I have been getting a warning that I have used all my computer storage which I know is not true I don't have much on it at all so something is up with that too.
Sorry if this is double post, I did post this already but I could not find where it posted and when I checked via my profile only much older post came up.
Your help is always appreciated.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Joann (administrator) on JOANN-PC (09-11-2017 07:51:04)
Running from C:\Users\Joann\aa Joann stuff\Computer stuff\Computer geeks repair stuff
Loaded Profiles: Joann (Available Profiles: Joann)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Dynamsoft Corporation) C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dynamsoft Corporation) C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dynamsoft Corporation) C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe
(MY.COM B.V.) C:\Users\Joann\AppData\Local\MyComGames\MyComGames.exe
(PamConsult GmbH) C:\Program Files (x86)\Pamela\Pamela.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Twitch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9038856 2016-10-26] (Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1208320 2016-08-26] ()
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-06-13] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-17] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [pamfax] => C:\ProgramData\SquirrelMachineInstalls\pamfax.exe [88206848 2017-01-29] (PamConsult GmbH.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] ()
HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122336 2014-08-12] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-08-04] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1767816 2016-08-05] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1953688 2016-08-05] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [GoogleChromeAutoLaunch_2F642E33331905E4A86D7A1743933699] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [MyComGames] => C:\Users\Joann\AppData\Local\MyComGames\MyComGames.exe [5864336 2017-11-07] (MY.COM B.V.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [pamela.exe] => C:\Program Files (x86)\Pamela\Pamela.exe [12152856 2017-01-29] (PamConsult GmbH)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19405824 2017-04-14] ()
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\MountPoints2: {cb479cc8-e4f4-11e6-9df3-806e6f6e6963} - D:\Bin\Instv2.exe
Startup: C:\Users\Joann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-30]
ShortcutTarget: Twitch.lnk -> C:\Users\Joann\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{9683ABA6-9723-4017-8565-74CA2D35441A}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-01-27] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-01-27] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-01-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-01-27] (Google Inc.)
Handler-x32: intu-tt2016 - {D3619A28-0FAE-4AD2-A79F-BAD3CD6E8779} - C:\Program Files (x86)\TurboTax 2016\ic2016pp.dll [2016-11-23] (Intuit Canada, a general partnership/une société en nom collectif.)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-376763465-2706390899-476848016-1000: @my.com/Games -> C:\Users\Joann\AppData\Local\MyComGames\NPMyComDetector.dll [2017-10-27] (MY.COM B.V.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default [2017-11-09]
CHR Extension: (Slides) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Docs) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-27]
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2017-07-04]
CHR Extension: (Skype Calling) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-01-27]
CHR Extension: (YouTube) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-27]
CHR Extension: (Adblock Plus) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Block site) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2017-10-11]
CHR Extension: (Sheets) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-27]
CHR Extension: (AdBlock) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-09]
CHR Extension: (Pinterest Save Button) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-11-09]
CHR Extension: (Intel Hardware Auto Detection) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\jigddhlnakpgpgodgbfhbfibcgcimaep [2017-01-27]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2017-10-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Gmail) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-27]
CHR Extension: (Chrome Media Router) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-02]
CHR Profile: C:\Users\Joann\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3715208 2015-12-14] (Intel Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138720 2014-08-12] (Portrait Displays, Inc.)
