Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

Weird message and reoccurring alert from antivirus.

In Progress 
1K views 9 replies 2 participants last post by  dvk01 
#1 ·
Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G, AMD64 Family 21 Model 101 Stepping 1
Processor Count: 4
RAM: 5727 Mb
Graphics Card: AMD Radeon(TM) R5 Graphics, 384 Mb
Hard Drives: C: 223 GB (34 GB Free); D: 13 GB (1 GB Free);
Motherboard: HP, 81FA
Antivirus: Avira Antivirus, Enabled and Updated

I have recently been experiencing some odd messages on screen (see attached). Also my antivirus keeps finding virus and alerts me but they seem to keep coming back.
How can I check to see whats wrong?
 
#5 ·
first thing to check is a fault with avira.
If you are getting security errors trying to upload here or search here, then first check date & time on the computer.
If that is correct then try to turn off web protection as shown
https://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1037

then post the screenshot if it will
I don't have the options shown on the avira site. When I double click as shown I dont get 'web protection' I think it's only on pro version.
 
#4 ·
I jumped the gun and uninstalled Avira and then re installed it. I also installed malwarebytes and now that keeps telling me it's blocking programs from accessing web due to trojan. It's blocking firefox, and various others. Date and time were all correct.
 
#7 ·
lets see what this shows but I think we are going to need to completely uninstall Avira and use the inbuilt Windows Defender whilst troubleshooting

Please download Farbar Recovery Scan Tool and save it to your Desktop or downloads folder.

Note: You need to download and run the 64 bit version

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory/folder/place as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
 
#8 ·
Hope this helps.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.11.2018
Ran by Stel (administrator) on LAPTOP-O91JKA7N (24-11-2018 15:59:53)
Running from C:\Users\Stel\Desktop
Loaded Profiles: Stel (Available Profiles: defaultuser0 & Stel)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Greek (Greece)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
() C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\pub\PubMonitor.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5567760 2018-07-16] (IObit)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\Run: [uTorrent] => C:\Users\Stel\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-11-10] (BitTorrent Inc.)
HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\Run: [] => [X]
HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [1455752 2018-11-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\MountPoints2: {200254ca-e983-11e7-9472-a86bad5c5a82} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\MountPoints2: {3a5ceabf-e169-11e7-946a-a86bad5c5a82} - "F:\Lenovo_Suite.exe"
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{50cdb8fb-6af4-4a26-a0bc-f9c177ed8d68}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{7b85f625-405f-415d-8486-0333de3f718c}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7b85f625-405f-415d-8486-0333de3f718c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8e0106e5-c5b8-44c5-8de4-4b8ebf88d518}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{decb1322-c96d-4d6b-8763-4a80318ff280}: [DhcpNameServer] 10.10.57.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180523__ya[browser]
HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKU\S-1-5-21-3063150416-1561372912-2056264558-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180523__yaie&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-11-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-11-24] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-24] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-11-24] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

FireFox:
========
FF DefaultProfile: fc7p2zb5.default-1542957740287
FF ProfilePath: C:\Users\Stel\AppData\Roaming\Mozilla\Firefox\Profiles\fc7p2zb5.default-1542957740287 [2018-11-24]
FF Extension: (Telemetry coverage) - C:\Users\Stel\AppData\Roaming\Mozilla\Firefox\Profiles\fc7p2zb5.default-1542957740287\features\{557b7c4f-0311-45e4-8896-5a1add59ee39}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-11-23] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-18] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-11-24] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-11-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-11-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-3063150416-1561372912-2056264558-1001: www.mydlink.com/Uplayer -> C:\Users\Stel\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll [2015-12-11] (D-Link Corporation)

