2 weeks i haven't had the need to use sound on my PC while working on it, but yesterday when i wanted to watch a video i saw that there's no sound, just speaker with a red circle, white cross in it and when i click on it windows troubleshooter pops up detecting problem...

 

i tried uninstalling, reinstalling the drivers, disabling/enabling the sound device, used the motherboard disc to reinstall everything, went to the official page to download latest drivers, nothing helped.  i then thought to do system restore, maybe i can go back in time when everything was ok but no luck, getting error 0x80070005 when i tried to restore in safe mode i got error 0x80070003 so no solution at all. if id click on properties of the sound device in windows device manager id get the writing: Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)

 

i tried going to reddit and into local machine currantcontrolset-control-class-4d36e96c-e325-11ce-bfc108002be10318

 

there's supposed to be there UpperFilters REG_MULTI_SZ ksthunk and its there, didn't have to do anything, still no sound.

tried scanning my HDD drives with cmd, sfc scannnow and stuff, nothing helped, so im here in hope that someone might help me, thank you very much in advance.

 

here is the paste of the FRST :

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Floki (administrator) on DESKTOP-HD4N2J8 (26-06-2018 10:40:32)
Running from C:\Users\Floki\Desktop
Loaded Profiles: Floki (Available Profiles: Floki)
Platform: Windows 10 Pro Version 1803 17134.48 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
(IObit) G:\IObit Uninstaller\IUService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(IObit) G:\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [585296 2017-12-21] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-12-21] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4620736 2017-12-22] ()
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-52946376-960829709-3336215865-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4096056 2018-03-09] (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{c6aac109-2dc9-43b1-9d11-2bfa2144914b} <==== ATTENTION (Restriction - IP)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a161e306-1c9b-480c-9fa5-e92f0015b552}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e8117441-90e3-4e5c-85a0-93518044ffee}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> G:\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
Toolbar: HKU\S-1-5-21-52946376-960829709-3336215865-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File