R2 Dynamsoft WebTWAIN Service; C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe [1387600 2015-03-16] (Dynamsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2017-01-28] (Macrovision Europe Ltd.) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [175344 2016-12-02] (Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-06-13] ()
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2015-02-27] (Microsoft)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-10] (NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [315768 2016-08-05] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3376880 2013-06-13] (Intel® Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-08] ()
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [144872 2016-03-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1546216 2016-07-21] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-06] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-30] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-09-18] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [214272 2016-11-19] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-11-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-11-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-09] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-06] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3465184 2013-06-27] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-03-31] (NVIDIA Corporation)
R3 RTLU3E8023-W7-64; C:\Windows\System32\DRIVERS\rtu30x64w7.sys [83160 2013-10-12] (Realtek )
R3 SGXEPC; C:\Windows\System32\DRIVERS\sgx_driver.sys [52816 2016-06-27] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2017-01-28] (Windows (R) Win 7 DDK provider)
R3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2016-08-05] (Western Digital Technologies)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-09 07:49 - 2017-11-09 07:51 - 000000000 ____D C:\FRST
2017-10-30 16:51 - 2017-11-09 07:45 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-10-23 17:14 - 2017-10-10 20:05 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-10-18 08:12 - 2017-10-18 08:12 - 000340149 _____ C:\Users\Joann\Documents\candlelight coupon jpg.pdf
2017-10-18 07:42 - 2017-10-18 07:42 - 000000000 ____D C:\ProgramData\VsTelemetry
2017-10-18 07:42 - 2017-10-18 07:42 - 000000000 ____D C:\Program Files (x86)\gs
2017-10-18 07:42 - 2017-10-18 07:40 - 000003099 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT Home & Student X8.lnk
2017-10-18 07:42 - 2017-10-18 07:40 - 000003051 _____ C:\Users\Public\Desktop\CorelDRAW Home & Student X8.lnk
2017-10-18 07:42 - 2017-10-18 07:40 - 000002840 _____ C:\Users\Public\Desktop\Corel CAPTURE X8.lnk
2017-10-18 07:42 - 2017-10-18 07:40 - 000002393 _____ C:\Users\Public\Desktop\Corel CONNECT X8.lnk
2017-10-18 07:40 - 2017-10-18 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Home & Student Suite X8
2017-10-17 13:35 - 2017-11-09 07:44 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-09 07:52 - 2009-07-13 23:45 - 000021920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:52 - 2009-07-13 23:45 - 000021920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:50 - 2009-07-14 00:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-09 07:50 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2017-11-09 07:48 - 2017-01-28 06:37 - 000000000 ____D C:\Users\Joann\AppData\Roaming\Skype
2017-11-09 07:45 - 2017-10-03 21:40 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-09 07:45 - 2017-10-03 21:40 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-09 07:45 - 2017-07-01 12:45 - 000000000 ____D C:\Users\Joann\AppData\Roaming\Twitch
2017-11-09 07:45 - 2017-01-27 21:43 - 000000000 ____D C:\Users\Joann\AppData\Local\MyComGames
2017-11-09 07:45 - 2017-01-27 21:28 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-09 07:44 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-09 07:37 - 2017-06-30 21:30 - 000000000 ____D C:\Users\Joann\AppData\Local\Battle.net
2017-11-08 17:55 - 2017-01-30 15:35 - 000000000 ____D C:\Users\Joann\AppData\Roaming\PamFax Office Integrations
2017-11-08 08:56 - 2017-06-30 21:32 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-11-08 08:56 - 2017-06-30 21:30 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-10-30 16:50 - 2009-07-14 00:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-28 06:51 - 2017-02-20 20:05 - 000000000 ____D C:\Users\Joann\Documents\Adam Stuff
2017-10-23 21:18 - 2017-01-27 21:24 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-23 17:16 - 2017-05-22 11:54 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:16 - 2017-02-14 22:07 - 000001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-10-23 17:16 - 2017-02-14 22:06 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:16 - 2017-01-27 21:24 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-10-23 17:16 - 2017-01-27 21:24 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-10-23 17:15 - 2017-02-14 22:06 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 14:00 - 2017-01-28 05:46 - 000000000 ____D C:\Users\Joann\AppData\Local\CrashDumps
2017-10-18 11:32 - 2017-01-30 15:31 - 000000000 ____D C:\Users\Joann\Documents\Corel
2017-10-18 07:45 - 2017-01-27 22:08 - 000000000 ___RD C:\Users\Joann\Desktop\Orginial Downloads for setting up computer