Chrome:
=======
CHR Profile: C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default [2018-11-22]
CHR Extension: (Slides) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-06]
CHR Extension: (Docs) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-06]
CHR Extension: (Google Drive) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-06]
CHR Extension: (YouTube) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-06]
CHR Extension: (Sheets) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-06]
CHR Extension: (Google Docs Offline) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-23]
CHR Extension: (Gmail) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-27]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-08-09] () [File not signed]
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-08-09] (Advanced Micro Devices) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9669920 2018-11-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 ExpressVpnService; C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [339168 2018-04-09] ()
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659456 2018-04-17] (Foxit Software Inc.)
S4 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
S4 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc.)
S4 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2347280 2018-07-16] (IObit)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [149776 2018-06-28] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (Intel Security, Inc.)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-09-13] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970240 2018-05-20] ()
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [286720 2018-09-08] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-09-22] ()
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\NisSrv.exe [4633248 2018-04-17] (Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\MsMpEng.exe [104680 2018-04-17] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [313760 2016-08-26] (Advanced Micro Devices)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27384 2016-08-26] (Advanced Micro Devices, INC.)
R3 AmdGpio2; C:\WINDOWS\System32\drivers\AmdGpio2.sys [34032 2016-08-26] (Advanced Micro Devices, INC.)
R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [48880 2016-08-26] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [78064 2016-08-26] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices, Inc. )
R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [76304 2016-08-26] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [118848 2016-08-26] (Advanced Micro Devices)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-09-04] (Bluestack System Inc. )
R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [104688 2016-10-12] (Realtek Semiconductor Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVpn SplitTunnel Driver\driver\expressvpnsplittunnel.sys [28160 2018-04-09] ()
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44032 2018-03-20] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39232 2018-03-20] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40384 2018-03-20] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34048 2018-03-20] (IObit.com)
S1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [41920 2018-06-27] (IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [51256 2018-04-04] (IObit.com)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-05-12] (IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-05-15] (IObit)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-11-23] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-11-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-11-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-24] (Malwarebytes)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [492520 2017-09-15] (McAfee LLC)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108456 2017-11-14] (McAfee LLC.)
S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115184 2017-09-15] (McAfee LLC)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52728 2018-03-20] (IObit.com)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [963088 2017-08-22] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [784264 2018-05-31] (Realtek Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-09-23] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [64104 2016-08-25] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-04-09] (The OpenVPN Project)
S3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
S4 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-04-17] (Microsoft Corporation)
S4 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [311848 2018-04-17] (Microsoft Corporation)
S4 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60456 2018-04-17] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP)
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-24 15:59 - 2018-11-24 16:00 - 000024945 _____ C:\Users\Stel\Desktop\FRST.txt
2018-11-24 15:57 - 2018-11-24 15:58 - 002416640 _____ (Farbar) C:\Users\Stel\Desktop\FRST64.exe
2018-11-24 10:10 - 2018-11-24 10:10 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-11-24 10:10 - 2018-11-24 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-11-24 08:42 - 2018-11-24 15:53 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-11-24 08:42 - 2018-11-24 08:42 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-11-24 08:42 - 2018-11-24 08:42 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-11-24 08:42 - 2018-11-24 08:42 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-11-23 14:03 - 2018-11-23 15:50 - 000000000 ____D C:\Users\Stel\Downloads\Microsoft Office Professional Plus 2016 (x86+x64) v16.0.4738.1000 November 2018 + Activator [CracksMind]
2018-11-23 10:16 - 2018-11-23 10:16 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2018-11-23 10:15 - 2018-11-23 10:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira
2018-11-23 09:45 - 2018-11-23 09:45 - 000000000 ____D C:\Users\Stel\AppData\Local\mbam
2018-11-23 09:36 - 2018-11-23 09:36 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-11-23 09:36 - 2018-11-23 09:36 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-23 09:36 - 2018-11-23 09:36 - 000000000 ____D C:\Users\Stel\AppData\Local\mbamtray
2018-11-23 09:36 - 2018-11-23 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-23 09:36 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-11-23 09:35 - 2018-11-23 09:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-23 09:35 - 2018-11-23 09:35 - 000000000 ____D C:\Program Files\Malwarebytes
2018-11-23 09:22 - 2018-11-23 09:22 - 000000000 ____D C:\Users\Stel\Desktop\Old Firefox Data
2018-11-22 18:06 - 2018-11-23 09:49 - 000000000 ____D C:\ProgramData\KMSAuto
2018-11-22 18:03 - 2018-11-22 18:03 - 000000000 ____D C:\Users\Stel\AppData\Local\TolorencTransof
2018-11-22 18:02 - 2018-11-22 18:02 - 000000000 ____D C:\ProgramData\Chemtable Software
2018-11-22 17:59 - 2012-07-15 07:18 - 000030720 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapoas.sys
2018-11-22 17:57 - 2018-11-22 18:06 - 000000000 ____D C:\Users\Stel\AppData\Local\MSfree Inc
2018-11-22 17:51 - 2018-11-22 18:29 - 000000000 ____D C:\Users\Stel\AppData\Local\ChemTable Software
2018-11-22 17:42 - 2018-11-22 17:42 - 000000000 ____D C:\Users\Stel\AppData\Roaming\Skype
2018-11-22 17:39 - 2018-11-22 17:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-11-22 17:28 - 2018-11-24 10:12 - 000000000 ____D C:\Program Files\Microsoft Office
2018-11-22 17:28 - 2018-11-22 17:28 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-11-22 17:21 - 2018-11-22 17:21 - 000000000 ____D C:\Users\Stel\Downloads\The Official UK Top 40 Singles Chart (16.11.2018) Mp3 (320kbps) [Hunter]
2018-11-22 17:21 - 2018-11-22 17:21 - 000000000 ____D C:\Users\Stel\Downloads\Mumford & Sons - Delta (2018) Mp3 (320kbps) [Hunter]
2018-11-22 14:04 - 2018-11-22 14:28 - 000000000 ____D C:\Users\Stel\Downloads\Thunderbird.6.1968.720p.BluRay.H264.AAC-RARBG
2018-11-22 13:57 - 2018-11-22 14:04 - 444929441 ____R C:\Users\Stel\Downloads\the.breaker.upperers.2018.720p.bluray.hevc.x265.rmteam.mkv
2018-11-21 18:43 - 2018-11-21 18:49 - 289867849 ____R C:\Users\Stel\Downloads\The.Rookie.S01E02.720p.HDTV.x265-MiNX[eztv].mkv
2018-11-21 16:25 - 2018-11-21 16:30 - 000000000 ____D C:\Users\Stel\Downloads\The.Rookie.S01E04.720p.HDTV.x265-MiNX[TGx]
2018-11-21 16:19 - 2018-11-21 16:24 - 000000000 ____D C:\Users\Stel\Downloads\The.Rookie.S01E03.HDTV.x264-SVA[rarbg]
2018-11-21 16:13 - 2018-11-21 16:19 - 302130937 _____ C:\Users\Stel\Downloads\The.Rookie.S01E01.720p.HDTV.x265-MiNX[eztv].mkv
2018-11-21 16:01 - 2018-11-21 16:09 - 000000000 ____D C:\Users\Stel\Downloads\A-X-L (2018) [WEBRip] [720p] [YTS.AM]
2018-11-21 15:38 - 2018-11-21 15:57 - 000000000 ____D C:\Users\Stel\Downloads\Searching (2018) [WEBRip] [1080p] [YTS.AM]
2018-11-21 01:16 - 2018-11-21 01:20 - 000000000 ____D C:\Users\Stel\Downloads\Back For The First Time
2018-11-21 01:15 - 2018-11-21 01:18 - 000000000 ____D C:\Users\Stel\Downloads\Ludacris - Ludaversal (Deluxe Edition) [MP3] [2015]
2018-11-19 13:09 - 2018-11-19 14:14 - 000000000 ____D C:\Users\Stel\Downloads\The.Ballad.of.Buster.Scruggs.2018.HDRip.XviD.AC3-EVO[EtMovies]
2018-11-18 11:18 - 2018-11-18 11:33 - 217613233 _____ C:\Users\Stel\Downloads\this.old.house.s40e07.modern.barn.raising.hdtv.x264-w4f[eztv].mkv
2018-11-15 18:26 - 2018-11-01 13:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-15 18:26 - 2018-11-01 13:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-15 18:26 - 2018-11-01 13:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-15 18:26 - 2018-11-01 13:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-15 18:26 - 2018-11-01 13:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-15 18:26 - 2018-11-01 13:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-15 18:26 - 2018-11-01 13:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-15 18:26 - 2018-11-01 13:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-15 18:26 - 2018-11-01 13:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-15 18:26 - 2018-11-01 13:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-15 18:26 - 2018-11-01 13:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-15 18:26 - 2018-11-01 13:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-15 18:26 - 2018-11-01 13:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-15 18:26 - 2018-11-01 13:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-15 18:26 - 2018-11-01 13:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-15 18:26 - 2018-11-01 12:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-15 18:26 - 2018-11-01 11:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-15 18:26 - 2018-11-01 11:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-15 18:26 - 2018-11-01 11:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-15 18:26 - 2018-11-01 11:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-15 18:26 - 2018-11-01 11:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-15 18:26 - 2018-11-01 11:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-15 18:26 - 2018-11-01 11:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-15 18:26 - 2018-11-01 09:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-15 18:26 - 2018-11-01 09:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-15 18:26 - 2018-11-01 09:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-15 18:26 - 2018-11-01 09:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-15 18:26 - 2018-11-01 09:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-15 18:26 - 2018-11-01 09:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-15 18:26 - 2018-11-01 09:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-15 18:26 - 2018-11-01 09:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-15 18:26 - 2018-11-01 09:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-15 18:26 - 2018-11-01 09:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-15 18:26 - 2018-11-01 09:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-15 18:26 - 2018-11-01 09:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-15 18:26 - 2018-11-01 09:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-15 18:26 - 2018-11-01 09:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-15 18:26 - 2018-11-01 09:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-15 18:26 - 2018-11-01 09:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-15 18:26 - 2018-11-01 09:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-15 18:26 - 2018-11-01 09:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-15 18:26 - 2018-11-01 09:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-15 18:26 - 2018-11-01 09:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-15 18:26 - 2018-11-01 09:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-15 18:26 - 2018-11-01 09:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-15 18:26 - 2018-11-01 09:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-15 18:26 - 2018-11-01 09:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-15 18:26 - 2018-11-01 09:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-15 18:26 - 2018-11-01 09:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-15 18:26 - 2018-11-01 09:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-15 18:26 - 2018-11-01 09:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-15 18:26 - 2018-11-01 09:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-15 18:26 - 2018-11-01 09:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-15 18:26 - 2018-11-01 09:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-15 18:26 - 2018-11-01 09:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-15 18:26 - 2018-11-01 09:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-15 18:26 - 2018-11-01 09:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-15 18:26 - 2018-11-01 09:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-15 18:26 - 2018-11-01 08:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-15 18:26 - 2018-11-01 08:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-15 18:26 - 2018-11-01 08:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-15 18:26 - 2018-11-01 08:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-15 18:26 - 2018-11-01 08:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-15 18:26 - 2018-11-01 08:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-15 18:26 - 2018-11-01 08:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-15 18:26 - 2018-11-01 08:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-15 18:26 - 2018-11-01 08:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-15 18:26 - 2018-11-01 08:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-15 18:26 - 2018-11-01 08:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-15 18:26 - 2018-11-01 08:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-15 18:26 - 2018-11-01 08:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-15 18:26 - 2018-11-01 08:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-15 18:26 - 2018-11-01 08:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-15 18:26 - 2018-11-01 08:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-15 18:26 - 2018-11-01 08:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-15 18:26 - 2018-11-01 08:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-15 18:26 - 2018-11-01 08:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-15 18:26 - 2018-11-01 08:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-15 18:26 - 2018-11-01 08:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-15 18:26 - 2018-11-01 08:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-15 18:26 - 2018-11-01 08:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-15 18:26 - 2018-11-01 08:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-15 18:26 - 2018-11-01 07:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-15 18:26 - 2018-11-01 06:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-15 18:26 - 2018-11-01 06:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-15 18:26 - 2018-11-01 06:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-15 18:26 - 2018-11-01 06:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-15 18:26 - 2018-11-01 06:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-15 18:26 - 2018-11-01 06:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-15 18:26 - 2018-11-01 06:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-15 18:26 - 2018-11-01 06:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-15 18:26 - 2018-11-01 06:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-15 18:26 - 2018-11-01 06:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-15 18:26 - 2018-11-01 06:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-15 18:26 - 2018-11-01 06:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-15 18:26 - 2018-11-01 06:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-15 18:26 - 2018-11-01 06:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-15 18:26 - 2018-11-01 06:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-15 18:26 - 2018-11-01 06:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-15 18:26 - 2018-11-01 06:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-15 18:26 - 2018-11-01 06:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-15 18:26 - 2018-11-01 06:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-15 18:26 - 2018-11-01 06:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-15 18:26 - 2018-11-01 06:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-15 18:26 - 2018-11-01 06:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-15 18:26 - 2018-11-01 06:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-15 18:26 - 2018-11-01 06:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-15 18:26 - 2018-11-01 06:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-15 18:26 - 2018-11-01 06:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-15 18:26 - 2018-11-01 06:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-15 18:26 - 2018-11-01 06:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-15 18:26 - 2018-11-01 06:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-15 18:26 - 2018-11-01 06:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-15 18:26 - 2018-11-01 06:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-15 18:26 - 2018-11-01 06:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-15 18:26 - 2018-11-01 06:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-15 18:26 - 2018-11-01 06:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-15 18:26 - 2018-11-01 06:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-15 18:26 - 2018-11-01 06:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-15 18:26 - 2018-11-01 06:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-15 18:26 - 2018-10-21 15:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-15 18:26 - 2018-10-21 15:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-15 18:26 - 2018-10-21 15:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-15 18:26 - 2018-10-21 15:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-15 18:26 - 2018-10-21 15:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-15 18:26 - 2018-10-21 14:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-15 18:26 - 2018-10-21 14:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-15 18:26 - 2018-10-21 14:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-15 18:26 - 2018-10-21 14:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-15 18:26 - 2018-10-21 14:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-15 18:26 - 2018-10-21 14:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-15 18:26 - 2018-10-21 14:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-15 18:26 - 2018-10-21 14:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-15 18:26 - 2018-10-21 14:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-15 18:26 - 2018-10-21 14:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-15 18:26 - 2018-10-21 14:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-15 18:26 - 2018-10-21 14:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-15 18:26 - 2018-10-21 13:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-15 18:26 - 2018-10-21 13:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-15 18:26 - 2018-10-21 13:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-15 18:26 - 2018-10-21 13:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-15 18:26 - 2018-10-21 13:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-15 18:26 - 2018-10-21 13:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-15 18:26 - 2018-10-21 13:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-15 18:26 - 2018-10-21 13:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-15 18:26 - 2018-10-21 13:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-15 18:26 - 2018-10-21 13:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-15 18:26 - 2018-10-21 13:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-15 18:26 - 2018-10-21 09:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-15 18:26 - 2018-10-21 09:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-15 18:26 - 2018-10-21 09:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-15 18:26 - 2018-10-21 09:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-15 18:26 - 2018-10-21 09:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-15 18:26 - 2018-10-21 09:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-15 18:26 - 2018-10-21 09:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-15 18:26 - 2018-10-21 09:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-15 18:26 - 2018-10-21 09:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-15 18:26 - 2018-10-21 09:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-15 18:26 - 2018-10-21 09:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-15 18:26 - 2018-10-21 09:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-15 18:26 - 2018-10-21 09:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-15 18:26 - 2018-10-21 09:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-15 18:26 - 2018-10-21 09:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-15 18:26 - 2018-10-21 09:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-15 18:26 - 2018-10-21 09:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-15 18:26 - 2018-10-21 09:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-15 18:26 - 2018-10-21 09:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-15 18:26 - 2018-10-21 09:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-15 18:26 - 2018-10-21 09:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-15 18:26 - 2018-10-21 09:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-15 18:26 - 2018-10-21 09:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-15 18:26 - 2018-10-21 09:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-15 18:26 - 2018-10-21 09:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-15 18:26 - 2018-10-21 09:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-15 18:26 - 2018-10-21 09:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-15 18:26 - 2018-10-21 09:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-15 18:26 - 2018-10-21 09:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-15 18:26 - 2018-10-21 09:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-15 18:26 - 2018-10-21 09:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-15 18:26 - 2018-10-21 09:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-15 18:26 - 2018-10-21 09:18 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2018-11-15 18:26 - 2018-10-21 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-15 18:26 - 2018-10-21 09:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-15 18:26 - 2018-10-21 09:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-15 18:26 - 2018-10-21 09:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-15 18:26 - 2018-10-21 09:17 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