FireFox:
========
FF DefaultProfile: 20wvlr7v.default
FF ProfilePath: C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default [2018-06-26]
FF Homepage: Mozilla\Firefox\Profiles\20wvlr7v.default -> google.com.au
FF NewTab: Mozilla\Firefox\Profiles\20wvlr7v.default -> google.com.au
FF NetworkProxy: Mozilla\Firefox\Profiles\20wvlr7v.default -> http", "192.168,1,1"
FF Extension: (AdGuard AdBlocker) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\adguardadblocker@adguard.com.xpi [2018-04-10]
FF Extension: (checkCompatibility) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\check-compatibility@dactyl.googlecode.com.xpi [2018-03-29] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-12-14] [Legacy]
FF Extension: (Image Download for Instagram) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\image_download_for_instagra@image_download_for_instagra.org.xpi [2016-09-10]
FF Extension: (HDS Link Detector) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\jid0-HFFmJoceGjTSKDBEWPpzfX9By7I@jetpack.xpi [2018-06-07] [Legacy]
FF Extension: (YouTube™ Flash® Player) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-08-11]
FF Extension: (AdBlock) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-05-23]
FF Extension: (IDM Integration Module) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2018-03-18]
FF Extension: (Screen Dimmer) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\screendimmer@screendimmer.com.xpi [2018-03-16] [Legacy]
FF Extension: (Snap Links) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\snaplinks@snaplinks.mozdev.org.xpi [2018-03-31]
FF Extension: (uBlock Origin) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\uBlock0@raymondhill.net.xpi [2018-06-14]
FF Extension: (Session Manager) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2018-03-18] [Legacy]
FF Extension: (EPUBReader) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2017-08-19]
FF Extension: (ChatZilla) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2018-06-09] [Legacy]
FF Extension: (NoScript) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-03-18]
FF Extension: (Right-Click-Link) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{AA6F0803-145A-4200-8E5E-68898D02B5B3}.xpi [2016-04-29] [Legacy]
FF Extension: (Right Links) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi [2017-05-17] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF Extension: (Greasemonkey) - C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-18]
FF SearchPlugin: C:\Users\Floki\AppData\Roaming\Mozilla\Firefox\Profiles\20wvlr7v.default\searchplugins\google-default.xml [2015-04-10]
FF HKU\S-1-5-21-52946376-960829709-3336215865-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-03-01]
FF HKU\S-1-5-21-52946376-960829709-3336215865-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Floki\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Floki\AppData\Roaming\IDM\idmmzcc5 [2018-03-18] [Legacy] [not signed]
FF HKU\S-1-5-21-52946376-960829709-3336215865-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-21] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-06-04] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-06-04] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default [2018-06-25]
CHR Extension: (Slides) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-07]
CHR Extension: (Docs) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-07]
CHR Extension: (Google Drive) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-07]
CHR Extension: (YouTube) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-07]
CHR Extension: (Sheets) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-07]
CHR Extension: (Google Docs Offline) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-05-07]
CHR Extension: (Download in IDM (Internet Download Manager)) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmpemnebipihbcadlafaidjibohhfocn [2018-05-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-07]
CHR Extension: (Adobe HDS / HLS Video Saver) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pibndofbpkoaipoidbkephfhhnapkccn [2018-06-07]
CHR Extension: (Gmail) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Floki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-03-02]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2723872 2017-12-21] (Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1216760 2017-12-22] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2018-03-12] ()
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe [1340376 2017-12-05] (ASUSTeK Computer Inc.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
R2 IObitUnSvr; G:\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-12-21] (Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-12-21] (Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1742464 2017-12-22] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-21] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-11] ()
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-12-21] ()
S3 uSHAREitSvc; G:\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-09] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-09] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [569392 2018-03-12] (Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [379664 2018-03-12] (Acronis International GmbH)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-12-26] (ASUSTeK Computer Inc.)
S3 IreulBus; C:\WINDOWS\System32\drivers\IreulBus.sys [52984 2017-12-16] (Rainway, Inc.)
R3 IUFileFilter; G:\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; G:\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
S3 Kinonih; C:\WINDOWS\System32\drivers\kinonih.sys [32256 2016-06-22] (Kinoni)
R1 mv2; C:\WINDOWS\System32\drivers\mv2.sys [11712 2018-03-08] (UVNC BVBA)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_040c7acb04cee565\nvlddmkm.sys [17195272 2018-06-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-23] (Realtek )
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
S3 sthid; C:\WINDOWS\System32\drivers\sthid.sys [21216 2018-03-08] (Splashtop Inc.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2018-03-12] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2018-03-12] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2018-03-12] (Acronis International GmbH)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [53128 2018-01-20] (Benjamin Höglinger-Stelzer)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2018-03-12] (Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2018-03-12] (Acronis International GmbH)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-06-09] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-06-09] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [140672 2014-11-25] (MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-09] (Microsoft Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-26 10:40 - 2018-06-26 10:40 - 000021009 _____ C:\Users\Floki\Desktop\FRST.txt
2018-06-26 10:38 - 2018-06-26 10:40 - 000000000 ____D C:\FRST
2018-06-26 10:38 - 2018-06-26 10:38 - 002412544 _____ (Farbar) C:\Users\Floki\Desktop\FRST64.exe
