Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Sam (administrator) on SAM-ESTHER (01-03-2017 14:24:18)
Running from C:\Users\Sam\Downloads\Programs
Loaded Profiles: Sam (Available Profiles: Sam)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SpaceAgent.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Windows\runSW.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Users\Sam\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Realtek) C:\Windows\SwUSB.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe

==================== Registry (Whitelisted) ====================
ഊ⡉映慮⁥湴特⁩猠楮捬畤敤⁩渠瑨攠晩硬楳琬⁴桥⁲敧楳瑲礠楴敭⁷楬氠扥⁲敳瑯牥搠瑯⁤敦慵汴爠牥浯癥搮⁔桥⁦楬攠睩汬潴⁢攠浯癥搮⤍਍ੈ䭌䵜⸮⹜創渺⁛噉䅸䡃啴汝‽㸠䌺屐牯杲慭⁆楬敳屖䥁⁘䡃䤠啁卐⁕瑩汩瑹屵獢㍍潮楴潲ഊ䡋䱍尮⸮屒畮㨠孌慵湣栠䱃潲敝‽㸠䌺屐牯杲慭⁆楬敳屌潧楴散栠䝡浩湧⁓潦瑷慲敜䱃潲攮數攠嬱㔰〹㐰〠㈰ㄵⴱ〭ㄴ崠⡌潧楴散栠䥮挮⤍ੈ䭌䵜⸮⹜創渺⁛坩湤潷獄敦敮摥牝‽㸠䌺屐牯杲慭⁆楬敳屗楮摯睳⁄敦敮摥牜䵓䅓䍵楌⹥硥⁛㘳ㄸ〸′〱㘭〹ⴰ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屒畮㨠孩呵湥獈敬灥牝‽㸠䔺屐牯杲慭⁆楬敳屩呵湥獜楔畮敳䡥汰敲⹥硥⁛ㄷ㘴㐰′〱㘭ㄲⴰ㙝
䅰灬攠䥮挮⤍ੈ䭌䵜⸮⹜創渺⁛剔䡄噃偌崠㴾⁃㩜偲潧牡洠䙩汥獜剥慬瑥歜䅵摩潜䡄䅜剴歎䝕䤶㐮數攠嬹ㄸㄶ㤶′〱㘭ㄲⴰ㥝
剥慬瑥欠卥浩捯湤畣瑯爩ഊ䡋䱍尮⸮屒畮㨠孓桡摯睐污祝‽㸠≃㩜坉乄佗卜獹獴敭㌲屲畮摬氳㈮數攢⁃㩜坉乄佗卜獹獴敭㌲屮癳灣慰㘴⹤汬ⱓ桡摯睐污祏湓祳瑥浓瑡牴ഊ䡋䱍⵸㌲尮⸮屒畮㨠孌楶攠啰摡瑥崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䵓䥜䱩癥⁕灤慴敜䱩癥⁕灤慴攮數攠嬳㐶㠲㐰′〱㐭〸ⴲ㙝
䵩捲漭却慲⁉湴敲湡瑩潮慬⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䍯浭慮搠䍥湴敲崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䵓䥜䍯浭慮搠䍥湴敲屓瑡牴䍯浭慮摃敮瑥爮數攠嬸㌰㐱㘠㈰ㄵⴰ㠭〳崠⡍卉⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛䙡獴⁂潯瑝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屍卉屆慳琠䉯潴屓瑡牴䙡獴䉯潴⹥硥⁛㜶㐴㜲′〱㈭〹ⴱ㥝
⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛卵湊慶慕灤慴敓捨敤崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍯浭潮⁆楬敳届慶慜䩡癡⁕灤慴敜橵獣桥搮數攠嬵㤶㔲㠠㈰ㄵⴱㄭ〹崠⡏牡捬攠䍯牰潲慴楯温ഊ䡋䱍⵸㌲尮⸮屒畮㨠孎楫攫⁃潮湥捴崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜乩步屎楫攫⁃潮湥捴屎楫攫⁃潮湥捴⁤慥浯渮數攠嬷ㄶ㠰′〱㔭㄰ⴰ㥝
乩步⤍ੈ䭌䴭砳㉜⸮⹜創渺⁛噯汐慮敬崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䍲敡瑩癥屖潬畭攠偡湥汜噯汐慮汵⹥硥⁛㈴ㄷ㠹′〱〭〲ⴱ㡝
䍲敡瑩癥⁔散桮潬潧礠䱴搩ഊ䡋䱍⵸㌲尮⸮屒畮㨠孖䥁硈䍕瑬崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜噉䄠塈䍉⁕䅓倠啴楬楴祜畳戳䵯湩瑯爮數攠嬳㌱㜷㘠㈰ㄱⴰ㜭ㄲ崠⡖䥁⁔散桮潬潧楥猬⁉湣⸩ഊ䡋䱍⵸㌲尮⸮屒畮㨠孃呸晩䡬灝‽㸠䍔塆䥈䱐⹅塅
ੈ䭌䵜⸮⹜坩湬潧潮㨠孕獥物湩瑝⁃㩜坩湤潷獜獹獴敭㌲屵獥物湩琮數攬⁛㌳㈸〠㈰ㄶⴰ㜭ㄶ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䴭砳㉜⸮⹜坩湬潧潮㨠孕獥物湩瑝⁃㩜坩湤潷獜獹獗佗㘴屵獥物湩琮數攠嬲㜶㐸′〱㘭〷ⴱ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屗楮汯杯渺⁛卨敬汝⁥硰汯牥爮數攠嬴㘷㌳〴′〱㘭ㄱⴱㅝ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍⵸㌲尮⸮屗楮汯杯渺⁛卨敬汝⁥硰汯牥爮數攠嬴㌱ㄷ㌶′〱㘭ㄱⴱㅝ
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孆潲捥䅣瑩癥䑥獫瑯灏湝‰ഊ䡋䱍尮⸮屐潬楣楥獜䕸灬潲敲㨠孎潁捴楶敄敳歴潰崠ㄍੈ䭌䵜⸮⹜偯汩捩敳居硰汯牥爺⁛乯䅣瑩癥䑥獫瑯灃桡湧敳崠ㄍੈ䭌䵜⸮⹜偯汩捩敳居硰汯牥爺⁛乯剥捥湴䑯捳䡩獴潲祝‰ഊ䡋啜匭ㄭ㔭ㄹ尮⸮屒畮㨠孏湥䑲楶敓整異崠㴾⁃㩜坩湤潷獜卹獗佗㘴屏湥䑲楶敓整異⹥硥⁛㠸㠶㤷㘠㈰ㄶⴰ㜭ㄶ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲぜ⸮⹜創渺⁛佮敄物癥卥瑵灝‽㸠䌺屗楮摯睳屓祳坏圶㑜佮敄物癥卥瑵瀮數攠嬸㠸㘹㜶′〱㘭〷ⴱ㙝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭㈱ⴳ㘵㌳㘶㔸㤭㈱㌶㌹㌰㌴ⴳ㤴㤵ㄱ㘱㠭㄰〱尮⸮屒畮㨠孓瑥慭崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜却敡浜獴敡洮數攠嬲㠸ㄸ㈴′〱㜭〱ⴱ㡝
噡汶攠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭㈱ⴳ㘵㌳㘶㔸㤭㈱㌶㌹㌰㌴ⴳ㤴㤵ㄱ㘱㠭㄰〱尮⸮屒畮㨠孄䅅䵏丠呯潬猠䱩瑥⁁畴潭潵湴崠㴾⁃㩜偲潧牡洠䙩汥獜䑁䕍低⁔潯汳⁌楴敜䑔䅧敮琮數攠嬴ㄷ㤲㠸′〱㔭ㄱⴳそ
䑩獣⁓潦琠䱴搩ഊ䡋啜匭ㄭ㔭㈱ⴳ㘵㌳㘶㔸㤭㈱㌶㌹㌰㌴ⴳ㤴㤵ㄱ㘱㠭㄰〱尮⸮屒畮㨠孃䍬敡湥爠䵯湩瑯物湧崠㴾⁃㩜偲潧牡洠䙩汥獜䍃汥慮敲屃䍬敡湥父㐮數攠嬹㌶㌶㜲′〱㜭〲ⴰ㝝
偩物景牭⁌瑤⤍ੈ䭕屓ⴱⴵⴲㄭ㌶㔳㌶㘵㠹ⴲㄳ㘳㤳〳㐭㌹㐹㔱ㄶㄸⴱ〰ㅜ⸮⹜創渺⁛䝡污硹䍬楥湴崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䝡污硹䍬楥湴屇慬慸祃汩敮琮數攠嬴〰㘴㘴′〱㜭〲ⴰ㉝
䝏䜮捯洩ഊ䡋啜匭ㄭ㔭㈱ⴳ㘵㌳㘶㔸㤭㈱㌶㌹㌰㌴ⴳ㤴㤵ㄱ㘱㠭㄰〱尮⸮屒畮㨠孄楳捯牤崠㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䑩獣潲摜慰瀭〮〮㈹㝜䑩獣潲搮數攠嬶㐲㤰㌰㐠㈰ㄷⴰㄭ〴崠⡈慭浥爠☠䍨楳敬Ⱐ䥮挮⤍ੈ䭕屓ⴱⴵⴲㄭ㌶㔳㌶㘵㠹ⴲㄳ㘳㤳〳㐭㌹㐹㔱ㄶㄸⴱ〰ㅜ⸮⹜創渺⁛卫祰敝‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屓歹灥屐桯湥屓歹灥⹥硥⁛㈹㘳㔷ㄲ′〱㘭〹ⴱ㉝
卫祰攠呥捨湯汯杩敳⁓⹁⸩ഊ䡋啜匭ㄭ㔭㈱ⴳ㘵㌳㘶㔸㤭㈱㌶㌹㌰㌴ⴳ㤴㤵ㄱ㘱㠭㄰〱尮⸮屒畮㨠孉䑍慮崠㴾⁃㩜偲潧牡洠䙩汥猠⡸㠶⥜䥮瑥牮整⁄潷湬潡搠䵡湡来牜䥄䵡渮數攠嬴〱㤳ㄲ′〱㜭〲ⴱ㍝
呯湥挠䥮挮⤍ੈ䭕屓ⴱⴵⴲㄭ㌶㔳㌶㘵㠹ⴲㄳ㘳㤳〳㐭㌹㐹㔱ㄶㄸⴱ〰ㅜ⸮⹜䵯畮瑐潩湴猲㨠笲昵㔷〳搭㑥慢ⴱㅥ㔭㠲㔷ⵤ㡣戸愱㜹挳ぽ‭•䨺屈偌慵湣桥爮數攢‍ੈ䭕屓ⴱⴵⴲㄭ㌶㔳㌶㘵㠹ⴲㄳ㘳㤳〳㐭㌹㐹㔱ㄶㄸⴱ〰ㅜ⸮⹜䵯畮瑐潩湴猲㨠笷㔱㌴㈲愭㤵㈷ⴱㅥ㔭㠲挵ⵤ㡣戸愱㜹挳ぽ‭•䤺屳整異⹥硥∠ഊ䡋啜匭ㄭ㔭㈱ⴳ㘵㌳㘶㔸㤭㈱㌶㌹㌰㌴ⴳ㤴㤵ㄱ㘱㠭㄰〱屃潮瑲潬⁐慮敬屄敳歴潰屜千剎十噅⹅塅‭㸠䌺屗䥎䑏坓屳祳瑥洳㉜剩扢潮献獣爠嬱㔱〴〠㈰ㄶⴰ㜭ㄶ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴱ㡜⸮⹜偯汩捩敳屳祳瑥洺⁛䑩獡扬敌潣歗潲歳瑡瑩潮崠」ੈ䭌䵜⸮⹜偲潶楤敲獜䥮瑥牮整⁐物湴⁐牯癩摥爺⁣㩜睩湤潷獜獹獴敭㌲屩湥瑰瀮摬氠嬱㜴㔹㈠㈰ㄶⴰ㜭ㄶ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜偲潶楤敲獜䱡湍慮⁐物湴⁓敲癩捥猺⁣㩜睩湤潷獜獹獴敭㌲屷楮㌲獰氮摬氠嬸㌳〲㐠㈰ㄶⴱ〭〵崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੌ獡㨠孁畴桥湴楣慴楯渠偡捫慧敳崠浳瘱弰ഊ䱳愺⁛乯瑩晩捡瑩潮⁐慣歡来獝⁳捥捬植੓散畲楴祐牯癩摥牳㨠捲敤獳瀮摬氍੓协䑌㨠坥扃桥捫‭⁻䔶䙂㕅㈰ⵄ䔳㔭ㄱ䍆ⴹ䌸㜭〰䅁〰㔱㈷䕄素ⴠ⁎漠䙩汥ഊ卓佄䰭砳㈺⁗敢䍨散欠ⴠ筅㙆䈵䔲〭䑅㌵ⴱㅃ䘭㥃㠷ⴰぁ䄰〵ㄲ㝅䑽‭†乯⁆楬攍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠嬠†䥄䴠卨敬氠䕸瑥湳楯湝‭㸠筃䑃㤵䈹㈭䔲㝃ⴴ㜴㔭䄸䌵ⴶ㑁㔲䄷㠸㔵䑽‽㸠䌺屐牯杲慭⁆楬敳
