1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

In Progress Weird message and reoccurring alert from antivirus.

Discussion in 'Virus & Other Malware Removal' started by spoonthumb, Nov 22, 2018.

Thread Status:
Not open for further replies.
Advertisement
  1. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    109
    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 10 Home, 64 bit
    Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G, AMD64 Family 21 Model 101 Stepping 1
    Processor Count: 4
    RAM: 5727 Mb
    Graphics Card: AMD Radeon(TM) R5 Graphics, 384 Mb
    Hard Drives: C: 223 GB (34 GB Free); D: 13 GB (1 GB Free);
    Motherboard: HP, 81FA
    Antivirus: Avira Antivirus, Enabled and Updated

    I have recently been experiencing some odd messages on screen (see attached). Also my antivirus keeps finding virus and alerts me but they seem to keep coming back.
    How can I check to see whats wrong?
     
  2. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    109
    I try to upload file but cannot. I try to search on this site and cannot. Is it linked with my problem? I get message of a security error.
     
  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
  4. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    109
    I jumped the gun and uninstalled Avira and then re installed it. I also installed malwarebytes and now that keeps telling me it's blocking programs from accessing web due to trojan. It's blocking firefox, and various others. Date and time were all correct.
     
  5. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    109
    I don't have the options shown on the avira site. When I double click as shown I dont get 'web protection' I think it's only on pro version.
     
  6. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    109
    OK now my cursor is flying around the page on it's own.
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    lets see what this shows but I think we are going to need to completely uninstall Avira and use the inbuilt Windows Defender whilst troubleshooting


    Please download Farbar Recovery Scan Tool and save it to your Desktop or downloads folder.

    Note: You need to download and run the 64 bit version

    • Right click to run as administrator. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory/folder/place as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
     
  8. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    109
    Hope this helps.
    FRST.txt
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.11.2018
    Ran by Stel (administrator) on LAPTOP-O91JKA7N (24-11-2018 15:59:53)
    Running from C:\Users\Stel\Desktop
    Loaded Profiles: Stel (Available Profiles: defaultuser0 & Stel)
    Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Greek (Greece)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
    (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
    () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\pub\PubMonitor.exe
    (HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
    (Microsoft Corporation) C:\Windows\System32\CastSrv.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
    (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
    () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
    (Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
    HKLM\...\Run: [] => [X]
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
    HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5567760 2018-07-16] (IObit)
    HKLM-x32\...\Run: [] => [X]
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\Run: [uTorrent] => C:\Users\Stel\AppData\Roaming\uTorrent\uTorrent.exe [1738936 2018-11-10] (BitTorrent Inc.)
    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\Run: [] => [X]
    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [1455752 2018-11-18] (Adobe Systems Incorporated)
    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\MountPoints2: {200254ca-e983-11e7-9472-a86bad5c5a82} - "F:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\MountPoints2: {3a5ceabf-e169-11e7-946a-a86bad5c5a82} - "F:\Lenovo_Suite.exe"
    Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
    GroupPolicy: Restriction ? <==== ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\..\Interfaces\{50cdb8fb-6af4-4a26-a0bc-f9c177ed8d68}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{7b85f625-405f-415d-8486-0333de3f718c}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{7b85f625-405f-415d-8486-0333de3f718c}: [DhcpNameServer] 192.168.178.1
    Tcpip\..\Interfaces\{8e0106e5-c5b8-44c5-8de4-4b8ebf88d518}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{decb1322-c96d-4d6b-8763-4a80318ff280}: [DhcpNameServer] 10.10.57.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180523__ya[browser]
    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
    SearchScopes: HKU\S-1-5-21-3063150416-1561372912-2056264558-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180523__yaie&p={searchTerms}
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-11-24] (Microsoft Corporation)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-11-24] (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-24] (Microsoft Corporation)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-11-24] (Microsoft Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-24] (Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

    FireFox:
    ========
    FF DefaultProfile: fc7p2zb5.default-1542957740287
    FF ProfilePath: C:\Users\Stel\AppData\Roaming\Mozilla\Firefox\Profiles\fc7p2zb5.default-1542957740287 [2018-11-24]
    FF Extension: (Telemetry coverage) - C:\Users\Stel\AppData\Roaming\Mozilla\Firefox\Profiles\fc7p2zb5.default-1542957740287\features\{557b7c4f-0311-45e4-8896-5a1add59ee39}\[email protected] [2018-11-23] [Legacy]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_148.dll [2018-11-18] ()