2018-06-26 00:33 - 2018-06-01 18:47 - 000132680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-06-26 00:32 - 2018-06-02 13:04 - 040346536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 035250624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 013727800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 011272944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 004349864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 003760392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 002014144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439811.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 001563224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 001468272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439811.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 001418664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 001216424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 001092360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 000750016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 000627056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 000608520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-06-26 00:32 - 2018-06-02 13:04 - 000518000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 031278400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 025991456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 017784624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 015195256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 004125056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 001356824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 001347696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 001157216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 001069608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 001063224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 000904720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 000814432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 000652352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-06-26 00:32 - 2018-06-02 13:03 - 000634792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-06-26 00:32 - 2018-06-01 20:16 - 000227928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-06-26 00:32 - 2018-06-01 20:16 - 000047648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-06-26 00:24 - 2018-06-26 00:24 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:24 - 2018-06-26 00:24 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:24 - 2018-05-21 03:36 - 002496480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-06-26 00:24 - 2018-05-21 03:36 - 002164192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-06-26 00:24 - 2018-05-21 03:36 - 001312224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-06-26 00:23 - 2018-06-26 00:23 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:23 - 2018-06-26 00:23 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:23 - 2018-06-26 00:23 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:23 - 2018-06-26 00:23 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:23 - 2018-03-15 18:47 - 000067432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-06-26 00:22 - 2018-06-26 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-06-26 00:22 - 2018-06-26 00:24 - 000001439 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-06-26 00:22 - 2018-06-26 00:23 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:22 - 2018-06-26 00:23 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:22 - 2018-06-26 00:23 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:22 - 2018-06-26 00:23 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:22 - 2018-06-26 00:23 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-06-26 00:21 - 2018-04-28 02:32 - 000209192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-06-26 00:21 - 2018-04-28 02:32 - 000169256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-06-26 00:20 - 2018-06-02 13:03 - 004855032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-06-26 00:20 - 2018-06-01 20:16 - 001688848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-06-26 00:20 - 2018-04-28 10:25 - 000068112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-06-26 00:20 - 2018-01-24 10:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-06-26 00:20 - 2018-01-24 10:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-06-26 00:18 - 2018-06-26 00:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-06-26 00:18 - 2018-06-26 00:18 - 000000000 ____D C:\NVIDIA
2018-06-26 00:18 - 2018-06-01 18:39 - 005947976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-06-26 00:18 - 2018-06-01 18:39 - 002612352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-06-26 00:18 - 2018-06-01 18:39 - 001767552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-06-26 00:18 - 2018-06-01 18:39 - 000634152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-06-26 00:18 - 2018-06-01 18:39 - 000450856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-06-26 00:18 - 2018-06-01 18:39 - 000124304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-06-26 00:18 - 2018-06-01 18:39 - 000083528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-06-26 00:18 - 2018-05-31 19:44 - 008193252 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-06-26 00:18 - 2018-05-25 03:44 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-06-25 23:59 - 2018-06-26 00:07 - 000000000 ____D C:\Users\Floki\AppData\Local\SlimWare Utilities Inc
2018-06-25 23:58 - 2018-06-26 00:08 - 000000000 ____D C:\Program Files (x86)\SlimDrivers
2018-06-25 23:58 - 2018-06-26 00:03 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2018-06-25 23:47 - 2018-06-26 00:33 - 000000000 ____D C:\WINDOWS\LastGood
2018-06-25 23:43 - 2018-06-25 23:51 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2018-06-25 23:43 - 2017-10-19 05:01 - 000406440 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2018-06-25 23:43 - 2017-10-19 05:00 - 001259720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2018-06-25 23:43 - 2017-10-19 04:59 - 001544240 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2018-06-25 23:43 - 2017-10-19 04:59 - 001372376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2018-06-25 23:42 - 2017-12-12 17:49 - 000000000 ____D C:\Users\Floki\Desktop\Realtek_Audio_driver_6.0.1.8273_WHQL
2018-06-25 23:41 - 2018-06-25 23:45 - 000000000 ____D C:\ProgramData\ASUS
2018-06-25 23:41 - 2018-06-25 23:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-06-25 23:40 - 2018-06-25 23:40 - 000000000 ____D C:\Users\Floki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-25 23:40 - 2018-06-25 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-25 23:30 - 2018-06-25 23:43 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-06-25 19:57 - 2018-06-25 19:57 - 000000000 ___HD C:\$SysReset
2018-06-25 15:33 - 2018-06-25 15:33 - 000000000 _____ C:\Users\Floki\Desktop\New Text Document.txt
2018-06-25 15:25 - 2018-06-25 15:25 - 000001604 _____ C:\Users\Floki\Desktop\vpscfrlq.tqa - Shortcut.lnk
2018-06-25 15:10 - 2018-06-25 15:10 - 082935808 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2018-06-25 15:10 - 2018-06-25 15:10 - 006246400 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2018-06-25 15:10 - 2018-06-25 15:10 - 000491520 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2018-06-25 15:10 - 2018-06-25 15:10 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2018-06-25 15:10 - 2018-06-25 15:10 - 000036864 _____ C:\WINDOWS\system32\config\SAM.iobit
2018-06-25 14:59 - 2018-06-25 14:59 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2018-06-25 14:59 - 2018-06-25 14:59 - 000000000 ____D C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
2018-06-25 14:59 - 2018-06-25 14:59 - 000000000 ____D C:\Program Files (x86)\IObit
2018-06-25 14:36 - 2018-06-25 16:50 - 000000000 ____D C:\Users\Floki\Desktop\fykhyrsj.e5g
2018-06-25 14:35 - 2018-06-25 15:55 - 000000000 ____D C:\Users\Floki\AppData\Roaming\Easeware