砸㘩屉湴敲湥琠䑯睮汯慤⁍慮慧敲屉䑍卨敬汅硴㘴⹤汬⁛㈰ㄵⴰ㠭ㄴ崠⡔潮散⁉湣⸩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛⁏湥䑲楶攱崠ⴾ⁻䉂䅃䌲ㄸⴳ㑅䄭㐶㘶ⴹ䐷䄭䌷㡆㈲㜴䄵㈴素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵩捲潳潦瑜佮敄物癥就㜮㌮㘳㤰⸰㔰㥜慭搶㑜䙩汥卹湣卨敬氶㐮摬氠嬲〱㘭〹ⴰ㡝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛⁏湥䑲楶攲崠ⴾ⁻㕁䈷ㄷ㉃ⴹ䌱ㄭ㐰㕃ⴸ䑄㔭䅆㈰䘳㘰㘲㠲素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵩捲潳潦瑜佮敄物癥就㜮㌮㘳㤰⸰㔰㥜慭搶㑜䙩汥卹湣卨敬氶㐮摬氠嬲〱㘭〹ⴰ㡝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛⁏湥䑲楶攳崠ⴾ⁻䄷㡅䐱㈳ⵁ䈷㜭㐰㙂ⴹ㤶㈭㉁㕄㥄㉆㝆㌰素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵩捲潳潦瑜佮敄物癥就㜮㌮㘳㤰⸰㔰㥜慭搶㑜䙩汥卹湣卨敬氶㐮摬氠嬲〱㘭〹ⴰ㡝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛⁏湥䑲楶攴崠ⴾ⁻䘲㐱䌸㠰ⴶ㤸㈭㑃䔵ⴸ䍆㜭㜰㠵䉁㤶䑁㕁素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵩捲潳潦瑜佮敄物癥就㜮㌮㘳㤰⸰㔰㥜慭搶㑜䙩汥卹湣卨敬氶㐮摬氠嬲〱㘭〹ⴰ㡝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛⁏湥䑲楶攵崠ⴾ⁻䄰㌹㙁㤳ⵄ䌰㘭㑁䕆ⵂ䕅㤭㤵䙆䍃䅅䘲ぅ素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵩捲潳潦瑜佮敄物癥就㜮㌮㘳㤰⸰㔰㥜慭搶㑜䙩汥卹湣卨敬氶㐮摬氠嬲〱㘭〹ⴰ㡝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛⌣⍍敧慓桥汬䕸瑐敮摩湧崠ⴾ⁻〵㙄㔲㡄ⵃ䔲㠭㐱㤴ⴹ䉁㌭䉁㉅㤱㤷䙆㡃素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵅䝁獹湣屓桥汬䕸瑘㘴⹤汬⁛㈰ㄷⴰ㈭㈱崠⠩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛⌣⍍敧慓桥汬䕸瑓祮捥摝‭㸠笰㕂㌸㠳〭䘴䔹ⴴ㌲㤭㤷㡂ⴱ䑄㈸㘰㕄㈰㉽‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍䕇䅳祮捜卨敬汅硴堶㐮摬氠嬲〱㜭〲ⴲㅝ
⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠嬣⌣䵥条卨敬汅硴卹湣楮杝‭㸠笰㔹㙃㠵〭㝂䑄ⴴ䌹䐭䅆䑆ⴸ㜳䉅㘸㤰㘳㝽‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍䕇䅳祮捜卨敬汅硴堶㐮摬氠嬲〱㜭〲ⴲㅝ
⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠嬰ち癡獴崠ⴾ⁻㐷㈰㠳䈰ⵃ㔲㈭ㄱ䍆ⴸ㜶㌭〰㘰㡃䌰㉆㈴素㴾†ⴾ⁎漠䙩汥ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛䕮桡湣敤却潲慧敓桥汬崠ⴾ⁻䐹ㄴ㑄䍄ⵅ㤹㠭㑅䍁ⵁ䈶䄭䑃䐸㍃䍂䄱㙄素㴾⁃㩜坩湤潷獜卹獴敭㌲居桓瑯牓桥汬⹤汬⁛㈰ㄶⴰ㜭ㄶ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孏晦汩湥⁆楬敳崠ⴾ⁻㑅㜷ㄳㅄⴳ㘲㤭㐳ㅣⴹ㠱㠭䌵㘷㥄䌸㍅㠱素㴾⁃㩜坉乄佗卜卹獴敭㌲屣獣畩⹤汬⁛㈰ㄶⴱㄭㄱ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳⵸㌲㨠嬠佮敄物癥ㅝ‭㸠筂䉁䍃㈱㠭㌴䕁ⴴ㘶㘭㥄㝁ⵃ㜸䘲㈷㑁㔲㑽‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍楣牯獯晴屏湥䑲楶敜ㄷ⸳⸶㌹〮〵〹屆楬敓祮捓桥汬⹤汬⁛㈰ㄶⴰ㤭〸崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳⵸㌲㨠嬠佮敄物癥㉝‭㸠笵䅂㜱㜲䌭㥃ㄱⴴ〵䌭㡄䐵ⵁ䘲う㌶〶㈸㉽‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍楣牯獯晴屏湥䑲楶敜ㄷ⸳⸶㌹〮〵〹屆楬敓祮捓桥汬⹤汬⁛㈰ㄶⴰ㤭〸崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳⵸㌲㨠嬠佮敄物癥㍝‭㸠筁㜸䕄ㄲ㌭䅂㜷ⴴ〶䈭㤹㘲ⴲ䄵䐹䐲䘷䘳ぽ‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍楣牯獯晴屏湥䑲楶敜ㄷ⸳⸶㌹〮〵〹屆楬敓祮捓桥汬⹤汬⁛㈰ㄶⴰ㤭〸崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳⵸㌲㨠嬠佮敄物癥㑝‭㸠筆㈴ㅃ㠸〭㘹㠲ⴴ䍅㔭㡃䘷ⴷ〸㕂䄹㙄䄵䅽‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍楣牯獯晴屏湥䑲楶敜ㄷ⸳⸶㌹〮〵〹屆楬敓祮捓桥汬⹤汬⁛㈰ㄶⴰ㤭〸崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳⵸㌲㨠嬠佮敄物癥㕝‭㸠筁〳㤶䄹㌭䑃〶ⴴ䅅䘭䉅䔹ⴹ㕆䙃䍁䕆㈰䕽‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍楣牯獯晴屏湥䑲楶敜ㄷ⸳⸶㌹〮〵〹屆楬敓祮捓桥汬⹤汬⁛㈰ㄶⴰ㤭〸崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳⵸㌲㨠嬣⌣䵥条卨敬汅硴健湤楮杝‭㸠笰㔶䐵㈸䐭䍅㈸ⴴㄹ㐭㥂䄳ⵂ䄲䔹ㄹ㝆䘸䍽‽㸠䌺展獥牳屓慭屁灰䑡瑡屌潣慬屍䕇䅳祮捜卨敬汅硴堳㈮摬氠嬲〱㜭〲ⴲㅝ
⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳⵸㌲㨠嬣⌣䵥条卨敬汅硴卹湣敤崠ⴾ⁻〵䈳㠸㌰ⵆ㑅㤭㐳㈹ⴹ㜸䈭ㅄ䐲㠶〵䐲〲素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵅䝁獹湣屓桥汬䕸瑘㌲⹤汬⁛㈰ㄷⴰ㈭㈱崠⠩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猭砳㈺⁛⌣⍍敧慓桥汬䕸瑓祮捩湧崠ⴾ⁻〵㤶䌸㔰ⴷ䉄䐭㑃㥄ⵁ䙄䘭㠷㍂䔶㠹〶㌷素㴾⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵅䝁獹湣屓桥汬䕸瑘㌲⹤汬⁛㈰ㄷⴰ㈭㈱崠⠩ഊ却慲瑵瀺⁃㩜啳敲獜卡浜䅰灄慴慜副慭楮杜䵩捲潳潦瑜坩湤潷獜却慲琠䵥湵屐牯杲慭獜却慲瑵灜䵅䝁獹湣⹬湫⁛㈰ㄶⴰ㔭ㄳ崍੓桯牴捵瑔慲来琺⁍䕇䅳祮挮汮欠ⴾ⁃㩜啳敲獜卡浜䅰灄慴慜䱯捡汜䵅䝁獹湣屍䕇䅳祮挮數攠⡍敧愠䱩浩瑥搩ഊGroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.1.254 142.165.21.5
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{43d331de-7487-40c1-8c5b-021567ee0f52}: [DhcpNameServer] 172.16.1.254 142.165.21.5
Tcpip\..\Interfaces\{4f2a5d3b-46c8-4cd5-afd5-a5c54051cd69}: [DhcpNameServer] 82.163.143.176
Tcpip\..\Interfaces\{8674c361-0c70-4623-82a6-15808048bc0b}: [DhcpNameServer] 82.163.143.176
Tcpip\..\Interfaces\{e5e38f68-47ea-4f60-9255-83a5319c3e79}: [DhcpNameServer] 172.16.1.254 142.165.21.5

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

FireFox:
========
FF HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Sam\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Sam\AppData\Roaming\IDM\idmmzcc5 [2017-03-01] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2017-02-21] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2017-02-21] ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Google Drive) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-25]
CHR Extension: (YouTube) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-25]
CHR Extension: (uBlock Origin) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-02-10]