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-11-24] (Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_148.dll [2018-11-18] ()
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-11-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-11-24] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
    FF Plugin HKU\S-1-5-21-3063150416-1561372912-2056264558-1001: www.mydlink.com/Uplayer -> C:\Users\Stel\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll [2015-12-11] (D-Link Corporation)

    Chrome:
    =======
    CHR Profile: C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default [2018-11-22]
    CHR Extension: (Slides) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-06]
    CHR Extension: (Docs) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-06]
    CHR Extension: (Google Drive) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-06]
    CHR Extension: (YouTube) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-06]
    CHR Extension: (Sheets) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-06]
    CHR Extension: (Google Docs Offline) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-19]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-23]
    CHR Extension: (Gmail) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-06]
    CHR Extension: (Chrome Media Router) - C:\Users\Stel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-27]
    CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-08-09] () [File not signed]
    S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-08-09] (Advanced Micro Devices) [File not signed]
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
    S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9669920 2018-11-02] (Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
    R2 ExpressVpnService; C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe [339168 2018-04-09] ()
    R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659456 2018-04-17] (Foxit Software Inc.)
    S4 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
    S4 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
    S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
    S4 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc.)
    S4 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
    R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2347280 2018-07-16] (IObit)
    S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [149776 2018-06-28] (IObit)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
    S4 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (Intel Security, Inc.)
    S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-09-13] (Realtek Semiconductor)
    S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
    S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970240 2018-05-20] ()
    S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [286720 2018-09-08] (Microsoft Corporation)
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
    R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-09-22] ()
    S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\NisSrv.exe [4633248 2018-04-17] (Microsoft Corporation)
    S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\MsMpEng.exe [104680 2018-04-17] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [313760 2016-08-26] (Advanced Micro Devices)
    R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27384 2016-08-26] (Advanced Micro Devices, INC.)
    R3 AmdGpio2; C:\WINDOWS\System32\drivers\AmdGpio2.sys [34032 2016-08-26] (Advanced Micro Devices, INC.)
    R3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [48880 2016-08-26] (Advanced Micro Devices, INC.)
    S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
    R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [78064 2016-08-26] (Advanced Micro Devices, Inc.)
    R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices, Inc. )
    R3 amduart; C:\WINDOWS\System32\drivers\amduart.sys [76304 2016-08-26] (Advanced Micro Devices, INC.)
    R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [118848 2016-08-26] (Advanced Micro Devices)
    S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-09-04] (Bluestack System Inc. )
    R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [104688 2016-10-12] (Realtek Semiconductor Corporation)
    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)
    S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVpn SplitTunnel Driver\driver\expressvpnsplittunnel.sys [28160 2018-04-09] ()
    R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44032 2018-03-20] (IObit.com)
    R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39232 2018-03-20] (IObit.com)
    R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40384 2018-03-20] (IObit)
    R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34048 2018-03-20] (IObit.com)
    S1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [41920 2018-06-27] (IObit.com)
    R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [51256 2018-04-04] (IObit.com)
    R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-05-12] (IObit)
    R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-05-15] (IObit)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-11-23] (Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-11-24] (Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-11-24] (Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-24] (Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-24] (Malwarebytes)
    S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [492520 2017-09-15] (McAfee LLC)
    S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108456 2017-11-14] (McAfee LLC.)