2018-06-25 14:26 - 2018-06-25 23:43 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-06-25 00:48 - 2018-06-25 00:48 - 000000080 ___SH C:\bootTel.dat
2018-06-24 20:49 - 2018-06-26 00:33 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-06-24 20:20 - 2018-06-24 20:20 - 000000017 _____ C:\Users\Floki\AppData\Local\resmon.resmoncfg
2018-06-22 13:35 - 2018-06-22 13:35 - 000000000 ____D C:\Users\Floki\Documents\Snagit
2018-06-22 13:35 - 2018-06-22 13:35 - 000000000 ____D C:\ProgramData\TechSmith
2018-06-16 00:45 - 2018-06-24 20:35 - 000000000 ____D C:\Users\Floki\AppData\Roaming\SeriousBit
2018-06-16 00:38 - 2018-06-24 20:35 - 000000000 ____D C:\ProgramData\SeriousBit
2018-06-16 00:38 - 2016-01-15 09:41 - 000042128 _____ (SeriousBit) C:\WINDOWS\system32\Drivers\nbdrv.sys
2018-06-14 17:19 - 2018-06-14 17:32 - 032125210 _____ C:\Users\Floki\Desktop\4444444.mp4
2018-06-14 17:16 - 2018-06-14 17:16 - 000000196 _____ C:\Users\Floki\Downloads\2ffff38994d852839f4503bd8bfacdb1.wmv
2018-06-14 13:15 - 2018-06-25 16:50 - 000000000 ____D C:\Users\Floki\Desktop\SnagIt 18.0.0 Build 462 Portable
2018-06-14 12:05 - 2018-06-14 12:05 - 000000000 ____D C:\Users\Floki\AppData\Local\Icecream
2018-06-14 12:05 - 2018-06-14 12:05 - 000000000 ____D C:\Users\Floki\.Icecream Screen Recorder
2018-06-14 02:05 - 2018-06-14 02:05 - 000000000 ____D C:\ProgramData\Packages
2018-06-14 00:19 - 2018-06-14 00:19 - 000000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2018-06-09 14:56 - 2018-06-09 14:56 - 000000000 ____D C:\Users\Floki\AppData\Roaming\TunnelBear
2018-06-09 14:56 - 2018-06-09 14:56 - 000000000 ____D C:\Users\Floki\AppData\Local\IsolatedStorage
2018-06-09 13:31 - 2018-06-09 13:33 - 673751060 _____ C:\Users\Floki\Desktop\Firefox  - 2018-06-09.pcv
2018-06-09 13:19 - 2018-06-14 02:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-09 13:19 - 2018-06-09 13:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-06-09 13:19 - 2018-06-09 13:24 - 000000000 ____D C:\Users\Floki\AppData\Local\Mozilla
2018-06-09 13:19 - 2018-06-09 13:20 - 000000000 ____D C:\Users\Floki\AppData\Roaming\Mozilla
2018-06-09 13:19 - 2018-06-09 13:19 - 047010128 _____ (Mozilla) C:\Users\Floki\Downloads\Firefox Setup 53.0.3.exe
2018-06-09 13:19 - 2018-06-09 13:19 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-06-09 13:19 - 2018-06-09 13:19 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-06-09 13:17 - 2018-06-09 13:17 - 000313560 _____ (Mozilla) C:\Users\Floki\Downloads\Firefox Installer (1).exe
2018-06-09 12:10 - 2018-06-09 12:10 - 000000000 ____D C:\Users\Floki\AppData\Local\Macromedia
2018-06-09 11:56 - 2018-06-09 12:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2018-06-09 02:26 - 2018-06-09 02:26 - 000001445 _____ C:\Users\Floki\AppData\Local\Mozilla - Shortcut.lnk
2018-06-09 00:37 - 2018-06-09 00:37 - 044166424 _____ (Mozilla) C:\Users\Floki\Downloads\Firefox Setup 53.0(1).exe
2018-06-08 17:38 - 2018-06-08 17:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-52946376-960829709-3336215865-1001
2018-06-07 13:16 - 2018-06-07 13:16 - 002963518 _____ C:\Users\Floki\Desktop\11111.pdf
2018-06-07 13:11 - 2018-06-07 13:11 - 002963518 _____ C:\Users\Floki\Desktop\25march.pdf
2018-06-07 12:56 - 2018-06-07 12:56 - 002893243 _____ C:\Users\Floki\Desktop\IMG_20180607_0006_NEW.pdf
2018-06-07 12:50 - 2018-06-07 12:50 - 001308069 _____ C:\WINDOWS\SysWOW64\unins000.exe
2018-06-07 12:50 - 2018-06-07 12:50 - 000006452 _____ C:\WINDOWS\SysWOW64\unins000.dat
2018-06-07 12:50 - 2018-06-07 12:50 - 000000946 _____ C:\Users\Public\Desktop\Paint (classic).lnk
2018-06-07 12:50 - 2016-10-05 01:16 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint1.exe
2018-06-07 12:50 - 2016-10-05 01:10 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint1.exe
2018-06-07 12:44 - 2018-06-07 12:44 - 002980574 _____ C:\Users\Floki\Documents\27.3.2018.pdf
2018-06-07 12:35 - 2018-06-07 13:03 - 000000000 ____D C:\Users\Floki\Desktop\New folder (4)
2018-06-07 12:31 - 2018-06-07 12:31 - 002766926 _____ C:\Users\Floki\Desktop\10 april 2018.pdf
2018-06-07 12:26 - 2018-06-07 12:26 - 000523094 _____ C:\Users\Floki\Desktop\10.04.2018.pdf
2018-06-07 12:25 - 2018-06-07 12:25 - 000534465 _____ C:\Users\Floki\Documents\IMG_20180607_0001.pdf
2018-06-07 12:24 - 2018-06-25 14:31 - 000000000 ____D C:\Users\Floki\AppData\Roaming\Canon
2018-06-07 12:24 - 2018-06-25 14:28 - 000000000 ___HD C:\ProgramData\CanonIJScan
2018-06-07 12:24 - 2018-06-07 12:24 - 000000000 ___HD C:\ProgramData\CanonIJQuickMenu
2018-06-07 12:17 - 2013-12-02 09:57 - 000088320 _____ C:\WINDOWS\SysWOW64\CNC1780D.TBL
2018-06-07 12:17 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2018-06-07 12:16 - 2018-06-07 12:16 - 000000000 ____D C:\ProgramData\CanonIJWSpt
2018-06-07 12:12 - 2013-12-02 09:57 - 000088320 _____ C:\WINDOWS\system32\CNC1780D.TBL
2018-06-07 12:12 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2018-06-07 12:10 - 2018-06-25 14:31 - 000000000 ____D C:\Program Files (x86)\Canon
2018-06-05 16:01 - 2018-06-24 20:15 - 000005915 _____ C:\Users\Floki\Desktop\New Text Document (2).txt
2018-06-04 00:40 - 2018-06-04 00:41 - 000000000 ____D C:\Users\Floki\AppData\Local\Adobe
2018-06-04 00:40 - 2018-06-04 00:40 - 000004578 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-01 10:29 - 2018-06-01 10:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2018-05-29 13:31 - 2018-05-30 00:12 - 000000000 ____D C:\Users\Floki\Documents\Sidify Music Converter
2018-05-29 13:31 - 2018-05-29 15:42 - 000000000 ____D C:\Users\Floki\AppData\Roaming\Sidify Music Converter
2018-05-29 13:31 - 2018-05-29 13:31 - 000000000 ____D C:\Users\Floki\AppData\Local\CrashRpt
2018-05-29 13:29 - 2018-05-29 13:29 - 000000000 ____D C:\Program Files (x86)\Sidify
2018-05-29 12:27 - 2018-05-29 12:27 - 026509033 _____ C:\Users\Floki\Downloads\[PiratePC.Net] Sidify Music Converter _ 1.2.6 Full Version.zip
2018-05-29 12:03 - 2018-05-29 12:03 - 000001771 _____ C:\Users\Floki\Downloads\spotifyy.txt
2018-05-29 11:33 - 2018-05-29 12:30 - 039857413 _____ C:\Users\Floki\Downloads\Spotify.Music.8.4.39.612-dogfood.CORE-MOD.Premium.ARM_GigaHax.Com.apk.part
2018-05-29 11:33 - 2018-05-29 11:37 - 002501727 _____ C:\Users\Floki\Downloads\Spotify.Downloader.1.4.1-AdFree_GigaHac.Com.apk
2018-05-29 11:20 - 2018-05-29 11:20 - 039952132 _____ C:\Users\Floki\Downloads\Spotify Mod v8.4.42.722.apk
2018-05-28 23:40 - 2018-05-30 00:33 - 000000000 ____D C:\Users\Floki\AppData\Roaming\Deezloader
2018-05-28 23:32 - 2018-05-28 23:36 - 000000000 ____D C:\Users\Floki\AppData\Roaming\DeezLoader Remaster
2018-05-28 23:31 - 2018-05-28 23:32 - 055258769 _____ C:\Users\Floki\Downloads\DeezLoader Remaster Setup 4.0.3 win-64 Portable.zip
2018-05-28 17:49 - 2018-05-28 17:50 - 000678668 _____ C:\Users\Floki\Downloads\app.zip
2018-05-28 17:10 - 2018-05-28 17:10 - 073801957 _____ (ExtendLord) C:\Users\Floki\Downloads\DeezLoader-3.1.1-win-64&32-installer.exe
2018-05-27 12:48 - 2018-05-24 14:14 - 000052942 _____ C:\Users\Floki\Desktop\welcomeLetter_20180524_141304.pdf
2018-05-27 12:48 - 2018-05-24 14:14 - 000052940 _____ C:\Users\Floki\Desktop\welcomeLetter_20180524_141256.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-26 10:40 - 2018-03-18 18:17 - 000000000 ____D C:\Users\Floki\AppData\Roaming\DMCache
2018-06-26 10:40 - 2018-03-11 16:35 - 000000000 ____D C:\Users\Floki\AppData\Local\CrashDumps