CHR Extension: (IDM Integration Module) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-02-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-25]
CHR Extension: (Gmail) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-25]
CHR Extension: (Chrome Media Router) - C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-02-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-06-16] (Creative Labs) [File not signed]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2017-02-13] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [104448 2016-07-15] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-11-05] (Futuremark)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284736 2017-02-02] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-11] (GOG.com)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-11-10] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2106832 2015-06-29] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4048336 2015-08-13] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2123216 2015-07-08] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4177360 2015-07-07] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2002896 2015-07-28] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2285008 2015-09-07] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2072528 2015-06-29] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [599504 2015-07-28] (MSI)
R2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2266280 2015-03-27] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1722320 2014-08-26] (Micro-Star International)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-09] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-14] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-14] (Electronic Arts)
S3 PAExec; C:\WINDOWS\PAExec.exe [189112 2016-09-27] (Power Admin LLC)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-10-15] ()
R2 RunSwUSB; C:\Windows\runSW.exe [48856 2015-10-01] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI) [File not signed]
R3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation)
R3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1000448 2016-09-06] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [66136 2016-06-23] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-12-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2015-12-01] (Disc Soft Ltd)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-10] (Logitech Inc.)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2016-10-20] (SoftEther Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0cc477a6fec64d8c\nvlddmkm.sys [14516664 2017-02-10] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
S3 RDID1117; C:\WINDOWS\system32\Drivers\RDWM1117.SYS [309888 2015-07-22] (Roland Corporation)
S3 RDID1118; C:\WINDOWS\system32\Drivers\RDWM1118.SYS [212088 2015-07-23] (Roland Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [4767488 2015-10-29] (Realtek Semiconductor Corporation                           )
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [51024 2016-10-20] (SoftEther Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project)
S3 tap0901_openvpn_accl; C:\WINDOWS\System32\drivers\tap0901_openvpn_accl.sys [37912 2016-10-20] (The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-12-10] (Intel Corporation)
S1 UCGuard; system32\DRIVERS\ucguard.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-01 02:14 - 2017-03-01 02:14 - 00000000 ____D C:\Users\Sam\AppData\Roaming\LucasArts
2017-03-01 00:08 - 2017-03-01 00:08 - 00003968 _____ C:\WINDOWS\System32\Tasks\{EEBEDF8F-5915-6824-A70F-FB7272479753}
2017-02-28 16:13 - 2017-02-28 17:19 - 00000000 ____D C:\ProgramData\{FDB3EB9C-4A18-5C37-7E2C-45C07FAFDF4E}
2017-02-24 16:33 - 2017-02-26 14:32 - 00003112 _____ C:\WINDOWS\System32\Tasks\RTSS
2017-02-24 13:59 - 2017-02-24 13:59 - 00000000 ____D C:\Users\Sam\AppData\LocalLow\KsTgames