2018-11-15 18:26 - 2018-10-21 09:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-15 18:26 - 2018-10-21 09:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-15 18:26 - 2018-10-21 09:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-15 18:26 - 2018-10-21 09:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-15 18:26 - 2018-10-21 09:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-15 18:26 - 2018-10-21 09:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-15 18:26 - 2018-10-21 09:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-15 18:26 - 2018-10-21 09:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-15 18:26 - 2018-10-21 09:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-15 18:26 - 2018-10-21 09:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-15 18:26 - 2018-10-21 09:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-15 18:26 - 2018-10-21 09:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-15 18:26 - 2018-10-21 09:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-15 18:26 - 2018-10-21 09:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-15 18:26 - 2018-10-21 09:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-15 18:26 - 2018-10-21 09:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-15 18:26 - 2018-10-21 09:14 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-11-15 18:26 - 2018-10-21 09:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-15 18:26 - 2018-10-21 09:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-15 18:26 - 2018-10-21 09:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-15 18:26 - 2018-10-21 09:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-15 18:26 - 2018-10-21 09:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-15 18:26 - 2018-10-21 09:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-15 18:26 - 2018-10-21 09:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-15 18:26 - 2018-10-21 09:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-15 18:26 - 2018-10-21 09:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-15 18:26 - 2018-10-21 09:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-15 18:26 - 2018-10-21 08:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-15 18:26 - 2018-10-21 08:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-15 18:26 - 2018-10-21 08:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-15 18:26 - 2018-10-21 08:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-15 18:26 - 2018-10-21 07:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-15 18:26 - 2018-10-21 07:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-15 18:26 - 2018-04-28 06:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-11-15 18:25 - 2018-11-01 13:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-15 18:25 - 2018-11-01 13:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-15 18:25 - 2018-11-01 13:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-15 18:25 - 2018-11-01 13:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-15 18:25 - 2018-11-01 13:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-15 18:25 - 2018-11-01 11:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-15 18:25 - 2018-11-01 11:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-15 18:25 - 2018-11-01 11:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-15 18:25 - 2018-11-01 09:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-15 18:25 - 2018-11-01 09:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-15 18:25 - 2018-11-01 09:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-15 18:25 - 2018-11-01 09:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-15 18:25 - 2018-11-01 08:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-15 18:25 - 2018-11-01 08:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-15 18:25 - 2018-11-01 08:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-15 18:25 - 2018-11-01 08:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-15 18:25 - 2018-11-01 08:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-15 18:25 - 2018-11-01 08:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-15 18:25 - 2018-11-01 08:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-15 18:25 - 2018-11-01 07:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-15 18:25 - 2018-11-01 06:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-15 18:25 - 2018-11-01 06:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-15 18:25 - 2018-11-01 06:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-15 18:25 - 2018-11-01 06:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-15 18:25 - 2018-11-01 06:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-15 18:25 - 2018-11-01 06:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-15 18:25 - 2018-10-21 14:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-15 18:25 - 2018-10-21 14:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-15 18:25 - 2018-10-21 14:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-15 18:25 - 2018-10-21 13:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-15 18:25 - 2018-10-21 11:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-15 18:25 - 2018-10-21 10:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-15 18:25 - 2018-10-21 09:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-15 18:25 - 2018-10-21 09:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-15 18:25 - 2018-10-21 09:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-15 18:25 - 2018-10-21 09:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-15 18:25 - 2018-10-21 09:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-15 18:25 - 2018-10-21 09:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-15 18:25 - 2018-10-21 09:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-15 18:25 - 2018-10-21 09:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-15 18:25 - 2018-10-21 09:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-15 18:25 - 2018-10-21 09:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-15 18:25 - 2018-10-21 08:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-13 14:57 - 2018-11-13 15:49 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - November 2018 (True PDF)
2018-11-13 14:56 - 2018-11-13 15:30 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - November 1 2018 (True PDF)
2018-11-11 03:50 - 2018-11-11 04:00 - 000000000 ____D C:\Users\Stel\Downloads\VA-London_Tea_Party_Lounge_Chillout_2018
2018-11-11 03:33 - 2018-11-11 03:50 - 000000000 ____D C:\Users\Stel\Downloads\VA-50_Ultimate_House_Tracks_Workout_Edition
2018-11-11 03:30 - 2018-11-11 03:33 - 000000000 ____D C:\Users\Stel\Downloads\Imagine_Dragons-Origins-(Deluxe_Edition)-2018-RiBS
2018-11-11 03:27 - 2018-11-11 03:30 - 000000000 ____D C:\Users\Stel\Downloads\Muse-Simulation_Theory-(Deluxe_Edition)-2018-RiBS
2018-11-11 03:17 - 2018-11-11 03:27 - 000000000 ____D C:\Users\Stel\Downloads\Jordan B. Peterson - 12 Rules for Life An Antidote to Chaos (Unabridged)
2018-11-08 07:58 - 2018-11-08 08:12 - 000000000 ____D C:\Users\Stel\Downloads\Luis & The Aliens (2018) [BluRay] [720p] [YTS.AM]
2018-11-08 07:40 - 2018-11-08 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-06 15:06 - 2018-11-06 15:06 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-11-06 15:06 - 2018-11-06 15:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-11-06 15:06 - 2018-11-06 15:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-11-06 15:06 - 2018-11-06 15:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-11-06 10:17 - 2018-11-06 12:08 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House March 2018
2018-11-05 18:35 - 2018-11-06 22:00 - 000000000 ____D C:\Users\Stel\Downloads\Beatport Top 100 House May 2017 [MWBP]
2018-11-05 18:35 - 2018-11-06 12:27 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House July 2018
2018-11-05 17:29 - 2018-11-05 18:01 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House April 2018
2018-11-05 17:21 - 2018-11-05 17:29 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House February 2018
2018-11-05 16:54 - 2018-11-05 17:03 - 000000000 ____D C:\Users\Stel\Downloads\Deep and Sexy 20 Deep House and Funky House Music Tunes Vol 4
2018-11-05 16:46 - 2018-11-05 17:21 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House January 2018
2018-11-05 16:34 - 2018-11-05 16:46 - 000000000 ____D C:\Users\Stel\Downloads\VA-King_Size_Deep-House_Vol_1
2018-11-05 16:19 - 2018-11-05 16:34 - 000000000 ____D C:\Users\Stel\Downloads\Top50 Tracks Deep House Ver.5 (2018)
2018-11-05 15:51 - 2018-11-05 16:19 - 000000000 ____D C:\Users\Stel\Downloads\Deep-House Jam Vol.3 (The Best Deep-House) (2018)
2018-11-05 15:51 - 2018-11-05 15:51 - 000000000 ____D C:\Users\Stel\Downloads\VA - Ministry Of Sound Deep House Anthems (2018) Mp3 (320kbps) [Hunter]
2018-11-03 00:04 - 2018-11-03 00:09 - 000000000 ____D C:\Users\Stel\Downloads\Diana Krall - Turn Up the Quiet (2017) flac
2018-11-02 19:01 - 2018-11-03 00:04 - 000000000 ____D C:\Users\Stel\Downloads\2xHD - Audiophile Hi-Res System Test
2018-11-02 18:59 - 2018-11-02 22:31 - 000000000 ____D C:\Users\Stel\Downloads\Mike.Oldfield.Return.To_Ommadawn.Deluxe.Edition.2017
2018-11-02 18:45 - 2018-11-02 18:53 - 000000000 ____D C:\Users\Stel\Downloads\Daft Punk - Random Access Memories (2013) [FLAC]
2018-11-02 18:32 - 2018-11-02 18:39 - 000000000 ____D C:\Users\Stel\Downloads\Laurie Anderson and Kronos Quartet - Landfall (2018)(FLAC)(CD)
2018-11-02 11:35 - 2018-11-02 12:29 - 000000000 ____D C:\Users\Stel\Downloads\THE MILLION DOLLAR SCREENPLAY! Write your movie today
2018-11-02 11:01 - 2018-11-02 11:05 - 089051905 _____ C:\Users\Stel\Downloads\Stock Trading Ninja - Learn How To Make Money Trading Stocks.rar
2018-11-01 21:40 - 2018-11-01 22:14 - 000000000 ____D C:\Users\Stel\Downloads\The Equalizer 2 (2018) [WEBRip] [720p] [YTS.AM]
2018-10-31 22:12 - 2018-10-31 22:41 - 000000000 ____D C:\Users\Stel\Downloads\Alpha (2018) [WEBRip] [720p] [YTS.AM]
2018-10-31 22:00 - 2018-10-31 22:03 - 000000000 ____D C:\Users\Stel\Downloads\Queen - Bohemian Rhapsody (The Original Soundtrack) (2018) [320]
2018-10-31 12:44 - 2018-10-31 12:45 - 026210808 _____ C:\Users\Stel\Desktop\trooper_1999.pdf
2018-10-29 12:31 - 2018-11-01 16:44 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 21 2018 (True PDF)
2018-10-29 12:30 - 2018-11-08 07:34 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 28 2018 (True PDF)
2018-10-29 12:28 - 2018-11-01 16:44 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 12 2018 (True PDF)- [GloDLS]
2018-10-28 22:14 - 2018-11-23 10:18 - 000000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForStel.job
2018-10-28 22:14 - 2018-11-22 23:22 - 000003248 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForStel
2018-10-26 11:45 - 2018-10-26 13:48 - 000000000 ____D C:\Users\Stel\Downloads\Incredibles 2 (2018) [WEBRip] [1080p] [YTS.AM]