2018-06-26 10:35 - 2018-05-15 21:06 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-26 10:35 - 2018-04-12 09:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-26 10:31 - 2018-03-08 11:56 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-26 10:29 - 2018-05-15 21:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-26 10:29 - 2018-04-12 09:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-26 10:29 - 2018-04-12 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-26 10:29 - 2018-03-08 08:28 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-06-26 10:29 - 2018-03-08 08:22 - 000000335 _____ C:\Users\Floki\Desktop\computer.lnk
2018-06-26 10:20 - 2018-05-15 21:01 - 000004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DD0FD638-E7E5-47B1-9BA7-55471AF3ECBD}
2018-06-26 01:57 - 2018-05-15 20:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-26 00:36 - 2018-03-08 11:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-06-26 00:34 - 2018-03-08 11:46 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-06-26 00:24 - 2018-03-08 11:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-06-26 00:23 - 2018-03-08 11:47 - 000000000 ____D C:\Users\Floki\AppData\Local\NVIDIA Corporation
2018-06-26 00:22 - 2018-03-08 11:46 - 000000000 ____D C:\Users\Floki\AppData\Local\NVIDIA
2018-06-26 00:18 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\Help
2018-06-26 00:17 - 2018-03-08 08:28 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-06-26 00:16 - 2018-05-22 22:53 - 000000000 ____D C:\Program Files\Samsung
2018-06-26 00:13 - 2018-05-11 01:34 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2018-06-26 00:12 - 2018-05-22 22:53 - 000000000 ____D C:\Users\Floki\AppData\Roaming\Samsung
2018-06-26 00:12 - 2018-05-22 22:53 - 000000000 ____D C:\Program Files (x86)\Samsung
2018-06-26 00:12 - 2018-03-08 08:25 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-25 23:54 - 2018-05-15 20:55 - 000233880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-25 23:51 - 2018-03-08 08:25 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-06-25 23:51 - 2018-03-08 08:25 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-06-25 23:49 - 2018-04-02 12:34 - 000000000 ____D C:\Users\Floki\AppData\Local\Downloaded Installations
2018-06-25 23:47 - 2018-03-08 08:22 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-06-25 23:42 - 2018-03-17 22:47 - 000000000 ____D C:\Users\Floki\Downloads\Compressed
2018-06-25 23:41 - 2018-05-15 21:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2018-06-25 23:26 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-25 23:25 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-25 23:25 - 2018-04-12 09:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-25 23:25 - 2018-04-12 09:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-25 23:25 - 2018-04-12 07:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-25 23:16 - 2018-05-13 17:42 - 000000000 ____D C:\ProgramData\Splashtop
2018-06-25 23:16 - 2018-05-13 17:42 - 000000000 ____D C:\Program Files (x86)\Splashtop
2018-06-25 23:16 - 2018-04-12 09:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-25 23:16 - 2018-03-07 23:34 - 000000000 ____D C:\Users\Floki\AppData\Local\Packages
2018-06-25 19:59 - 2018-03-12 23:39 - 000528634 _____ C:\WINDOWS\ntbtlog.txt
2018-06-25 19:56 - 2018-04-10 01:53 - 000000000 ____D C:\Users\Floki\AppData\Local\ElevatedDiagnostics
2018-06-25 19:54 - 2018-03-12 23:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-06-25 16:50 - 2018-04-26 11:35 - 000000000 ____D C:\Users\Floki\Desktop\deezer downloader
2018-06-25 16:50 - 2018-04-12 19:37 - 000000000 ____D C:\WINDOWS\Containers
2018-06-25 16:50 - 2018-04-12 19:20 - 000000000 ___SD C:\WINDOWS\system32\AppV
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-06-25 16:50 - 2018-04-12 19:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-06-25 16:50 - 2018-04-12 19:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-06-25 16:50 - 2018-04-12 19:15 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SystemResources
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\schemas
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-06-25 16:50 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-06-25 16:50 - 2018-04-12 07:04 - 000000000 ____D C:\WINDOWS\WaaS
2018-06-25 16:50 - 2018-04-12 07:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-06-25 16:50 - 2018-04-10 13:29 - 000000000 ____D C:\Users\Floki\AppData\Roaming\RainwayInc
2018-06-25 16:50 - 2018-03-18 12:49 - 000000000 ____D C:\ProgramData\ProductData
2018-06-25 16:50 - 2018-03-18 12:48 - 000000000 ____D C:\Users\Floki\AppData\LocalLow\IObit
2018-06-25 16:50 - 2018-03-18 12:47 - 000000000 ____D C:\Users\Floki\AppData\Roaming\IObit
2018-06-25 16:50 - 2018-03-18 12:47 - 000000000 ____D C:\ProgramData\IObit
2018-06-25 16:50 - 2018-03-07 23:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-25 16:50 - 2018-03-07 23:34 - 000000000 ___RD C:\Users\Floki\3D Objects
2018-06-25 16:50 - 2016-11-01 14:51 - 000000000 ____D C:\Users\Floki\Desktop\v11_1100f_Win10RS1_logo_11012016
2018-06-25 16:49 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\registration
2018-06-25 15:47 - 2018-03-10 22:21 - 000000000 ____D C:\ProgramData\Apple
2018-06-25 14:26 - 2018-03-08 08:23 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-25 00:15 - 2018-03-08 08:22 - 000000446 _____ C:\WINDOWS\Ascd_ProcessLog.ini
2018-06-25 00:04 - 2018-03-08 08:22 - 000023826 _____ C:\WINDOWS\Ascd_tmp.ini
2018-06-24 20:36 - 2018-04-10 23:00 - 000000000 ____D C:\ProgramData\RainwayInc
2018-06-24 20:36 - 2018-04-10 13:35 - 000000000 ____D C:\Program Files\RainwayInc
2018-06-24 20:33 - 2018-03-07 23:36 - 000000000 ___RD C:\Users\Floki\OneDrive
2018-06-20 11:53 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-17 14:53 - 2018-03-15 12:37 - 000000000 ____D C:\Users\Floki\Desktop\New folder
2018-06-14 21:51 - 2018-05-07 23:06 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-14 21:51 - 2018-05-07 23:06 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-14 12:05 - 2018-05-15 20:59 - 000000000 ____D C:\Users\Floki
2018-06-14 11:30 - 2018-03-22 17:46 - 000000000 ____D C:\Users\Floki\Desktop\gumtree
2018-06-14 02:05 - 2018-05-15 22:35 - 000000000 ____D C:\Users\Floki\AppData\Local\D3DSCache
2018-06-14 01:31 - 2018-03-17 22:47 - 000000000 ____D C:\Users\Floki\Downloads\Video
2018-06-14 00:20 - 2018-03-08 08:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-14 00:19 - 2018-03-08 08:34 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-14 00:19 - 2018-03-08 08:34 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-09 22:44 - 2018-05-15 21:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-09 22:44 - 2018-04-12 09:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-06-09 13:25 - 2018-03-13 12:58 - 000000000 ____D C:\Users\Floki\AppData\LocalLow\Mozilla
2018-06-09 12:54 - 2018-03-08 08:36 - 000000000 ____D C:\ProgramData\Norton
2018-06-09 12:47 - 2018-04-12 07:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-06-09 09:46 - 2018-03-18 14:58 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-06-09 00:33 - 2018-03-18 14:45 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-09 00:22 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-07 22:56 - 2018-05-07 23:06 - 000000000 ____D C:\Users\Floki\AppData\Local\Google
2018-06-07 12:17 - 2018-04-12 09:38 - 000000000 __RSD C:\WINDOWS\media
2018-06-06 09:29 - 2018-04-12 09:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 09:29 - 2018-04-12 09:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-04 00:40 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-04 00:40 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-01 20:16 - 2018-05-16 17:36 - 000044277 _____ C:\WINDOWS\system32\nvinfo.pb
2018-05-28 23:39 - 2018-03-11 16:36 - 000000000 ____D C:\Users\Floki\AppData\Roaming\iFunbox_UserCache