2017-10-18 07:42 - 2017-01-27 20:43 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-18 07:42 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-10-18 07:41 - 2017-01-27 21:38 - 000000000 ____D C:\ProgramData\Corel
2017-10-18 07:40 - 2017-01-30 15:25 - 000000000 ____D C:\Users\Public\Documents\Corel
2017-10-18 07:40 - 2017-01-27 21:41 - 000000000 ____D C:\Users\Joann\AppData\Roaming\Corel
2017-10-18 07:39 - 2017-01-27 21:38 - 000000000 ____D C:\Program Files (x86)\Corel
2017-10-16 20:30 - 2017-01-28 04:31 - 000000000 ____D C:\Users\Joann\AppData\Roaming\HpUpdate
2017-10-13 02:00 - 2017-01-27 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-10-10 20:05 - 2017-05-22 11:53 - 000186304 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-10-10 20:05 - 2017-05-22 11:53 - 000152512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-10-10 20:05 - 2017-02-14 22:06 - 001796032 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-10-10 20:05 - 2017-02-14 22:06 - 001577920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-10-10 20:05 - 2017-02-14 22:06 - 000918976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2017-10-10 18:26 - 2017-04-06 15:10 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
==================== Files in the root of some directories =======
2017-01-28 04:24 - 2017-01-28 04:24 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-27 20:47 - 2017-01-27 20:47 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-01-27 21:29 - 2017-03-31 20:36 - 000754168 _____ (NVIDIA Corporation) C:\Users\Joann\AppData\Local\Temp\nvSCPAPI.dll
2017-01-27 21:29 - 2017-03-31 20:36 - 000868152 _____ (NVIDIA Corporation) C:\Users\Joann\AppData\Local\Temp\nvSCPAPI64.dll
2017-03-09 19:46 - 2017-03-31 20:36 - 000369208 _____ (NVIDIA Corporation) C:\Users\Joann\AppData\Local\Temp\nvStInst.exe
2015-05-26 06:42 - 2015-05-26 06:42 - 002870240 _____ (PamConsult GmbH) C:\Users\Joann\AppData\Local\Temp\OfficeIntegrationsSetup.exe
2017-01-28 06:32 - 2017-01-29 11:22 - 088206848 _____ (PamConsult GmbH.) C:\Users\Joann\AppData\Local\Temp\PamFaxSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-31 00:19
==================== End of FRST.txt ============================
Sorry if this is double post, I did post this already but I could not find where it posted and when I checked via my profile only much older post came up.
Your help is always appreciated.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Joann (administrator) on JOANN-PC (09-11-2017 07:51:04)
Running from C:\Users\Joann\aa Joann stuff\Computer stuff\Computer geeks repair stuff
Loaded Profiles: Joann (Available Profiles: Joann)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Dynamsoft Corporation) C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dynamsoft Corporation) C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dynamsoft Corporation) C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe
(MY.COM B.V.) C:\Users\Joann\AppData\Local\MyComGames\MyComGames.exe
(PamConsult GmbH) C:\Program Files (x86)\Pamela\Pamela.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Twitch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Portrait Displays, Inc) C:\Program Files (x86)\BenQ\Display Pilot\dthtml.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Floater.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\Joann\AppData\Roaming\Twitch\Bin\Electron\TwitchUI.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9038856 2016-10-26] (Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1208320 2016-08-26] ()
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-06-13] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 3.1 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-08-17] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [pamfax] => C:\ProgramData\SquirrelMachineInstalls\pamfax.exe [88206848 2017-01-29] (PamConsult GmbH.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [112424 2013-06-18] ()
HKLM-x32\...\Run: [DT BEN] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [122336 2014-08-12] (Portrait Displays, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-08-04] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1767816 2016-08-05] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1953688 2016-08-05] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [GoogleChromeAutoLaunch_2F642E33331905E4A86D7A1743933699] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [MyComGames] => C:\Users\Joann\AppData\Local\MyComGames\MyComGames.exe [5864336 2017-11-07] (MY.COM B.V.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [pamela.exe] => C:\Program Files (x86)\Pamela\Pamela.exe [12152856 2017-01-29] (PamConsult GmbH)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19405824 2017-04-14] ()
HKU\S-1-5-21-376763465-2706390899-476848016-1000\...\MountPoints2: {cb479cc8-e4f4-11e6-9df3-806e6f6e6963} - D:\Bin\Instv2.exe
Startup: C:\Users\Joann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-30]
ShortcutTarget: Twitch.lnk -> C:\Users\Joann\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{9683ABA6-9723-4017-8565-74CA2D35441A}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-01-27] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-01-27] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-01-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-01-27] (Google Inc.)