2017-02-24 12:43 - 2017-02-24 12:43 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 12:43 - 2017-02-24 12:43 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-02-24 12:43 - 2017-01-20 12:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-02-24 12:43 - 2017-01-20 12:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-02-24 12:43 - 2017-01-20 12:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-02-24 12:43 - 2017-01-20 07:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-02-23 11:44 - 2017-02-23 11:44 - 00000000 ____D C:\Users\Sam\Documents\Eek
2017-02-22 21:53 - 2017-03-01 14:14 - 00003128 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-02-22 21:49 - 2017-03-01 10:33 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-02-22 21:49 - 2017-02-22 21:49 - 00001159 _____ C:\Users\Sam\Desktop\MSI Afterburner.lnk
2017-02-22 21:49 - 2017-02-22 21:49 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-02-22 21:36 - 2017-02-22 21:36 - 00000017 _____ C:\WINDOWS\PrecisionX_x64.INI
2017-02-22 21:35 - 2017-02-22 21:50 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2017-02-22 15:00 - 2017-02-22 15:00 - 00076340 _____ C:\Users\Sam\Downloads\IDMGCExt.crx
2017-02-22 14:53 - 2017-02-28 20:38 - 00000000 ____D C:\Users\Sam\Downloads\Compressed
2017-02-22 14:53 - 2017-02-28 18:43 - 00000000 ____D C:\Users\Sam\AppData\Roaming\IDM
2017-02-22 14:53 - 2017-02-22 14:53 - 00000000 ____D C:\Users\Sam\Downloads\Video
2017-02-22 14:53 - 2017-02-22 14:53 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-22 14:53 - 2017-02-22 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-02-22 14:53 - 2017-02-22 14:53 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-02-22 14:41 - 2017-02-22 14:41 - 00000000 ____D C:\WINDOWS\Panther
2017-02-22 13:38 - 2017-02-22 13:38 - 00002094 _____ C:\Users\Public\Desktop\Wireless Connection Manager.lnk
2017-02-22 13:38 - 2017-02-22 13:38 - 00000000 ____D C:\WINDOWS\pcidevice
2017-02-22 13:38 - 2017-02-22 13:38 - 00000000 ____D C:\Users\Public\D-Link
2017-02-22 13:38 - 2017-02-22 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link
2017-02-22 13:38 - 2017-02-22 13:38 - 00000000 ____D C:\Program Files (x86)\D-Link
2017-02-22 13:38 - 2015-10-29 18:57 - 04767488 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlanu.sys
2017-02-22 13:38 - 2015-10-01 15:54 - 00446464 _____ (Realtek) C:\WINDOWS\SwUSB.exe
2017-02-22 13:38 - 2015-10-01 15:54 - 00048856 _____ () C:\WINDOWS\runSW.exe
2017-02-22 13:38 - 2015-10-01 15:54 - 00006864 _____ C:\WINDOWS\PBL.sys
2017-02-22 13:38 - 2015-10-01 15:54 - 00004681 _____ C:\WINDOWS\PBR.sys
2017-02-22 13:13 - 2017-02-22 13:13 - 00001146 _____ C:\Users\Sam\Desktop\Swiff Player.lnk
2017-02-22 13:13 - 2017-02-22 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swiff Player
2017-02-22 13:13 - 2017-02-22 13:13 - 00000000 ____D C:\Program Files (x86)\GlobFX
2017-02-22 13:08 - 2017-02-22 13:08 - 00000000 ____D C:\Users\Sam\ansel
2017-02-22 02:52 - 2017-02-22 02:52 - 00000000 ____D C:\Users\Sam\AppData\Local\hhs_
2017-02-22 02:38 - 2017-02-23 11:44 - 00000000 ____D C:\Program Files (x86)\Monster Girl Island
2017-02-21 19:08 - 2017-02-21 19:08 - 00114352 _____ (GameRanger Technologies) C:\Users\Sam\Desktop\GameRangerSetup.exe
2017-02-21 19:08 - 2017-02-21 19:08 - 00001117 _____ C:\Users\Sam\Desktop\GameRanger.lnk
2017-02-21 19:08 - 2017-02-21 19:08 - 00001103 _____ C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameRanger.lnk
2017-02-21 19:08 - 2017-02-21 19:08 - 00000000 ____D C:\Users\Sam\AppData\Roaming\GameRanger
2017-02-21 17:06 - 2017-02-21 18:37 - 00000000 ____D C:\Users\Sam\Desktop\IdleMaster
2017-02-21 17:06 - 2017-02-21 17:06 - 00000000 ____D C:\Users\Sam\AppData\Local\IdleMaster
2017-02-21 16:57 - 2017-02-21 16:57 - 00000000 ____D C:\Users\Sam\AppData\Local\Deployment