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-24 15:59 - 2018-01-11 19:24 - 000000000 ____D C:\FRST
2018-11-24 15:56 - 2017-12-01 21:43 - 000000000 ___RD C:\Users\Stel\Desktop\Cleaning
2018-11-24 15:55 - 2016-10-24 03:43 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-24 15:49 - 2018-06-09 13:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-24 15:49 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-24 14:42 - 2018-07-05 15:48 - 000000740 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-11-24 10:11 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-24 10:11 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-24 09:49 - 2017-11-24 19:15 - 000000000 ____D C:\Users\Stel\AppData\Roaming\uTorrent
2018-11-24 09:46 - 2017-11-24 16:46 - 000000000 ____D C:\Users\Stel\AppData\LocalLow\Mozilla
2018-11-24 08:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-24 08:48 - 2018-06-09 13:19 - 001675524 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-24 08:48 - 2018-04-12 18:15 - 000636590 _____ C:\WINDOWS\system32\perfh008.dat
2018-11-24 08:48 - 2018-04-12 18:15 - 000128784 _____ C:\WINDOWS\system32\perfc008.dat
2018-11-24 08:41 - 2018-06-09 13:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-23 17:33 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-23 17:33 - 2017-03-19 01:04 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2018-11-23 14:15 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-23 13:52 - 2017-11-24 16:42 - 000000000 ____D C:\Users\Stel\AppData\Roaming\vlc
2018-11-23 10:18 - 2018-06-09 13:16 - 000499952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-23 10:18 - 2018-01-09 13:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-23 10:18 - 2018-01-09 13:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-22 22:09 - 2018-08-11 19:58 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - July 1 2018 (True PDF)
2018-11-22 18:02 - 2017-12-13 12:27 - 000000000 ____D C:\Users\Stel\AppData\Local\Packages
2018-11-22 17:55 - 2017-12-01 21:42 - 000000000 ___RD C:\Users\Stel\Desktop\Internet and PC & Games
2018-11-22 17:54 - 2018-06-09 13:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-11-22 17:53 - 2018-06-09 13:28 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-22 14:17 - 2018-09-03 16:14 - 000000000 ____D C:\Users\Stel\Desktop\Alexander & Timothy Hospital
2018-11-21 14:35 - 2018-06-09 11:23 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-11-21 14:32 - 2016-07-16 13:47 - 000000108 _____ C:\WINDOWS\win.ini
2018-11-21 06:55 - 2018-06-10 13:51 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - June 8 2018 (True PDF)
2018-11-21 06:54 - 2018-01-01 20:26 - 000000000 ____D C:\Users\Stel\Desktop\Mags To Keep
2018-11-20 15:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-20 08:09 - 2018-01-10 16:07 - 000000000 ____D C:\ProgramData\IObit
2018-11-19 23:55 - 2018-06-09 13:19 - 000000000 ____D C:\Users\Stel
2018-11-19 18:29 - 2018-01-10 16:07 - 000000000 ____D C:\ProgramData\ProductData
2018-11-18 23:26 - 2018-09-18 21:14 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-18 23:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-18 23:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-18 23:26 - 2017-12-03 16:34 - 000000000 ____D C:\Users\Stel\AppData\Local\Adobe
2018-11-18 16:42 - 2018-07-02 23:22 - 000000000 ____D C:\Users\Stel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-11-17 01:00 - 2018-04-12 01:41 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-17 01:00 - 2018-04-12 01:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 23:16 - 2018-06-09 13:28 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3063150416-1561372912-2056264558-1001
2018-11-16 23:16 - 2018-06-09 13:19 - 000002371 _____ C:\Users\Stel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-16 23:16 - 2017-11-24 16:08 - 000000000 ___RD C:\Users\Stel\OneDrive
2018-11-16 20:31 - 2017-11-26 11:00 - 000000000 ____D C:\Program Files\rempl
2018-11-15 21:53 - 2017-12-02 12:03 - 000000000 ___RD C:\Users\Stel\3D Objects
2018-11-15 21:53 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-15 18:25 - 2017-11-25 20:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-15 18:10 - 2017-11-25 20:04 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-15 17:44 - 2018-02-06 23:03 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-09 08:45 - 2018-09-30 17:30 - 000000000 ____D C:\Users\Stel\Desktop\Wedding Invoices to move
2018-11-08 07:40 - 2016-10-24 03:45 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-04 21:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-11-03 16:03 - 2018-02-16 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
2018-11-03 16:03 - 2018-02-16 22:42 - 000000000 ____D C:\Program Files (x86)\Free YouTube Downloader
2018-11-03 15:35 - 2017-11-25 12:56 - 000000000 ____D C:\Users\Stel\AppData\Roaming\MediaMonkey
2018-11-02 17:50 - 2017-12-24 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2018-11-02 17:50 - 2017-12-24 00:21 - 000000000 ____D C:\Program Files (x86)\MediaMonkey
2018-11-02 17:50 - 2017-12-01 21:44 - 000000000 ___RD C:\Users\Stel\Desktop\Audio Visual
2018-10-30 19:46 - 2018-10-17 18:17 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 7 2018 (True PDF) - [GloDLS]
2018-10-30 19:43 - 2018-09-23 00:29 - 000000000 ____D C:\Users\Stel\Downloads\2 Antoni mags
2018-10-28 22:26 - 2018-02-19 13:37 - 000000000 ___RD C:\Users\Stel\Desktop\Photos 2018
2018-10-28 22:23 - 2017-12-01 16:56 - 000000000 ____D C:\Users\Stel\Desktop\Shop Hair etc
2018-10-28 07:26 - 2018-09-23 00:26 - 000000000 ____D C:\Users\Stel\Downloads\1 Assorted Hi Fi & Tech mags
2018-10-27 22:05 - 2018-08-11 14:22 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - August 7 2018 (True PDF)