==================== Files in the root of some directories =======

2018-06-09 02:26 - 2018-06-09 02:26 - 000001445 _____ () C:\Users\Floki\AppData\Local\Mozilla - Shortcut.lnk
2018-06-24 20:20 - 2018-06-24 20:20 - 000000017 _____ () C:\Users\Floki\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2018-06-24 20:49 - 2018-06-01 18:47 - 000639048 _____ (NVIDIA Corporation) C:\Users\Floki\AppData\Local\Temp\nvSCPAPI.dll
2018-06-24 20:49 - 2018-01-24 08:42 - 000877440 _____ (NVIDIA Corporation) C:\Users\Floki\AppData\Local\Temp\nvSCPAPI64.dll
2018-06-26 00:11 - 2018-01-24 08:42 - 000373744 _____ (NVIDIA Corporation) C:\Users\Floki\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 20:55

==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

and the Addition:

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Floki (26-06-2018 10:40:55)
Running from C:\Users\Floki\Desktop
Windows 10 Pro Version 1803 17134.48 (X64) (2018-05-15 11:01:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-52946376-960829709-3336215865-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-52946376-960829709-3336215865-503 - Limited - Disabled)
Floki (S-1-5-21-52946376-960829709-3336215865-1001 - Administrator - Enabled) => C:\Users\Floki
Guest (S-1-5-21-52946376-960829709-3336215865-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-52946376-960829709-3336215865-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-52946376-960829709-3336215865-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-52946376-960829709-3336215865-1001\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
Acronis True Image (HKLM-x32\...\{027399E9-B197-43FF-BE79-490D9F106DDF}) (Version: 22.5.10640 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{027399E9-B197-43FF-BE79-490D9F106DDF}Visible) (Version: 22.5.10640 - Acronis)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.00.13 - ASUSTeK Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Classic Paint (HKLM\...\Classic Paint_is1) (Version: 1.0 - Winaero)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
DS2BW All*Saves v2 (HKLM-x32\...\{D0575BE4-C97D-4357-B9DF-FE603C112029}) (Version: 2 - Elys)
Dungeon Siege II version 2.3 (HKLM-x32\...\{1520E069-19A9-4B01-BA5D-87B67D56F55D}_is1) (Version: 2.3 - )
Dungeon Siege Legends of Aranna (HKLM-x32\...\Dungeon Siege Legends of Aranna 1.0) (Version:  - Microsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4551 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.3.0.13 - IObit)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Graphics Driver 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.1 - Power Software Ltd)
PSVIMGTOOLS-FRONTEND (HKLM-x32\...\PSVIMGTOOLS-FRONTEND) (Version: 0.6 - SilicaAndPina)
Qcma (HKLM\...\Qcma) (Version: 0.4.1 - codestation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Sacred 2 Gold Edition (HKLM-x32\...\Sacred 2 Gold Edition_is1) (Version:  - )
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
vShare Helper (HKU\S-1-5-21-52946376-960829709-3336215865-1001\...\vShare Helper) (Version: 2.4.8.0 - vShare.com Co.,LTD)
Windows Driver Package - Microsoft PS Vita Type B (02/22/2013 6.1.7600.16385) (HKLM\...\A0EC80B5719D4DA4CF40C9219D7CB9CCAD6DBA40) (Version: 02/22/2013 6.1.7600.16385 - Microsoft)
WinRAR 5.60 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.5 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-52946376-960829709-3336215865-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Floki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-52946376-960829709-3336215865-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Floki\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
ShellIconOverlayIdentifiers: [            IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2017-06-24] (Tonec Inc.)
ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-21] ()
ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-21] ()
ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-21] ()
ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-21] ()
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => G:\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => G:\rarext.dll [2018-06-25] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => G:\rarext32.dll [2018-06-25] (Alexander Roshal)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => G:\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => G:\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-28] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => G:\rarext.dll [2018-06-25] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => G:\rarext32.dll [2018-06-25] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0784EA9E-C8AD-4B64-AD55-02FA439DE4C4} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation)
Task: {09189825-3088-4A4F-B051-61073CC9C804} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-21] (NVIDIA Corporation)
Task: {0FEC2AC7-A83E-41E7-88DE-ADD682C93A0A} - System32\Tasks\WindowedBorderlessGaming-Floki => C:\Users\Floki\Desktop\New folder (2)\WindowedBorderlessGaming.exe [2015-03-17] (GameplayCrush)
Task: {293B5E9E-52DC-48A8-B370-2DFAC6C9FD71} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation)
Task: {43F2C404-A6E0-40BA-82BD-9DDDADAC4EC8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation)
Task: {44A0D6B5-56C9-45C9-BBFD-4FBADAD96061} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-07] (Google Inc.)
Task: {540D9D97-ABF9-4534-87E1-B0EE547C973D} - System32\Tasks\S-1-5-21-52946376-960829709-3336215865-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {59892ED4-2019-4D5E-843E-73C477BD1200} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-21] (NVIDIA Corporation)
Task: {5D3DD180-C2CB-4FBB-904F-BC213ACC5E03} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2017-11-24] (TODO: <Company name>)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6A667974-F15B-4D3E-A1B6-D588D13D1751} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2018-01-12] ()
Task: {6AC735B8-A965-4D26-B9CC-0383C8279EA3} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] ()
Task: {7468C16D-C809-4CEF-82AF-EA0B6A2B2CAF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-21] (NVIDIA Corporation)
Task: {8BBBC89C-48D0-41E6-AD23-9DA593B1450E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-21] (NVIDIA Corporation)
Task: {97818791-C778-4BCE-9020-E5611D561F85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-09] (Microsoft Corporation)
Task: {AF5AA55F-E335-4A72-9728-40CF4E74A87C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {B7D54472-8521-4D8E-A399-B606B851A76E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-09] (Microsoft Corporation)
Task: {BF719145-C93D-43C5-83F0-65A243811E5E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-21] (NVIDIA Corporation)
Task: {CC9EA8D4-DCB1-4B1D-AD3C-C969CE9BBD56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-09] (Microsoft Corporation)
Task: {D3FEA2AC-563D-44D7-9F4D-BB6FD62FD022} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-21] (NVIDIA Corporation)
Task: {D7A8D60F-AEFF-4BC8-8062-47DC08617AFF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-21] (NVIDIA Corporation)
Task: {E008B34B-5879-4936-A15D-4EC07B86A90F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-07] (Google Inc.)
Task: {EDB8521B-3976-4BD3-B906-B8D698A38681} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-21] (NVIDIA Corporation)
Task: {EE6799EC-DC12-4C03-8D01-4F98E0E5E023} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-06-04] (Adobe Systems Incorporated)
Task: {F3E37446-7C59-4755-BC26-6B40EA84425B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-09] (Microsoft Corporation)