    S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115184 2017-09-15] (McAfee LLC)
    R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
    R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52728 2018-03-20] (IObit.com)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [963088 2017-08-22] (Realtek )
    R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [784264 2018-05-31] (Realtek Semiconductor Corporation)
    S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-09-23] (Realsil Semiconductor Corporation)
    R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corporation )
    R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated)
    S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [64104 2016-08-25] (Synaptics Incorporated)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
    S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-04-09] (The OpenVPN Project)
    S3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
    S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
    S4 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-04-17] (Microsoft Corporation)
    S4 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [311848 2018-04-17] (Microsoft Corporation)
    S4 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60456 2018-04-17] (Microsoft Corporation)
    R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP)
    S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-24 15:59 - 2018-11-24 16:00 - 000024945 _____ C:\Users\Stel\Desktop\FRST.txt
    2018-11-24 15:57 - 2018-11-24 15:58 - 002416640 _____ (Farbar) C:\Users\Stel\Desktop\FRST64.exe
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
    2018-11-24 10:10 - 2018-11-24 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
    2018-11-24 08:42 - 2018-11-24 15:53 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2018-11-24 08:42 - 2018-11-24 08:42 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2018-11-24 08:42 - 2018-11-24 08:42 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2018-11-24 08:42 - 2018-11-24 08:42 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2018-11-23 14:03 - 2018-11-23 15:50 - 000000000 ____D C:\Users\Stel\Downloads\Microsoft Office Professional Plus 2016 (x86+x64) v16.0.4738.1000 November 2018 + Activator [CracksMind]
    2018-11-23 10:16 - 2018-11-23 10:16 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
    2018-11-23 10:15 - 2018-11-23 10:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avira
    2018-11-23 09:45 - 2018-11-23 09:45 - 000000000 ____D C:\Users\Stel\AppData\Local\mbam
    2018-11-23 09:36 - 2018-11-23 09:36 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2018-11-23 09:36 - 2018-11-23 09:36 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2018-11-23 09:36 - 2018-11-23 09:36 - 000000000 ____D C:\Users\Stel\AppData\Local\mbamtray
    2018-11-23 09:36 - 2018-11-23 09:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2018-11-23 09:36 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2018-11-23 09:35 - 2018-11-23 09:35 - 000000000 ____D C:\ProgramData\Malwarebytes
    2018-11-23 09:35 - 2018-11-23 09:35 - 000000000 ____D C:\Program Files\Malwarebytes
    2018-11-23 09:22 - 2018-11-23 09:22 - 000000000 ____D C:\Users\Stel\Desktop\Old Firefox Data
    2018-11-22 18:06 - 2018-11-23 09:49 - 000000000 ____D C:\ProgramData\KMSAuto
    2018-11-22 18:03 - 2018-11-22 18:03 - 000000000 ____D C:\Users\Stel\AppData\Local\TolorencTransof
    2018-11-22 18:02 - 2018-11-22 18:02 - 000000000 ____D C:\ProgramData\Chemtable Software
    2018-11-22 17:59 - 2012-07-15 07:18 - 000030720 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapoas.sys
    2018-11-22 17:57 - 2018-11-22 18:06 - 000000000 ____D C:\Users\Stel\AppData\Local\MSfree Inc
    2018-11-22 17:51 - 2018-11-22 18:29 - 000000000 ____D C:\Users\Stel\AppData\Local\ChemTable Software
    2018-11-22 17:42 - 2018-11-22 17:42 - 000000000 ____D C:\Users\Stel\AppData\Roaming\Skype
    2018-11-22 17:39 - 2018-11-22 17:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
    2018-11-22 17:28 - 2018-11-24 10:12 - 000000000 ____D C:\Program Files\Microsoft Office
    2018-11-22 17:28 - 2018-11-22 17:28 - 000000000 ____D C:\Program Files\Microsoft Office 15
    2018-11-22 17:21 - 2018-11-22 17:21 - 000000000 ____D C:\Users\Stel\Downloads\The Official UK Top 40 Singles Chart (16.11.2018) Mp3 (320kbps) [Hunter]
    2018-11-22 17:21 - 2018-11-22 17:21 - 000000000 ____D C:\Users\Stel\Downloads\Mumford & Sons - Delta (2018) Mp3 (320kbps) [Hunter]
    2018-11-22 14:04 - 2018-11-22 14:28 - 000000000 ____D C:\Users\Stel\Downloads\Thunderbird.6.1968.720p.BluRay.H264.AAC-RARBG
    2018-11-22 13:57 - 2018-11-22 14:04 - 444929441 ____R C:\Users\Stel\Downloads\the.breaker.upperers.2018.720p.bluray.hevc.x265.rmteam.mkv
    2018-11-21 18:43 - 2018-11-21 18:49 - 289867849 ____R C:\Users\Stel\Downloads\The.Rookie.S01E02.720p.HDTV.x265-MiNX[eztv].mkv