2017-02-20 11:27 - 2017-02-24 12:43 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-20 11:27 - 2017-02-24 12:43 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-02-20 11:27 - 2017-02-20 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-02-20 11:27 - 2017-02-20 11:27 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-20 11:27 - 2017-01-25 18:13 - 00103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-20 11:27 - 2017-01-25 18:12 - 00326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-20 11:27 - 2017-01-25 18:09 - 00322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-20 11:27 - 2017-01-25 18:09 - 00118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-20 11:27 - 2017-01-20 12:39 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-02-20 11:27 - 2017-01-20 12:39 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-02-20 11:27 - 2017-01-20 12:39 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-02-20 11:27 - 2017-01-20 12:39 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-02-20 11:27 - 2017-01-20 12:39 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 34979384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 28242488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 19007016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 14674896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 11122728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 11019704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 09305984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 08990072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 03168192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 02717752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 01983424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437866.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437866.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 01052096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00991288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00959424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00946456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00944224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00910784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00721952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00719856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00618416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00609728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00605120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00573448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00483384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-02-20 11:26 - 2017-02-09 20:33 - 00447984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-02-20 11:26 - 2017-01-20 12:39 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-02-19 16:52 - 2017-02-19 16:53 - 09261112 _____ (Piriform Ltd) C:\Users\Sam\Desktop\ccsetup527pro.exe
2017-02-14 18:46 - 2017-02-14 18:46 - 00000000 ____D C:\Users\Sam\Documents\Halo 5 Exuberant
2017-02-14 11:19 - 2017-03-01 14:14 - 00000000 ____D C:\Users\Sam\AppData\Roaming\DMCache
2017-02-14 11:19 - 2017-02-22 14:53 - 00001082 _____ C:\Users\Sam\Desktop\Internet Download Manager.lnk
2017-02-14 11:19 - 2017-02-14 11:19 - 06936408 _____ (Tonec Inc.) C:\Users\Sam\Downloads\idman627build5.exe
2017-02-14 11:19 - 2017-02-14 11:19 - 00000000 ____D C:\ProgramData\IDM
2017-02-14 10:52 - 2017-02-14 10:52 - 00000000 ___HD C:\Program Files\Common FilesEAInstaller
2017-02-14 10:35 - 2017-02-12 15:58 - 01078784 _____ (Gamecheat13) C:\Users\Sam\Desktop\Exuberant_0.3.0.4.exe
2017-02-14 10:30 - 2017-02-14 10:30 - 00554073 _____ C:\Users\Sam\Downloads\Exuberant_0.3.0.4.rar
2017-02-13 23:53 - 2017-02-19 01:49 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2017-02-13 23:53 - 2017-02-19 01:49 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2017-02-13 22:55 - 2017-02-13 22:56 - 37371610 _____ (Creative Technology Ltd) C:\Users\Sam\Downloads\CSL_PCAPP_LB_2_61_53.exe
2017-02-13 22:36 - 2010-10-04 15:22 - 00166912 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTOPT352.dll
2017-02-13 22:36 - 2010-10-04 15:20 - 00079360 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTOPT399.dll
2017-02-13 22:36 - 2010-10-03 15:01 - 00006002 ____N C:\WINDOWS\SysWOW64\CTOPT352.cat
2017-02-13 22:36 - 2010-10-03 14:48 - 00005498 ____N C:\WINDOWS\SysWOW64\CTOPT399.cat
2017-02-13 22:36 - 2008-12-22 20:13 - 00061440 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CTChkAud.dll
2017-02-13 22:31 - 2017-02-13 22:32 - 53676216 _____ (Creative Technology Ltd) C:\Users\Sam\Downloads\XFRL_PCDRV_L11_3_00_2021a.exe
2017-02-13 22:30 - 2017-03-01 14:17 - 00064404 _____ C:\WINDOWS\system32\BMXStateBkp-{00000006-00000000-00000000-00001102-0000000B-00621102}.rfx