Task: {FD09FC9C-7711-4149-B246-121357122E68} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2018-01-04] (ASUSTeK Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-12-22 00:00 - 2017-12-22 00:00 - 001216760 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2018-06-25 23:47 - 2014-04-24 16:29 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2018-06-26 00:23 - 2018-05-21 03:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-12 21:43 - 2018-03-12 21:43 - 006096688 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2018-06-25 23:41 - 2018-01-12 14:59 - 001448408 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2018-04-12 09:34 - 2018-04-12 09:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 005825576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2018-04-12 09:34 - 2018-04-12 09:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 09:34 - 2018-04-12 09:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 09:35 - 2018-04-12 19:20 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-21 23:46 - 2017-12-21 23:46 - 000585296 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2018-06-26 00:24 - 2018-05-21 03:36 - 095437792 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-06-26 00:24 - 2018-05-21 03:36 - 003029472 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-06-26 00:24 - 2018-05-21 03:36 - 000149984 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2017-12-22 00:45 - 2017-12-22 00:45 - 004620736 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2017-12-21 23:45 - 2017-12-21 23:45 - 007003048 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2018-04-12 09:34 - 2018-04-12 09:34 - 005471232 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-04-12 09:34 - 2018-04-12 09:34 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-04-12 09:34 - 2018-04-12 09:34 - 005082112 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-06-25 23:41 - 2017-12-26 23:26 - 000081368 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\ATKEX.dll
2018-06-25 23:41 - 2017-12-26 23:26 - 000229848 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\ASUS_WMI.dll
2018-06-25 23:41 - 2018-06-26 10:29 - 000033576 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-06-25 23:41 - 2017-12-26 23:26 - 000053248 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll
2018-06-25 23:41 - 2017-12-05 11:25 - 000229848 _____ () C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\ASUS_WMI.dll
2018-03-18 12:47 - 2017-05-22 10:16 - 000442144 _____ () G:\IObit Uninstaller\madExcept_.bpl
2018-03-18 12:47 - 2017-05-22 10:16 - 000210720 _____ () G:\IObit Uninstaller\madBasic_.bpl
2018-03-18 12:47 - 2017-05-22 10:16 - 000059680 _____ () G:\IObit Uninstaller\madDisAsm_.bpl
2017-12-22 00:44 - 2017-12-22 00:44 - 003485808 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2017-12-22 00:43 - 2017-12-22 00:43 - 001331696 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2018-03-10 22:06 - 2018-03-10 22:06 - 022715144 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2017-12-21 23:48 - 2017-12-21 23:48 - 000412704 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2017-12-21 23:34 - 2017-12-21 23:34 - 000136736 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 000255008 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2018-06-25 23:41 - 2017-11-24 08:48 - 000323544 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2018-06-25 23:41 - 2017-11-24 08:48 - 000882136 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2018-06-25 23:41 - 2018-01-12 14:59 - 000975832 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2018-06-25 23:41 - 2017-11-24 08:48 - 000940504 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2018-06-25 23:41 - 2017-12-11 16:26 - 000911832 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2018-06-26 00:22 - 2018-05-21 03:36 - 001033184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 008986144 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 000796192 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll
2017-12-21 23:46 - 2017-12-21 23:46 - 000054816 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2018-03-18 12:47 - 2018-01-25 16:02 - 000899856 _____ () G:\IObit Uninstaller\webres.dll
2018-03-18 12:47 - 2018-01-25 16:01 - 000631568 _____ () G:\IObit Uninstaller\ProductStatistics.dll
2018-03-18 12:47 - 2017-05-22 10:16 - 000524064 _____ () G:\IObit Uninstaller\sqlite3.dll
2016-09-14 19:25 - 2016-09-14 19:25 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-12-21 23:45 - 2017-12-21 23:45 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2017-12-21 23:34 - 2017-12-21 23:34 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 23:46 - 2018-06-25 12:13 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-52946376-960829709-3336215865-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Floki\Downloads\sunflowers_coffee_mug_brownies_wooden_table-wallpaper-2560x1440.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{34FEE6DD-7EA1-42AA-A8A9-1A184D32068B}] => (Allow) G:\SHAREit\SHAREit.exe
FirewallRules: [{39FC5359-028A-4095-9AE6-10E12F490322}] => (Allow) G:\SHAREit\SHAREit.exe
FirewallRules: [UDP Query User{CA476B1F-37A5-4924-AE60-3B80C46A1F9E}G:\drive©\program files (x86)\deep silver\sacred 2 gold edition\system\s2gs.exe] => (Allow) G:\drive©\program files (x86)\deep silver\sacred 2 gold edition\system\s2gs.exe
FirewallRules: [TCP Query User{D1391708-8255-4C7D-8986-0D18495F4188}G:\drive©\program files (x86)\deep silver\sacred 2 gold edition\system\s2gs.exe] => (Allow) G:\drive©\program files (x86)\deep silver\sacred 2 gold edition\system\s2gs.exe
FirewallRules: [{83D4EA50-0F92-4C2F-A927-5DC9EA861192}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
FirewallRules: [{7B19D9BF-9E0B-4BA6-88C7-EA79DB40B70B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe
FirewallRules: [{7F13782D-F136-435D-9FCB-A599426D9052}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
FirewallRules: [{ED13CF59-1578-44B4-8E27-1843030531AA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
FirewallRules: [{D487C882-69DC-4BA5-8436-B7A024E57CC2}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe
FirewallRules: [{2D14EAA3-2CA3-44B5-A273-9AD3DAA1ACDB}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe
FirewallRules: [{AD352824-D097-4318-8D22-8B1A66B3F23E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe
FirewallRules: [{B4596434-4D27-49E2-9C91-2D9580D220E0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
FirewallRules: [{7EEDFA02-434A-46B5-BA2C-55C55E22F8E8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe
FirewallRules: [{BBDF95E6-E1C1-4E81-8B29-4ADA452CF7B9}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
FirewallRules: [{2F58E989-896C-4BB9-9884-0E77AD4A803E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
FirewallRules: [{AEDEA6EA-8FAD-44AE-8A21-E39E9414E580}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{D1CE414B-8AA8-4715-B247-91E5FFE23400}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{138B45A8-7C18-4AD3-963E-54BD7D142295}] => (Allow) C:\Users\Floki\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{716D3EE9-8773-435F-AEC0-C25549BD60BE}] => (Allow) C:\Users\Floki\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B4E6DAEB-1E77-436E-9898-9AE48A9A44DC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CD82930B-06D4-4700-9182-9BD9E8D87834}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AAF0F4A-CA22-4048-BBB5-D52615A87540}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D8ACA8B8-6A91-459B-B90B-70481A58A728}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B09689A-C8FF-488C-A5B0-87104082944D}] => (Allow) LPort=443
FirewallRules: [{826BA341-6459-4862-9DEE-051F757CE682}] => (Allow) LPort=40136
FirewallRules: [{72442842-39DE-4C15-9C3B-11D976E19044}] => (Allow) LPort=9
FirewallRules: [{05D901B4-66D9-4312-ADF0-48B7CF7394B6}] => (Allow) LPort=22000
FirewallRules: [{12A1F482-41E8-434F-97D4-8EEA47323D78}] => (Allow) LPort=22001
FirewallRules: [{2BF9EC57-7066-432A-84BA-4C6F0FF61647}] => (Allow) LPort=22002
FirewallRules: [{BBA35696-08AD-4993-8CA5-12FA805A5F70}] => (Allow) LPort=22003
FirewallRules: [{DC0174DD-021A-48B4-A046-BE8CA385DA3A}] => (Allow) LPort=22004
FirewallRules: [{8EFD0B48-CA7F-430C-9E3D-FBBCFB43F2C9}] => (Allow) LPort=22005
FirewallRules: [{8EBAFB86-D091-45AD-A487-F03E1217050E}] => (Allow) LPort=22006
FirewallRules: [{4E267B77-52F7-4FC9-AE33-3EE1CB1041A5}] => (Allow) LPort=22007
FirewallRules: [{83986932-BEA2-4A38-8943-D5EE35D32A90}] => (Allow) LPort=22008
FirewallRules: [{1F445A7B-9036-4822-ABDA-40898E8C2016}] => (Allow) LPort=22009
FirewallRules: [{35305329-FA60-4345-B9C0-CA87C29293FC}] => (Allow) LPort=22010
FirewallRules: [{6F30ADFC-9664-420A-82A0-E11CFD5036E4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7AFAD27A-79A5-4C21-A9CA-0CADBA76434A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B0C3B48E-3240-4F6F-A463-B5C7F064489B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8320A2D9-D5F6-4DB9-800A-40970EECFD96}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C43985C9-69D0-439E-A0E8-5E8B5742F4AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BA768D37-D965-4F2F-ABD5-87BA7D915835}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4AD1B921-9EDD-4A9F-8AAA-BD65B507D9DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F698998E-6CCA-4A6B-8796-B1146B4A1B69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1147B43B-AA09-4FBC-BDA0-E64BEADA57A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