    2018-11-21 16:25 - 2018-11-21 16:30 - 000000000 ____D C:\Users\Stel\Downloads\The.Rookie.S01E04.720p.HDTV.x265-MiNX[TGx]
    2018-11-21 16:19 - 2018-11-21 16:24 - 000000000 ____D C:\Users\Stel\Downloads\The.Rookie.S01E03.HDTV.x264-SVA[rarbg]
    2018-11-21 16:13 - 2018-11-21 16:19 - 302130937 _____ C:\Users\Stel\Downloads\The.Rookie.S01E01.720p.HDTV.x265-MiNX[eztv].mkv
    2018-11-21 16:01 - 2018-11-21 16:09 - 000000000 ____D C:\Users\Stel\Downloads\A-X-L (2018) [WEBRip] [720p] [YTS.AM]
    2018-11-21 15:38 - 2018-11-21 15:57 - 000000000 ____D C:\Users\Stel\Downloads\Searching (2018) [WEBRip] [1080p] [YTS.AM]
    2018-11-21 01:16 - 2018-11-21 01:20 - 000000000 ____D C:\Users\Stel\Downloads\Back For The First Time
    2018-11-21 01:15 - 2018-11-21 01:18 - 000000000 ____D C:\Users\Stel\Downloads\Ludacris - Ludaversal (Deluxe Edition) [MP3] [2015]
    2018-11-19 13:09 - 2018-11-19 14:14 - 000000000 ____D C:\Users\Stel\Downloads\The.Ballad.of.Buster.Scruggs.2018.HDRip.XviD.AC3-EVO[EtMovies]
    2018-11-18 11:18 - 2018-11-18 11:33 - 217613233 _____ C:\Users\Stel\Downloads\this.old.house.s40e07.modern.barn.raising.hdtv.x264-w4f[eztv].mkv
    2018-11-15 18:26 - 2018-11-01 13:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2018-11-15 18:26 - 2018-11-01 13:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2018-11-15 18:26 - 2018-11-01 13:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2018-11-15 18:26 - 2018-11-01 13:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2018-11-15 18:26 - 2018-11-01 13:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2018-11-15 18:26 - 2018-11-01 13:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2018-11-15 18:26 - 2018-11-01 13:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
    2018-11-15 18:26 - 2018-11-01 13:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2018-11-15 18:26 - 2018-11-01 13:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2018-11-15 18:26 - 2018-11-01 13:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2018-11-15 18:26 - 2018-11-01 13:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2018-11-15 18:26 - 2018-11-01 13:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2018-11-15 18:26 - 2018-11-01 13:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2018-11-15 18:26 - 2018-11-01 13:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2018-11-15 18:26 - 2018-11-01 13:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
    2018-11-15 18:26 - 2018-11-01 12:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2018-11-15 18:26 - 2018-11-01 11:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2018-11-15 18:26 - 2018-11-01 11:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2018-11-15 18:26 - 2018-11-01 11:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2018-11-15 18:26 - 2018-11-01 11:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2018-11-15 18:26 - 2018-11-01 11:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2018-11-15 18:26 - 2018-11-01 11:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2018-11-15 18:26 - 2018-11-01 11:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2018-11-15 18:26 - 2018-11-01 09:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2018-11-15 18:26 - 2018-11-01 09:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
    2018-11-15 18:26 - 2018-11-01 09:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
    2018-11-15 18:26 - 2018-11-01 09:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2018-11-15 18:26 - 2018-11-01 09:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2018-11-15 18:26 - 2018-11-01 09:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2018-11-15 18:26 - 2018-11-01 09:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2018-11-15 18:26 - 2018-11-01 09:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2018-11-15 18:26 - 2018-11-01 09:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2018-11-15 18:26 - 2018-11-01 09:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2018-11-15 18:26 - 2018-11-01 09:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2018-11-15 18:26 - 2018-11-01 09:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2018-11-15 18:26 - 2018-11-01 09:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2018-11-15 18:26 - 2018-11-01 09:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2018-11-15 18:26 - 2018-11-01 09:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2018-11-15 18:26 - 2018-11-01 09:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2018-11-15 18:26 - 2018-11-01 09:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2018-11-15 18:26 - 2018-11-01 09:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2018-11-15 18:26 - 2018-11-01 09:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2018-11-15 18:26 - 2018-11-01 09:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2018-11-15 18:26 - 2018-11-01 09:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2018-11-15 18:26 - 2018-11-01 09:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2018-11-15 18:26 - 2018-11-01 09:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2018-11-15 18:26 - 2018-11-01 09:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