2017-02-13 22:30 - 2017-03-01 14:17 - 00064404 _____ C:\WINDOWS\system32\BMXState-{00000006-00000000-00000000-00001102-0000000B-00621102}.rfx
2017-02-13 22:30 - 2017-03-01 14:17 - 00000900 _____ C:\WINDOWS\system32\DVCState-{00000006-00000000-00000000-00001102-0000000B-00621102}.rfx
2017-02-13 11:14 - 2016-10-17 09:35 - 00223464 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2017-02-08 12:08 - 2017-02-08 12:08 - 00000000 ____D C:\Users\Sam\Downloads\Last Resort v1.2-275-1-1
2017-02-08 12:07 - 2017-02-08 12:07 - 00163752 _____ C:\Users\Sam\Downloads\Last Resort v1.2-275-1-1.zip
2017-02-08 12:06 - 2017-02-08 12:06 - 00002589 _____ C:\Users\Sam\Downloads\Urban Area FPS fix-2208-NA.7z
2017-02-07 15:08 - 2017-02-07 15:08 - 00389930 _____ C:\Users\Sam\Downloads\f4se_0_03_00.7z
2017-02-05 14:37 - 2017-02-21 20:44 - 00000000 ____D C:\Users\Sam\AppData\Roaming\StardewValley
2017-02-05 14:37 - 2017-02-05 14:37 - 00000730 _____ C:\Users\Public\Desktop\Stardew Valley.lnk
2017-02-05 14:37 - 2017-02-05 14:37 - 00000000 ____D C:\Users\Sam\AppData\Local\StardewValley
2017-02-05 14:37 - 2017-02-05 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardew Valley [GOG.com]
2017-02-04 21:23 - 2017-02-04 21:23 - 00002902 _____ C:\Users\Sam\Downloads\My CFG high version(6-8gb ram or more)-187-1-11.rar
2017-02-04 21:09 - 2017-02-04 21:09 - 01388287 _____ C:\Users\Sam\Downloads\Fallout 4 Configuration Tool-102-1-3-5-2024.zip
2017-02-02 19:36 - 2017-02-02 19:36 - 00227301 _____ C:\Users\Sam\Downloads\File-15639-1-0-0-2.zip
2017-01-30 18:02 - 2017-01-30 18:02 - 00368998 _____ C:\Users\Sam\Downloads\f4se_0_02_08.7z
2017-01-30 18:02 - 2017-01-30 18:02 - 00184574 _____ C:\Users\Sam\Downloads\fallout4_tools_0003.7z
2017-01-30 01:59 - 2017-02-28 16:53 - 00000000 ____D C:\Users\Sam\Desktop\FRST-OlderVersion

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-01 14:24 - 2017-01-22 13:02 - 00000000 ____D C:\FRST
2017-03-01 14:23 - 2016-09-08 01:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-01 14:23 - 2016-09-08 01:26 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-01 14:23 - 2016-07-16 00:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-01 14:23 - 2016-04-09 11:38 - 00000000 ____D C:\AdwCleaner
2017-03-01 14:21 - 2015-08-29 15:10 - 01926794 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-01 14:15 - 2015-11-01 17:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-01 14:14 - 2015-08-29 20:02 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Azureus
2017-03-01 13:48 - 2015-08-30 02:21 - 00000000 ____D C:\Users\Sam\AppData\Roaming\vlc
2017-03-01 13:47 - 2016-09-08 01:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-01 02:54 - 2016-09-08 01:27 - 00000000 ____D C:\Users\Sam
2017-03-01 02:54 - 2015-08-25 22:01 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-01 02:52 - 2015-12-22 23:42 - 00000000 ____D C:\Users\Sam\AppData\Local\CrashDumps
2017-03-01 01:54 - 2016-09-13 14:51 - 00000000 ____D C:\Users\Sam\AppData\Local\CAPCOM
2017-03-01 01:40 - 2016-09-20 20:45 - 00000000 ____D C:\Users\Sam\AppData\Roaming\MPC-HC
2017-03-01 00:09 - 2017-01-21 00:08 - 00003876 _____ C:\WINDOWS\System32\Tasks\{2352A6B5-085C-2375-8455-BF522F057B2E}
2017-02-28 21:07 - 2016-10-20 14:50 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Origin
2017-02-28 20:42 - 2016-10-20 14:50 - 00000000 ____D C:\ProgramData\Origin
2017-02-28 17:49 - 2016-09-29 00:42 - 00000000 ____D C:\Users\Sam\AppData\Roaming\NVIDIA
2017-02-28 17:20 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\addins
2017-02-28 17:12 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-28 17:12 - 2016-07-16 05:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-28 17:02 - 2017-01-25 20:48 - 00001229 _____ C:\Users\Sam\Downloads\Fixlog.txt
2017-02-28 16:55 - 2015-10-18 18:18 - 00000000 ____D C:\Users\Sam\AppData\LocalLow\Temp
2017-02-28 16:53 - 2017-01-22 13:02 - 02423296 _____ (Farbar) C:\Users\Sam\Downloads\FRST64.exe
2017-02-28 14:53 - 2016-07-16 05:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 14:53 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 20:17 - 2015-12-05 17:20 - 01307648 _____ C:\Users\Sam\AppData\Local\file__0.localstorage