Handler-x32: intu-tt2016 - {D3619A28-0FAE-4AD2-A79F-BAD3CD6E8779} - C:\Program Files (x86)\TurboTax 2016\ic2016pp.dll [2016-11-23] (Intuit Canada, a general partnership/une société en nom collectif.)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-376763465-2706390899-476848016-1000: @my.com/Games -> C:\Users\Joann\AppData\Local\MyComGames\NPMyComDetector.dll [2017-10-27] (MY.COM B.V.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default [2017-11-09]
CHR Extension: (Slides) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Docs) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-27]
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2017-07-04]
CHR Extension: (Skype Calling) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-01-27]
CHR Extension: (YouTube) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-27]
CHR Extension: (Adblock Plus) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Block site) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2017-10-11]
CHR Extension: (Sheets) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Google Docs Offline) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-27]
CHR Extension: (AdBlock) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-09]
CHR Extension: (Pinterest Save Button) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-11-09]
CHR Extension: (Intel Hardware Auto Detection) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\jigddhlnakpgpgodgbfhbfibcgcimaep [2017-01-27]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2017-10-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Gmail) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-27]
CHR Extension: (Chrome Media Router) - C:\Users\Joann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-02]
CHR Profile: C:\Users\Joann\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3715208 2015-12-14] (Intel Corporation)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138720 2014-08-12] (Portrait Displays, Inc.)
R2 Dynamsoft WebTWAIN Service; C:\Windows\SysWOW64\Dynamsoft\DynamicWebTwain\ForChrome\WebTWAINService.exe [1387600 2015-03-16] (Dynamsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2017-01-28] (Macrovision Europe Ltd.) [File not signed]
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [175344 2016-12-02] (Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-06-13] ()
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2015-02-27] (Microsoft)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-10] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-18] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-10] (NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [315768 2016-08-05] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3376880 2013-06-13] (Intel® Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-08] ()
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [144872 2016-03-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1546216 2016-07-21] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [511952 2016-07-26] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-06] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-30] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [32224 2016-09-18] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [214272 2016-11-19] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [192952 2017-10-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [45504 2017-11-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-11-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2017-11-09] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [199736 2016-09-06] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3465184 2013-06-27] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-03-31] (NVIDIA Corporation)
R3 RTLU3E8023-W7-64; C:\Windows\System32\DRIVERS\rtu30x64w7.sys [83160 2013-10-12] (Realtek )
R3 SGXEPC; C:\Windows\System32\DRIVERS\sgx_driver.sys [52816 2016-06-27] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2017-01-28] (Windows (R) Win 7 DDK provider)
R3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2016-08-05] (Western Digital Technologies)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-09 07:49 - 2017-11-09 07:51 - 000000000 ____D C:\FRST
2017-10-30 16:51 - 2017-11-09 07:45 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-10-23 17:14 - 2017-10-10 20:05 - 000050624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-10-18 08:12 - 2017-10-18 08:12 - 000340149 _____ C:\Users\Joann\Documents\candlelight coupon jpg.pdf
2017-10-18 07:42 - 2017-10-18 07:42 - 000000000 ____D C:\ProgramData\VsTelemetry
2017-10-18 07:42 - 2017-10-18 07:42 - 000000000 ____D C:\Program Files (x86)\gs
2017-10-18 07:42 - 2017-10-18 07:40 - 000003099 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT Home & Student X8.lnk
2017-10-18 07:42 - 2017-10-18 07:40 - 000003051 _____ C:\Users\Public\Desktop\CorelDRAW Home & Student X8.lnk