    2018-11-15 18:26 - 2018-11-01 09:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2018-11-15 18:26 - 2018-11-01 09:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2018-11-15 18:26 - 2018-11-01 09:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2018-11-15 18:26 - 2018-11-01 09:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2018-11-15 18:26 - 2018-11-01 09:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2018-11-15 18:26 - 2018-11-01 09:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2018-11-15 18:26 - 2018-11-01 09:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2018-11-15 18:26 - 2018-11-01 09:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2018-11-15 18:26 - 2018-11-01 09:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2018-11-15 18:26 - 2018-11-01 09:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2018-11-15 18:26 - 2018-11-01 09:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2018-11-15 18:26 - 2018-11-01 08:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2018-11-15 18:26 - 2018-11-01 08:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2018-11-15 18:26 - 2018-11-01 08:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
    2018-11-15 18:26 - 2018-11-01 08:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2018-11-15 18:26 - 2018-11-01 08:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2018-11-15 18:26 - 2018-11-01 08:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2018-11-15 18:26 - 2018-11-01 08:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2018-11-15 18:26 - 2018-11-01 08:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2018-11-15 18:26 - 2018-11-01 08:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2018-11-15 18:26 - 2018-11-01 08:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2018-11-15 18:26 - 2018-11-01 08:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
    2018-11-15 18:26 - 2018-11-01 08:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2018-11-15 18:26 - 2018-11-01 08:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2018-11-15 18:26 - 2018-11-01 08:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2018-11-15 18:26 - 2018-11-01 08:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2018-11-15 18:26 - 2018-11-01 08:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2018-11-15 18:26 - 2018-11-01 08:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2018-11-15 18:26 - 2018-11-01 08:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2018-11-15 18:26 - 2018-11-01 08:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2018-11-15 18:26 - 2018-11-01 08:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2018-11-15 18:26 - 2018-11-01 08:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2018-11-15 18:26 - 2018-11-01 08:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2018-11-15 18:26 - 2018-11-01 08:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2018-11-15 18:26 - 2018-11-01 08:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2018-11-15 18:26 - 2018-11-01 07:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2018-11-15 18:26 - 2018-11-01 06:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2018-11-15 18:26 - 2018-11-01 06:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2018-11-15 18:26 - 2018-11-01 06:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
    2018-11-15 18:26 - 2018-11-01 06:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2018-11-15 18:26 - 2018-11-01 06:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2018-11-15 18:26 - 2018-11-01 06:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2018-11-15 18:26 - 2018-11-01 06:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2018-11-15 18:26 - 2018-11-01 06:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2018-11-15 18:26 - 2018-11-01 06:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2018-11-15 18:26 - 2018-11-01 06:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2018-11-15 18:26 - 2018-11-01 06:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2018-11-15 18:26 - 2018-11-01 06:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2018-11-15 18:26 - 2018-11-01 06:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2018-11-15 18:26 - 2018-11-01 06:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2018-11-15 18:26 - 2018-11-01 06:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2018-11-15 18:26 - 2018-11-01 06:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2018-11-15 18:26 - 2018-11-01 06:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2018-11-15 18:26 - 2018-11-01 06:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2018-11-15 18:26 - 2018-11-01 06:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2018-11-15 18:26 - 2018-11-01 06:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2018-11-15 18:26 - 2018-11-01 06:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2018-11-15 18:26 - 2018-11-01 06:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2018-11-15 18:26 - 2018-11-01 06:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2018-11-15 18:26 - 2018-11-01 06:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