2017-02-26 20:16 - 2015-10-03 11:25 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2017-02-24 12:43 - 2016-11-03 18:07 - 00000000 ____D C:\Users\Sam\AppData\Local\NVIDIA Corporation
2017-02-24 12:43 - 2016-11-03 18:05 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 12:43 - 2016-11-03 18:05 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 12:43 - 2016-11-03 18:05 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 12:43 - 2016-11-03 18:05 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 12:43 - 2016-11-03 18:05 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-02-24 12:43 - 2016-09-27 01:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-02-24 12:43 - 2016-09-27 01:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-24 12:43 - 2016-09-27 01:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-24 00:32 - 2015-11-04 14:45 - 00000000 ____D C:\Program Files\Rockstar Games
2017-02-24 00:32 - 2015-11-04 14:45 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-02-23 14:07 - 2016-02-09 12:09 - 00000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2017-02-23 12:16 - 2015-09-15 19:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 12:15 - 2015-09-15 19:02 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 11:44 - 2015-08-25 12:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-22 21:54 - 2016-09-08 01:26 - 00206448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-22 21:37 - 2016-09-08 01:37 - 00003398 _____ C:\WINDOWS\System32\Tasks\EVGAPrecisionX
2017-02-22 21:35 - 2016-02-09 12:08 - 00000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2017-02-22 21:35 - 2015-08-30 02:45 - 00000000 ____D C:\Program Files (x86)\EVGA
2017-02-22 15:01 - 2015-11-13 12:55 - 00000000 ___RD C:\Users\Sam\Documents\MEGAsync
2017-02-22 13:48 - 2016-07-16 05:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-22 13:08 - 2015-09-29 12:45 - 00000000 ____D C:\Users\Sam\Documents\The Witcher 3
2017-02-22 02:37 - 2016-12-07 03:02 - 00000000 ____D C:\Users\Sam\AppData\Roaming\RenPy
2017-02-21 19:15 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-21 19:15 - 2016-07-16 05:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-21 15:49 - 2015-11-13 12:51 - 00000000 ____D C:\Users\Sam\AppData\Local\MEGAsync
2017-02-20 20:23 - 2015-10-10 18:43 - 00000000 ____D C:\temp
2017-02-20 17:56 - 2015-08-29 14:46 - 00000000 ____D C:\ESD
2017-02-20 11:30 - 2016-09-27 01:11 - 00000000 ____D C:\Users\Sam\AppData\Local\NVIDIA
2017-02-19 17:04 - 2015-08-25 11:59 - 00000000 ____D C:\Users\Sam\AppData\Local\Packages
2017-02-19 17:01 - 2016-08-22 01:41 - 00000000 ____D C:\Users\Sam\AppData\Local\pip
2017-02-19 16:54 - 2016-01-14 13:35 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-19 16:54 - 2016-01-14 13:35 - 00000000 ____D C:\Program Files\CCleaner
2017-02-19 16:54 - 2015-10-03 11:56 - 00000000 ____D C:\Users\Sam\AppData\Roaming\DAEMON Tools Lite
2017-02-18 12:17 - 2015-08-29 18:21 - 00000000 ____D C:\Users\Sam\AppData\Roaming\foobar2000
2017-02-16 22:12 - 2016-10-28 12:40 - 00000000 ____D C:\Users\Sam\Documents\Nexus Mod Manager
2017-02-16 11:21 - 2016-11-06 15:12 - 00001447 _____ C:\Users\Public\Desktop\Gwent.lnk
2017-02-16 11:21 - 2015-08-25 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-02-14 13:36 - 2016-09-12 19:22 - 00002227 _____ C:\Users\Sam\Desktop\Discord.lnk
2017-02-14 13:36 - 2016-09-12 19:22 - 00000000 ____D C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-02-14 13:36 - 2016-09-12 19:22 - 00000000 ____D C:\Users\Sam\AppData\Roaming\discord
2017-02-14 13:36 - 2016-09-12 19:22 - 00000000 ____D C:\Users\Sam\AppData\Local\Discord
2017-02-14 10:52 - 2015-08-25 22:02 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-14 10:35 - 2015-10-12 09:26 - 00000000 ____D C:\Program Files (x86)\Origin
2017-02-13 22:46 - 2015-08-29 18:08 - 00000000 ____D C:\ProgramData\Creative
2017-02-13 22:43 - 2015-08-29 18:06 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2017-02-13 22:42 - 2016-06-16 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2017-02-13 22:42 - 2015-08-29 18:05 - 00000000 ____D C:\Program Files (x86)\Creative