11-06-2018 02:56:48 Windows Modules Installer
16-06-2018 00:38:12 System Restore Point created by NetBalancer Setup
24-06-2018 16:43:17 Scheduled Checkpoint
25-06-2018 15:49:57 Restore Operation

==================== Faulty Device Manager Devices =============

Name: Microsoft Streaming Service Proxy
Description: Microsoft Streaming Service Proxy
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSKSSRV
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Microsoft Streaming Tee/Sink-to-Sink Converter
Description: Microsoft Streaming Tee/Sink-to-Sink Converter
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSTEE
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Microsoft Trusted Audio Drivers
Description: Microsoft Trusted Audio Drivers
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: drmkaud
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Microsoft Streaming Quality Manager Proxy
Description: Microsoft Streaming Quality Manager Proxy
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSPQM
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Microsoft Streaming Clock Proxy
Description: Microsoft Streaming Clock Proxy
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSPCLOCK
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Microsoft Streaming Tee/Sink-to-Sink Converter
Description: Microsoft Streaming Tee/Sink-to-Sink Converter
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: MSTEE
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2018 10:40:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IDMan.exe, version: 6.30.7.2, time stamp: 0x5a980795
Faulting module name: ole32.dll, version: 10.0.17134.1, time stamp: 0x62098738
Exception code: 0xc0000005
Fault offset: 0x0008d83c
Faulting process id: 0x2544
Faulting application start time: 0x01d40ce4cdefd482
Faulting application path: C:\Program Files (x86)\Internet Download Manager\IDMan.exe
Faulting module path: C:\WINDOWS\System32\ole32.dll
Report Id: e1dbb9a2-4247-437a-a78e-16fb1bd46876
Faulting package full name:
Faulting package-relative application ID:

Error: (06/25/2018 11:09:41 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (TunnelBear). Additional information: 0x80070003.

Error: (06/25/2018 04:52:01 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (TunnelBear). Additional information: 0x80070005.

Error: (06/25/2018 04:47:46 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (TunnelBear). Additional information: 0x80070005.

Error: (06/25/2018 04:40:15 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (TunnelBear). Additional information: 0x80070005.

Error: (06/25/2018 04:36:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 56.0.0.6478 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3c0

Start Time: 01d40c4debe6c468

Termination Time: 4294967295

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 35d01cfb-b2d9-41c2-a326-41bca0a60910

Faulting package full name:

Faulting package-relative application ID:

Error: (06/25/2018 04:15:11 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (TunnelBear). Additional information: 0x80070005.

Error: (06/25/2018 04:09:32 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: An unspecified error occurred during System Restore: (Windows Modules Installer). Additional information: 0x80070005.


System errors:
=============
Error: (06/26/2018 10:31:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2018 10:31:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2018 10:31:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2018 10:29:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2018 10:29:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2018 12:38:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2018 12:38:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/26/2018 12:38:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-06-26 00:30:26.305
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9ADB81A0-78B3-4649-95D1-D6ABC6B9AE7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-06-25 16:29:46.187
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1764D227-F1DC-4016-9D51-07924D62E292}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-06-16 01:27:22.105
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EC979503-2FF4-4FB8-BAF4-C004DCB1764E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-06-11 12:33:24.517
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6160C0BD-A0C4-47BE-A5C5-CF19A066E21E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-06-11 12:27:52.575
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {CB20F90B-244E-43C7-A6DE-A82177A35387}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-06-25 19:54:12.796
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2018-06-09 13:04:38.519
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.278.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-06-09 13:04:38.518
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.278.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-06-09 13:04:38.518
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.278.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-06-09 13:04:38.383
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.278.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2018-06-26 00:29:05.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements.

Date: 2018-06-25 00:28:16.667
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-25 00:28:16.616
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-25 00:28:16.570
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-25 00:28:16.523
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-25 00:28:16.458
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-09 03:15:30.699
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\New folder (2)\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-09 03:15:30.698
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\New folder (2)\Windows\winsxs\x86_microsoft-windows-userenv_31bf3856ad364e35_6.1.7601.17514_none_9247d45ea984f2ad\userenv.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 22%
Total physical RAM: 16323.76 MB
Available physical RAM: 12689.01 MB
Total Virtual: 28611.76 MB
Available Virtual: 23503.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.35 GB) (Free:121.94 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.13 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (New Volume) (Fixed) (Total:1862.89 GB) (Free:949.22 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 45E90FB5)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

 

0 Links

 

 

Edited by drazenm, 25 June 2018 - 11:00 PM.


BC AdBot (Login to Remove)

 


#2 drazenm

drazenm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 26 June 2018 - 08:12 PM

any suggestions, anything? sorry for bumping, im just out of my wits what to do about it, tried so many things .

 

 


Edited by drazenm, 26 June 2018 - 08:14 PM.


#3 drazenm

drazenm
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 26 June 2018 - 09:17 PM

windows troubleshooter made this log file regarding the problem that it found, would it be able to show whats causing the issues with sound device as not being installed ? im not able to paste the file as its too long so i've attached it.

0 Links
 

Attached Files



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:29 AM

Posted 30 June 2018 - 08:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/679653 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:29 AM

Posted 05 July 2018 - 08:15 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users