    2018-11-15 18:26 - 2018-11-01 06:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
    2018-11-15 18:26 - 2018-11-01 06:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2018-11-15 18:26 - 2018-11-01 06:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2018-11-15 18:26 - 2018-11-01 06:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
    2018-11-15 18:26 - 2018-11-01 06:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2018-11-15 18:26 - 2018-11-01 06:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2018-11-15 18:26 - 2018-11-01 06:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2018-11-15 18:26 - 2018-11-01 06:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2018-11-15 18:26 - 2018-11-01 06:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
    2018-11-15 18:26 - 2018-11-01 06:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2018-11-15 18:26 - 2018-11-01 06:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2018-11-15 18:26 - 2018-11-01 06:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2018-11-15 18:26 - 2018-11-01 06:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2018-11-15 18:26 - 2018-10-21 15:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2018-11-15 18:26 - 2018-10-21 15:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2018-11-15 18:26 - 2018-10-21 15:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2018-11-15 18:26 - 2018-10-21 15:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2018-11-15 18:26 - 2018-10-21 15:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2018-11-15 18:26 - 2018-10-21 14:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
    2018-11-15 18:26 - 2018-10-21 14:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2018-11-15 18:26 - 2018-10-21 14:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2018-11-15 18:26 - 2018-10-21 14:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2018-11-15 18:26 - 2018-10-21 14:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
    2018-11-15 18:26 - 2018-10-21 14:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2018-11-15 18:26 - 2018-10-21 14:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
    2018-11-15 18:26 - 2018-10-21 14:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
    2018-11-15 18:26 - 2018-10-21 14:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2018-11-15 18:26 - 2018-10-21 14:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2018-11-15 18:26 - 2018-10-21 14:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
    2018-11-15 18:26 - 2018-10-21 14:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2018-11-15 18:26 - 2018-10-21 13:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2018-11-15 18:26 - 2018-10-21 13:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2018-11-15 18:26 - 2018-10-21 13:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
    2018-11-15 18:26 - 2018-10-21 13:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
    2018-11-15 18:26 - 2018-10-21 13:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2018-11-15 18:26 - 2018-10-21 13:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2018-11-15 18:26 - 2018-10-21 13:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2018-11-15 18:26 - 2018-10-21 13:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2018-11-15 18:26 - 2018-10-21 13:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
    2018-11-15 18:26 - 2018-10-21 13:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2018-11-15 18:26 - 2018-10-21 13:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
    2018-11-15 18:26 - 2018-10-21 09:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2018-11-15 18:26 - 2018-10-21 09:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
    2018-11-15 18:26 - 2018-10-21 09:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
    2018-11-15 18:26 - 2018-10-21 09:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2018-11-15 18:26 - 2018-10-21 09:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2018-11-15 18:26 - 2018-10-21 09:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2018-11-15 18:26 - 2018-10-21 09:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
    2018-11-15 18:26 - 2018-10-21 09:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2018-11-15 18:26 - 2018-10-21 09:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