==================== Files in the root of some directories =======

2018-01-01 23:19 - 2018-01-01 23:19 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_010118_231944.txt
2018-03-09 20:46 - 2018-03-09 20:46 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_030918_204624.txt
2017-12-01 22:33 - 2017-12-01 22:33 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120117_223327.txt
2017-12-01 22:35 - 2017-12-01 22:35 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120117_223512.txt
2017-12-03 17:27 - 2017-12-03 17:27 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120317_172726.txt
2017-12-03 17:31 - 2017-12-03 17:31 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120317_173155.txt
2017-12-03 17:32 - 2017-12-03 17:32 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120317_173205.txt
2017-12-05 10:34 - 2017-12-05 10:34 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120517_103415.txt
2017-12-05 10:39 - 2017-12-05 10:39 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120517_103903.txt
2017-12-06 13:36 - 2017-12-06 13:36 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120617_133614.txt
2017-12-08 23:25 - 2017-12-08 23:25 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120817_232515.txt
2017-12-08 23:25 - 2017-12-08 23:25 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120817_232524.txt
2017-12-08 23:36 - 2017-12-08 23:36 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120817_233658.txt
2017-12-16 10:19 - 2017-12-16 10:19 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_121617_101956.txt
2017-11-24 16:06 - 2018-02-21 07:07 - 001059828 _____ () C:\Users\Stel\AppData\Local\BTServer.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-09 13:16