2017-10-18 07:42 - 2017-10-18 07:40 - 000002840 _____ C:\Users\Public\Desktop\Corel CAPTURE X8.lnk
2017-10-18 07:42 - 2017-10-18 07:40 - 000002393 _____ C:\Users\Public\Desktop\Corel CONNECT X8.lnk
2017-10-18 07:40 - 2017-10-18 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Home & Student Suite X8
2017-10-17 13:35 - 2017-11-09 07:44 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-09 07:52 - 2009-07-13 23:45 - 000021920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:52 - 2009-07-13 23:45 - 000021920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-09 07:50 - 2009-07-14 00:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-09 07:50 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2017-11-09 07:48 - 2017-01-28 06:37 - 000000000 ____D C:\Users\Joann\AppData\Roaming\Skype
2017-11-09 07:45 - 2017-10-03 21:40 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-11-09 07:45 - 2017-10-03 21:40 - 000045504 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-11-09 07:45 - 2017-07-01 12:45 - 000000000 ____D C:\Users\Joann\AppData\Roaming\Twitch
2017-11-09 07:45 - 2017-01-27 21:43 - 000000000 ____D C:\Users\Joann\AppData\Local\MyComGames
2017-11-09 07:45 - 2017-01-27 21:28 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-09 07:44 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-09 07:37 - 2017-06-30 21:30 - 000000000 ____D C:\Users\Joann\AppData\Local\Battle.net
2017-11-08 17:55 - 2017-01-30 15:35 - 000000000 ____D C:\Users\Joann\AppData\Roaming\PamFax Office Integrations
2017-11-08 08:56 - 2017-06-30 21:32 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-11-08 08:56 - 2017-06-30 21:30 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-10-30 16:50 - 2009-07-14 00:08 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-28 06:51 - 2017-02-20 20:05 - 000000000 ____D C:\Users\Joann\Documents\Adam Stuff
2017-10-23 21:18 - 2017-01-27 21:24 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-23 17:16 - 2017-05-22 11:54 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:16 - 2017-02-14 22:07 - 000001412 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-10-23 17:16 - 2017-02-14 22:06 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:16 - 2017-01-27 21:24 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-10-23 17:16 - 2017-01-27 21:24 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-10-23 17:15 - 2017-02-14 22:06 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:15 - 2017-02-14 22:06 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 14:00 - 2017-01-28 05:46 - 000000000 ____D C:\Users\Joann\AppData\Local\CrashDumps
2017-10-18 11:32 - 2017-01-30 15:31 - 000000000 ____D C:\Users\Joann\Documents\Corel
2017-10-18 07:45 - 2017-01-27 22:08 - 000000000 ___RD C:\Users\Joann\Desktop\Orginial Downloads for setting up computer
2017-10-18 07:42 - 2017-01-27 20:43 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-18 07:42 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-10-18 07:41 - 2017-01-27 21:38 - 000000000 ____D C:\ProgramData\Corel
2017-10-18 07:40 - 2017-01-30 15:25 - 000000000 ____D C:\Users\Public\Documents\Corel
2017-10-18 07:40 - 2017-01-27 21:41 - 000000000 ____D C:\Users\Joann\AppData\Roaming\Corel
2017-10-18 07:39 - 2017-01-27 21:38 - 000000000 ____D C:\Program Files (x86)\Corel
2017-10-16 20:30 - 2017-01-28 04:31 - 000000000 ____D C:\Users\Joann\AppData\Roaming\HpUpdate
2017-10-13 02:00 - 2017-01-27 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-10-10 20:05 - 2017-05-22 11:53 - 000186304 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-10-10 20:05 - 2017-05-22 11:53 - 000152512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-10-10 20:05 - 2017-02-14 22:06 - 001796032 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-10-10 20:05 - 2017-02-14 22:06 - 001577920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-10-10 20:05 - 2017-02-14 22:06 - 000918976 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2017-10-10 18:26 - 2017-04-06 15:10 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
==================== Files in the root of some directories =======
2017-01-28 04:24 - 2017-01-28 04:24 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-01-27 20:47 - 2017-01-27 20:47 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-01-27 21:29 - 2017-03-31 20:36 - 000754168 _____ (NVIDIA Corporation) C:\Users\Joann\AppData\Local\Temp\nvSCPAPI.dll
2017-01-27 21:29 - 2017-03-31 20:36 - 000868152 _____ (NVIDIA Corporation) C:\Users\Joann\AppData\Local\Temp\nvSCPAPI64.dll
2017-03-09 19:46 - 2017-03-31 20:36 - 000369208 _____ (NVIDIA Corporation) C:\Users\Joann\AppData\Local\Temp\nvStInst.exe
2015-05-26 06:42 - 2015-05-26 06:42 - 002870240 _____ (PamConsult GmbH) C:\Users\Joann\AppData\Local\Temp\OfficeIntegrationsSetup.exe
2017-01-28 06:32 - 2017-01-29 11:22 - 088206848 _____ (PamConsult GmbH.) C:\Users\Joann\AppData\Local\Temp\PamFaxSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-31 00:19
==================== End of FRST.txt ============================