    2018-11-15 18:26 - 2018-10-21 09:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2018-11-15 18:26 - 2018-10-21 09:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2018-11-15 18:26 - 2018-10-21 09:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2018-11-15 18:26 - 2018-10-21 09:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2018-11-15 18:26 - 2018-10-21 09:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2018-11-15 18:26 - 2018-10-21 09:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2018-11-15 18:26 - 2018-10-21 09:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2018-11-15 18:26 - 2018-10-21 09:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
    2018-11-15 18:26 - 2018-10-21 09:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2018-11-15 18:26 - 2018-10-21 09:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2018-11-15 18:26 - 2018-10-21 09:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2018-11-15 18:26 - 2018-10-21 09:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2018-11-15 18:26 - 2018-10-21 09:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
    2018-11-15 18:26 - 2018-10-21 09:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
    2018-11-15 18:26 - 2018-10-21 09:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
    2018-11-15 18:26 - 2018-10-21 09:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2018-11-15 18:26 - 2018-10-21 09:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2018-11-15 18:26 - 2018-10-21 09:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
    2018-11-15 18:26 - 2018-10-21 09:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
    2018-11-15 18:26 - 2018-10-21 09:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
    2018-11-15 18:26 - 2018-10-21 09:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2018-11-15 18:26 - 2018-10-21 09:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
    2018-11-15 18:26 - 2018-10-21 09:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
    2018-11-15 18:26 - 2018-10-21 09:18 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
    2018-11-15 18:26 - 2018-10-21 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
    2018-11-15 18:26 - 2018-10-21 09:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
    2018-11-15 18:26 - 2018-10-21 09:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2018-11-15 18:26 - 2018-10-21 09:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
    2018-11-15 18:26 - 2018-10-21 09:17 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
    2018-11-15 18:26 - 2018-10-21 09:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2018-11-15 18:26 - 2018-10-21 09:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2018-11-15 18:26 - 2018-10-21 09:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2018-11-15 18:26 - 2018-10-21 09:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
    2018-11-15 18:26 - 2018-10-21 09:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
    2018-11-15 18:26 - 2018-10-21 09:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2018-11-15 18:26 - 2018-10-21 09:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2018-11-15 18:26 - 2018-10-21 09:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2018-11-15 18:26 - 2018-10-21 09:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2018-11-15 18:26 - 2018-10-21 09:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
    2018-11-15 18:26 - 2018-10-21 09:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2018-11-15 18:26 - 2018-10-21 09:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2018-11-15 18:26 - 2018-10-21 09:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
    2018-11-15 18:26 - 2018-10-21 09:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2018-11-15 18:26 - 2018-10-21 09:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2018-11-15 18:26 - 2018-10-21 09:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2018-11-15 18:26 - 2018-10-21 09:14 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2018-11-15 18:26 - 2018-10-21 09:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2018-11-15 18:26 - 2018-10-21 09:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2018-11-15 18:26 - 2018-10-21 09:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2018-11-15 18:26 - 2018-10-21 09:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2018-11-15 18:26 - 2018-10-21 09:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2018-11-15 18:26 - 2018-10-21 09:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2018-11-15 18:26 - 2018-10-21 09:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2018-11-15 18:26 - 2018-10-21 09:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
    2018-11-15 18:26 - 2018-10-21 09:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2018-11-15 18:26 - 2018-10-21 09:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
    2018-11-15 18:26 - 2018-10-21 08:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2018-11-15 18:26 - 2018-10-21 08:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
    2018-11-15 18:26 - 2018-10-21 08:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2018-11-15 18:26 - 2018-10-21 08:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2018-11-15 18:26 - 2018-10-21 07:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