==================== End of FRST.txt ============================
 
#9 ·
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by Stel (24-11-2018 16:01:07)
Running from C:\Users\Stel\Desktop
Windows 10 Home Version 1803 17134.407 (X64) (2018-06-09 11:29:17)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3063150416-1561372912-2056264558-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3063150416-1561372912-2056264558-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3063150416-1561372912-2056264558-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3063150416-1561372912-2056264558-501 - Limited - Disabled)
Stel (S-1-5-21-3063150416-1561372912-2056264558-1001 - Administrator - Enabled) => C:\Users\Stel
WDAGUtilityAccount (S-1-5-21-3063150416-1561372912-2056264558-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Ableton Live 10 Suite (HKLM\...\{FE06C730-0296-42D9-B869-4E819D7F47A3}) (Version: 10.0.0.0 - Ableton)
ACP Application (HKLM\...\{FC5382F1-9A21-5071-E376-C401639D8227}) (Version: 2016.0809.2131.47 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
AirDroid 3.3.0.0 (HKLM-x32\...\AirDroid) (Version: 3.3.0.0 - Sand Studio)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.4.0.1226 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.30.50.1690 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{6F8C7E9C-6C88-08DE-6F31-5395790F5148}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{9036ED75-13E0-2628-F0A6-B9DE9F4FED30}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7F7C6545-CAFA-2F58-1C19-900545747191}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{FE4CC0BC-124C-4B4A-40D2-DB7A21F4CDAA}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{B63F9039-62FF-33D1-7CC0-35F1B7DFAF80}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E74C7D57-F458-1E35-9904-4428C5CA1E7C}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{4B17EB4C-FF8D-E0C3-A576-E143A82CC7D9}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{0091B985-1F06-AC61-374A-BDCCC5405945}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{349AA249-E523-D0AB-235A-4B3B77DE6C9E}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{F581A9CB-4271-2631-003E-E870714D50BE}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{C74E37D5-4457-7F79-60A0-F5A870A572EC}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{696CE3C3-A3E6-6E42-E7D1-C4A823663F43}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{38E23A09-DA95-546E-9DB0-0674910F4E8B}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{0B6AC8F2-F8AA-C034-90D6-0DDA78389033}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{93CC5540-14E4-61E5-9F96-21F47A30BEC4}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{2019DF89-50CE-0EFE-8E15-5D2E9355736A}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{7D28DBD4-ECD3-1677-251A-293BAB571C7B}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9331166D-900D-ACA4-3955-8548FFF6FC7A}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C422C2AD-A58E-4BBC-1344-CC0F1361E9B5}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{0078B0A2-7F60-1FDE-BD14-76DCD7C47885}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{6EF31FA5-01A9-CD41-199F-8B5C7BE1ADCB}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Click Install if prompted (HKLM-x32\...\{40830C8E-936E-4E08-AE37-240FF3343927}) (Version: 1.0.6.0 - ExpressVpn) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
DaVinci Resolve (HKLM\...\{3A2C86D3-248C-47EB-A791-AE7AC6F19C23}) (Version: 14.2.0012 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{332552D0-B8EE-49BF-B904-E038A72BD2B2}) (Version: 1.1.2.0 - Blackmagic Design)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{DF70BFBB-EFAF-4ED6-BBCA-BA00FF01E643}) (Version: 6.6.0.4121 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ef177096-6c55-4848-adc8-41ffb583a002}) (Version: 6.6.0.4121 - ExpressVPN)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.6.18.11 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{FF4696FC-E862-4C69-9EC4-BCBD23063EB1}) (Version: 12.9.24.3 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
InPixio Photo Clip 7 (HKLM-x32\...\{829CAB57-8D17-49F8-A5B0-302B501FCEC2}) (Version: 7.7.0 - InPixio)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.1 - IObit)
IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.0.2.19 - IObit)
iTunes (HKLM\...\{7EE6E263-19DA-4A33-BB8C-9BDC12BA1918}) (Version: 12.7.3.46 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version: - Code Jelly)
LumaBook Designer 2.0 (HKLM-x32\...\LumaBook_LumaBook Designer 2.0) (Version: - )
Luminar 2018 (HKLM\...\{93FA5785-6E17-4768-A000-CA6AD4794ED4}) (Version: 1.0.0.1010 - Skylum) Hidden
Luminar 2018 (HKLM-x32\...\{2a30d72b-6ccc-453d-8ae2-70668c55f958}) (Version: 1.0.0.1010 - Skylum)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Mi PC Suite (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 63.0.3 (x86 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
mydlink services plugin (HKLM-x32\...\{1A9B665A-5F27-4F71-BF90-22FDFE7A1635}) (Version: 1.0.2.7 - D-Link Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.2.189 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.9.132 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.7.1.854 - Native Instruments)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
Octodad (HKLM-x32\...\Octodad) (Version: - )
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
OSDownloader (HKLM-x32\...\{C02C8C82-197C-46C1-AD18-EB0F5BF49F8A}_is1) (Version: 1.5 - OpenSubtitles.org)
Poker Mania v3.3.3 (HKLM-x32\...\Poker Mania_is1) (Version: - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.57 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.76 - REALTEK Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Roblox Player for Stel (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Roblox Player for Stel (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Stel (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden
Split Tunneling Driver (HKLM-x32\...\{F078B0B5-2F41-42C2-9162-B8C628D5E6FE}) (Version: 1.0.0.0 - ExpressVpn) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeaTV version 1.4.0 (HKLM-x32\...\{A8C3DF97-73C2-479D-9B75-3DFA3FC6DEB1}_is1) (Version: 1.4.0 - TeaTV)
TolorencTransof (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\TolorencTransof) (Version: 52.13 - OpolinSoma)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{b43a9ffa-5b79-4a1b-84b7-48c466c5d75c}) (Version: 4.3.1934.3766 - Lavasoft)
WhatsApp (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Who Is On My Wifi version 4.0.3 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 4.0.3 - IO3O LLC)
WinISO (HKLM-x32\...\WinISO) (Version: 6.1.0.4435 - WinISO Computing Inc.)
YouTube Downloader 4.6.995 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-08-09] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C8FEE19-C701-42AF-8BB1-6C4ABA597CC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {0CB9C088-23BC-483A-BF4A-E8E563D3DB07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-24] (Microsoft Corporation)
Task: {1D88EAEA-8ACC-4253-8CC5-6870D5AFAB10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {25A6C49A-4956-4059-95CC-C6DAC16F00E7} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {2A72462B-4B31-4E7F-809D-036B44065128} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
Task: {31F6A522-B823-46E8-B560-AF8FE20EEBED} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-18] (Adobe Systems Incorporated)
Task: {36CA512F-CD7E-4451-9FC3-441A562B955A} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {3AD4B70A-D58B-490B-AA2C-C1072BE7A954} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-24] (Microsoft Corporation)
Task: {3B61E633-9F43-46D3-AED2-BB63CFC0CF67} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {3C17BCC9-CA32-4F2F-A997-44F3AFC8B113} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {3E5F464E-349C-44EC-9AB8-8CC6925B0737} - System32\Tasks\SafeZone scheduled Autoupdate 1520715688 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {3E8A5BD8-51F1-4DF5-81CD-D47A25FF48D9} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {3FE8E5A2-A1A1-4565-9CF3-5180AC1B6A06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {41A7CD9F-815A-48BB-B91B-13422FAC32FA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {563B2977-3965-45F4-97E9-372CFC239A2A} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {5D461AC9-5565-4A10-BC23-114F98EA769A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {86BA2E84-1BEC-4730-8241-B95182371902} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-06] (Google Inc.)
Task: {8ABA9705-E2A7-4E07-BB33-FC62F20C3457} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
Task: {8F76E1C9-E0B2-4E63-8F87-BBED83200525} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {92A5F51B-1363-485D-BD79-9C11EB0E2398} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
Task: {98AEA4F5-65B1-4C69-9F94-DF5F983C25FD} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {99858E97-86F0-4E5C-A385-11546957020A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
Task: {9BB4E587-D8C0-4927-8397-B058B964DD1A} - System32\Tasks\HPCeeScheduleForStel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {AB6F85EF-2578-4DFF-B0E1-74FFB8E47F18} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {AEB4E9B7-86B9-445D-B635-91C1E024C97E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B38E56AD-7354-4A7B-AFC1-5B46943F4878} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
Task: {BC4B7670-69FE-43CC-80CE-463550E9CC39} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-26] ()
Task: {C2EC92CA-C4B8-4F4A-8F29-16B8A2134F55} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2016-10-04] (HP Inc.)
Task: {C8ED9658-D97D-4DB8-9F91-51E1CEF4D602} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-24] (Microsoft Corporation)
Task: {CDCD575E-249F-493A-8190-A30A2488C567} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-24] (Microsoft Corporation)
Task: {CE500C5D-EB4D-403B-BA12-CE1A6CD2B7B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
Task: {D2584687-5FA2-4933-BE7B-06CCDCA6BB9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-24] (Microsoft Corporation)
Task: {D350CD43-1CD3-41A0-95D4-8D9108C292E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.)
Task: {D65B24C7-D17D-41C4-A925-E27402F7DCE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-24] (Microsoft Corporation)
Task: {D6727694-C6D8-4ADB-80B1-B0BC56552F98} - System32\Tasks\Uninstaller_SkipUac_Stel => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-08-08] (IObit)
Task: {DB943FF8-CB70-4D1F-BE92-0F284BFA1DBF} - \AviraSystemSpeedupRemoval -> No File <==== ATTENTION
Task: {EC4D77B5-EAE4-4505-8714-D753856695EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {F929DE60-3D13-4F02-AC52-0F556C764293} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-06] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForStel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000444416 _____ () c:\windows\system32\SSDM.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-04-09 07:04 - 2018-04-09 07:04 - 000339168 _____ () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
2018-11-23 09:36 - 2018-10-18 08:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-11-23 09:36 - 2018-10-18 08:44 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-05-23 19:48 - 2018-09-22 21:41 - 000025888 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2018-05-23 19:48 - 2018-09-22 21:41 - 000017696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2018-05-23 19:48 - 2018-09-22 21:41 - 000037664 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2018-04-09 07:06 - 2018-04-09 07:06 - 008620160 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
2018-11-15 18:26 - 2018-11-01 08:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-22 10:12 - 2018-05-22 10:13 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-22 10:12 - 2018-05-22 10:13 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-22 10:12 - 2018-05-22 10:13 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-22 10:12 - 2018-05-22 10:13 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-04-17 09:54 - 2018-04-17 09:56 - 001922232 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2016-08-09 20:36 - 2016-08-09 20:36 - 000138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2018-06-09 07:40 - 2018-06-09 07:42 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-09 07:40 - 2018-06-09 07:42 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-12-13 20:50 - 2017-12-13 21:15 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-27 15:33 - 2018-04-27 15:38 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-29 21:37 - 2018-03-29 21:51 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-09 07:40 - 2018-06-09 07:42 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-09 07:40 - 2018-06-09 07:42 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-09 07:40 - 2018-06-09 07:42 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-31 20:57 - 2018-05-31 21:05 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-03-29 21:37 - 2018-03-29 21:51 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-05-19 04:01 - 2018-05-19 04:02 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-05-08 06:32 - 2018-05-08 06:32 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-04-09 07:06 - 2018-04-09 07:06 - 006164864 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\libxvclient.dll
2018-04-09 07:06 - 2018-04-09 07:06 - 000080512 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.NetworkUtils.dll
2018-04-09 07:04 - 2018-04-09 07:04 - 000303104 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll
2018-04-09 07:06 - 2018-04-09 07:06 - 000444032 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll
2018-08-25 08:56 - 2018-05-02 16:42 - 000442128 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-08-25 08:56 - 2018-05-02 16:42 - 000210704 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-08-25 08:56 - 2018-05-02 16:42 - 000059664 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-11-11 01:47 - 2018-11-24 09:45 - 000000106 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\46499186_356466551778852_6575050792179335168_n.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Dropbox"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{AE26523A-9305-47B0-9288-ECBE983DBB36}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{3AC9B039-A4A2-483C-BE96-C47A80029668}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{5EC4633E-B849-43D2-9298-48CDC1B0E894}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [UDP Query User{CF421C9B-674A-4127-B37A-1046AC3ACAAE}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{58AEFDB8-2E24-413A-8FBC-D648CBC8B3E0}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{50CA4BC6-E911-49E6-ABF4-004C659CADA8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3A3A29B5-C848-4F9A-B5D7-C7C16C315DA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5DB44406-7B3A-48C3-B9B5-F0EE700F39A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AC3E150D-58C3-42C2-A6A8-631FFE950394}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59472FB9-D055-4CE0-A949-45879404D79E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6C5D6B4-42AB-44AB-A836-220F3C139B04}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [UDP Query User{0120ABE1-27E0-4F28-B1FC-DFF258AD323D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{4A74A3F3-4FFB-41D7-8EE3-576E853C136B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{7A0A9980-F07C-4D3F-BDCB-DE35ACC749BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{21EA1D34-C7DA-4740-981B-3CCE44788C25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{D7BB1E04-E5FC-4CAF-A9CB-A15EBC7B3E3C}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [TCP Query User{729DE5B8-F0C1-4CE2-A04F-8D2379C8E4B6}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
FirewallRules: [UDP Query User{A460EB71-ED47-4145-96C4-DCC9E069AA51}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{867D1F5F-AC19-4391-BBD4-7BA11AFB6C61}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{ACC39E5D-AA91-46A4-B56D-632BFBBE0BDF}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{6C684A5E-922A-4C28-9B91-3B42B400000E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{601DB356-A82F-47B5-AE21-2B8E7EA247C4}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{EB1B6820-5E93-429C-B084-8D7E3999480C}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{3970DA8B-F32A-4454-9D8C-5A95849C4160}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{82BEF8BC-0C22-49F6-B131-46451474CEA7}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{D5AC0538-B828-477B-8D51-D919BA67E630}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{D596D5C8-8810-4188-BE5E-67BDEFF8DCE7}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe
FirewallRules: [{90FC7AE6-1B93-4D04-816D-15C3C09C4606}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{C9B4AEC4-09CE-45E3-BD28-122BC3C502F1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{EFB27A2E-942D-4A85-A3C8-D59A3F2D51EF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{99D15145-DE89-462E-A6AA-D51E87984E26}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{AB9852AE-B140-4195-A243-65F43BA1E625}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe
FirewallRules: [{DA83CB27-CA37-471D-8D5D-6D18CBB8BB25}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{A8A0A0CB-E6AF-466B-BC16-FF6BEE2D3858}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{3075A295-BED3-4229-98B8-5E93C391912C}] => (Allow) C:\Program Files\CyberLink\PowerDirector14\PDR10.EXE
FirewallRules: [{04581617-58B5-4FA7-8BF8-1615AB2E8A91}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{BBF5F5B2-519A-42DF-9764-B38A866C738A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{18427199-2951-42B8-877E-4254A1B1105D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{2B945FA9-D0FA-4B4A-B256-6DE81D52F16E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{2499E248-466D-44A4-B8AA-8D066788C817}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{8C86F27D-4659-4DAA-B537-A5DAC22B3BCF}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{4B4DCEC7-05E8-4B7A-BFB2-CD114F391A00}] => (Allow) C:\Users\Stel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{59F2DB27-FA36-4E8C-84E9-D18E1E41BD4F}] => (Allow) C:\Users\Stel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{45797643-616C-46EE-AE72-FBBF8EE4909D}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{390F6281-28BC-475A-8C81-DBA4A00F861D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{9370DAC2-1022-49A0-B14D-17B1F51A2A85}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{C39FA58B-1331-426A-B51A-589F20A5664F}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{60683615-6C82-4682-B48F-B8A08685E19B}] => (Allow) C:\Users\Stel\AppData\Local\Temp\andy-x86\Setup.exe
FirewallRules: [{FA91C014-19A0-47AF-AA18-2752EBB69EE5}] => (Allow) C:\Users\Stel\AppData\Local\Temp\andy-x86\Setup.exe
FirewallRules: [{AE90C2A0-15BD-49BF-AD5C-A31A50FCBBEF}] => (Allow) C:\Users\Stel\AppData\Local\MiPhoneManager\main\MiPCSuite.exe
FirewallRules: [TCP Query User{D8E96C6C-FBC6-405A-B758-EDADCAD22606}C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [UDP Query User{B76D5069-D2EA-44C5-9218-707BC5C39183}C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{AAE686C7-4190-4567-88A8-866C18027DC3}] => (Block) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{BDE17E6B-4CEF-4705-BD34-3F68ADF522C7}] => (Block) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe
FirewallRules: [{65646F10-0968-4E47-9CCB-304800628360}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{79BA30A7-F217-43EB-B712-B472AF6D16B8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C2342E78-138A-4A94-8ABF-28D8E9386E28}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe
FirewallRules: [TCP Query User{7F833BEC-8BC6-4473-BBCE-B3878F922F2A}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{AD0F15F5-3622-44D6-A903-CC573073AA3F}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{5408C287-4996-4230-A646-F1ACB19E7173}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
FirewallRules: [{CA709D91-292C-4A0B-A156-C6B0EF145FD3}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
FirewallRules: [{39B5BB85-FA53-410D-A129-773D526B0F2B}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
FirewallRules: [{149E7453-17C8-4A1D-B7D9-8575CB6D7BEF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{940C5FD9-6FB0-45EB-8C71-976FE009BC5D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E33E19C9-9FA6-4E76-8FC5-AD907DF4922F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A94988B6-06C9-44C2-81A4-01972B46E9D9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{55B6F2A3-E10E-414B-9D12-E8ED2A6CE869}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EE98A4E6-A8D0-4351-86FF-7D529D55DE19}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{509CC91D-A9E5-4ED9-B58C-2CCC262644B9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{01A937C1-74BC-44B9-94A2-EAE367CA6282}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{52D6EC32-1687-454E-8E5D-4657EA1D46BB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6D6AF77E-199B-41A6-A6EC-428C82BA1BC1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe

==================== Restore Points =========================

22-11-2018 15:47:37 Windows Update
24-11-2018 11:58:31 Removed Avira Software Updater

==================== Faulty Device Manager Devices =============

Name: ExpressVPN Tap Adapter
Description: ExpressVPN Tap Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2018 03:54:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
.

Λειτουργία:
Εκτέλεση ασύγχρονης λειτουργίας

Περιβάλλον:
Τρέχουσα κατάσταση: DoSnapshotSet

Error: (11/24/2018 03:51:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
.

Λειτουργία:
Εκτέλεση ασύγχρονης λειτουργίας

Περιβάλλον:
Τρέχουσα κατάσταση: DoSnapshotSet

Error: (11/24/2018 03:49:58 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/24/2018 03:49:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
.

Λειτουργία:
Εκτέλεση ασύγχρονης λειτουργίας

Περιβάλλον:
Τρέχουσα κατάσταση: DoSnapshotSet

Error: (11/24/2018 12:39:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
.

Λειτουργία:
Εκτέλεση ασύγχρονης λειτουργίας

Περιβάλλον:
Τρέχουσα κατάσταση: DoSnapshotSet

Error: (11/24/2018 11:58:32 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
.

Λειτουργία:
Εκτέλεση ασύγχρονης λειτουργίας

Περιβάλλον:
Τρέχουσα κατάσταση: DoSnapshotSet

Error: (11/24/2018 09:51:17 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
.

Λειτουργία:
Εκτέλεση ασύγχρονης λειτουργίας

Περιβάλλον:
Τρέχουσα κατάσταση: DoSnapshotSet

Error: (11/24/2018 09:50:26 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
.

Λειτουργία:
Εκτέλεση ασύγχρονης λειτουργίας

Περιβάλλον:
Τρέχουσα κατάσταση: DoSnapshotSet

System errors:
=============
Error: (11/24/2018 12:43:54 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O91JKA7N)
Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user LAPTOP-O91JKA7N\Stel SID (S-1-5-21-3063150416-1561372912-2056264558-1001) from address LocalHost (Χρήση LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (11/24/2018 08:49:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

Error: (11/24/2018 08:44:24 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O91JKA7N)
Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user LAPTOP-O91JKA7N\Stel SID (S-1-5-21-3063150416-1561372912-2056264558-1001) from address LocalHost (Χρήση LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (11/24/2018 08:44:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Εκκίνηση permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Μη διαθέσιμο
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

Error: (11/24/2018 08:43:39 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O91JKA7N)
Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user LAPTOP-O91JKA7N\Stel SID (S-1-5-21-3063150416-1561372912-2056264558-1001) from address LocalHost (Χρήση LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (11/24/2018 08:41:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

Error: (11/24/2018 08:41:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

Error: (11/23/2018 05:33:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-O91JKA7N)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

CodeIntegrity:
===================================

Date: 2018-11-24 08:55:17.829
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-24 08:55:17.822
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-23 14:13:30.161
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-23 14:13:30.154
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-23 10:28:48.906
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-11-23 10:28:48.902
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 59%
Total physical RAM: 5727.12 MB
Available physical RAM: 2332.54 MB
Total Virtual: 6111.12 MB
Available Virtual: 1887.11 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:223.55 GB) (Free:36.84 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.69 GB) (Free:1.64 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{119a53ae-490e-4345-8970-3e64334f06e4}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.45 GB) NTFS
\\?\Volume{3c9ffcd2-8c1e-4db0-ad41-44fd25c6e220}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: EC2B8572)

Partition: GPT.

==================== End of Addition.txt ============================
 
#10 ·
No obvious signs of malware there but lots of dubious entries
Firstly you are using illegal activation hacks for windows & office
then you are downloading through torrents and the downloaded files might well be infected

I won't work on a system that has pirated office or windows
Topic is now closed
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top