2017-02-13 22:40 - 2016-07-16 05:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-02-13 22:37 - 2016-06-16 19:02 - 00000000 ____D C:\Program Files\Creative
2017-02-13 22:36 - 2015-12-24 03:41 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2017-02-13 22:36 - 2015-12-24 03:41 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2017-02-13 22:36 - 2015-12-24 03:41 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2017-02-13 22:36 - 2015-12-24 03:41 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2017-02-13 22:36 - 2015-12-24 03:41 - 00000159 ___RH C:\WINDOWS\ctfile.rfc
2017-02-13 22:36 - 2015-12-24 03:41 - 00000000 ____D C:\WINDOWS\system32\data
2017-02-13 22:30 - 2015-12-24 03:41 - 00000000 ____D C:\WINDOWS\SysWOW64\data
2017-02-12 14:36 - 2015-10-13 11:52 - 00007606 _____ C:\Users\Sam\AppData\Local\resmon.resmoncfg
2017-02-10 23:12 - 2016-01-28 11:46 - 00000000 ____D C:\Users\Sam\AppData\Local\Ubisoft Game Launcher
2017-02-09 20:33 - 2016-10-22 01:42 - 04078008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-02-09 20:33 - 2016-09-27 01:09 - 03597128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-02-09 20:33 - 2016-09-27 01:09 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb
2017-02-09 20:19 - 2017-01-18 20:29 - 00542248 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-02-09 16:57 - 2016-09-27 01:10 - 07791217 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-02-09 16:57 - 2016-09-27 01:10 - 06403640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-02-09 16:57 - 2016-09-27 01:10 - 02477504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-02-09 16:57 - 2016-09-27 01:10 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-02-09 16:57 - 2016-09-27 01:10 - 00548288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-02-09 16:57 - 2016-09-27 01:10 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-02-09 16:57 - 2016-09-27 01:10 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-02-09 16:57 - 2016-09-27 01:10 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-02-06 13:48 - 2016-07-16 05:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 13:48 - 2016-07-16 05:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 21:05 - 2016-10-15 03:09 - 00000000 ____D C:\WINDOWS\Minidump
2017-02-05 21:02 - 2017-01-25 20:48 - 00000000 ____D C:\Users\Sam\Downloads\FRST-OlderVersion
2017-02-04 21:09 - 2015-11-18 11:36 - 00000000 ____D C:\Users\Sam\AppData\Local\Bilago
2017-02-03 21:08 - 2015-11-07 10:11 - 00000000 ____D C:\Users\Sam\Documents\My Games
2017-02-02 20:17 - 2015-08-25 22:02 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2017-02-01 21:52 - 2017-01-25 20:42 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-01 21:52 - 2017-01-25 20:42 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-31 00:52 - 2016-03-28 15:16 - 00000000 ____D C:\Users\Sam\AppData\Local\Battle.net
2017-01-31 00:52 - 2016-03-28 15:16 - 00000000 ____D C:\Program Files (x86)\Battle.net

==================== Files in the root of some directories =======

2016-07-07 18:47 - 2016-07-08 22:56 - 0000030 _____ () C:\Users\Sam\AppData\Roaming\alsoft.ini
2016-07-09 00:50 - 2016-07-14 22:11 - 0000159 _____ () C:\Users\Sam\AppData\Roaming\highScores.txt
2016-04-08 00:03 - 2016-04-08 00:03 - 0127488 _____ () C:\Users\Sam\AppData\Roaming\Installer.dat
2016-04-08 00:04 - 2016-04-08 00:04 - 0018432 _____ () C:\Users\Sam\AppData\Roaming\Main.dat
2015-12-05 17:20 - 2017-02-26 20:17 - 1307648 _____ () C:\Users\Sam\AppData\Local\file__0.localstorage
2015-10-13 11:52 - 2017-02-12 14:36 - 0007606 _____ () C:\Users\Sam\AppData\Local\resmon.resmoncfg
2015-10-03 11:35 - 2015-10-03 11:41 - 0000126 ___SH () C:\ProgramData\.zreglib
2015-12-24 03:41 - 2015-12-24 03:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-01-14 13:01 - 2010-01-14 13:01 - 0000235 _____ () C:\ProgramData\UDATHXD.ini

Some files in TEMP:
====================
2017-03-01 13:54 - 2017-03-01 13:54 - 0035680 _____ () C:\Users\Sam\AppData\Local\Temp\i4jdel0.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-22 13:48

==================== End of FRST.txt ============================