    2018-11-15 18:26 - 2018-10-21 07:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
    2018-11-15 18:26 - 2018-04-28 06:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2018-11-15 18:25 - 2018-11-01 13:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2018-11-15 18:25 - 2018-11-01 13:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2018-11-15 18:25 - 2018-11-01 13:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
    2018-11-15 18:25 - 2018-11-01 13:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
    2018-11-15 18:25 - 2018-11-01 13:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2018-11-15 18:25 - 2018-11-01 11:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
    2018-11-15 18:25 - 2018-11-01 11:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
    2018-11-15 18:25 - 2018-11-01 11:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
    2018-11-15 18:25 - 2018-11-01 09:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
    2018-11-15 18:25 - 2018-11-01 09:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
    2018-11-15 18:25 - 2018-11-01 09:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
    2018-11-15 18:25 - 2018-11-01 09:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2018-11-15 18:25 - 2018-11-01 08:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
    2018-11-15 18:25 - 2018-11-01 08:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
    2018-11-15 18:25 - 2018-11-01 08:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2018-11-15 18:25 - 2018-11-01 08:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
    2018-11-15 18:25 - 2018-11-01 08:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
    2018-11-15 18:25 - 2018-11-01 08:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2018-11-15 18:25 - 2018-11-01 08:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2018-11-15 18:25 - 2018-11-01 07:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
    2018-11-15 18:25 - 2018-11-01 06:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2018-11-15 18:25 - 2018-11-01 06:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2018-11-15 18:25 - 2018-11-01 06:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2018-11-15 18:25 - 2018-11-01 06:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2018-11-15 18:25 - 2018-11-01 06:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
    2018-11-15 18:25 - 2018-11-01 06:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2018-11-15 18:25 - 2018-10-21 14:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2018-11-15 18:25 - 2018-10-21 14:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
    2018-11-15 18:25 - 2018-10-21 14:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
    2018-11-15 18:25 - 2018-10-21 13:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
    2018-11-15 18:25 - 2018-10-21 11:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2018-11-15 18:25 - 2018-10-21 10:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2018-11-15 18:25 - 2018-10-21 09:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
    2018-11-15 18:25 - 2018-10-21 09:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2018-11-15 18:25 - 2018-10-21 09:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
    2018-11-15 18:25 - 2018-10-21 09:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
    2018-11-15 18:25 - 2018-10-21 09:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
    2018-11-15 18:25 - 2018-10-21 09:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
    2018-11-15 18:25 - 2018-10-21 09:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
    2018-11-15 18:25 - 2018-10-21 09:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2018-11-15 18:25 - 2018-10-21 09:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2018-11-15 18:25 - 2018-10-21 09:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
    2018-11-15 18:25 - 2018-10-21 08:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2018-11-13 14:57 - 2018-11-13 15:49 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - November 2018 (True PDF)
    2018-11-13 14:56 - 2018-11-13 15:30 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - November 1 2018 (True PDF)
    2018-11-11 03:50 - 2018-11-11 04:00 - 000000000 ____D C:\Users\Stel\Downloads\VA-London_Tea_Party_Lounge_Chillout_2018
    2018-11-11 03:33 - 2018-11-11 03:50 - 000000000 ____D C:\Users\Stel\Downloads\VA-50_Ultimate_House_Tracks_Workout_Edition
    2018-11-11 03:30 - 2018-11-11 03:33 - 000000000 ____D C:\Users\Stel\Downloads\Imagine_Dragons-Origins-(Deluxe_Edition)-2018-RiBS
    2018-11-11 03:27 - 2018-11-11 03:30 - 000000000 ____D C:\Users\Stel\Downloads\Muse-Simulation_Theory-(Deluxe_Edition)-2018-RiBS
    2018-11-11 03:17 - 2018-11-11 03:27 - 000000000 ____D C:\Users\Stel\Downloads\Jordan B. Peterson - 12 Rules for Life An Antidote to Chaos (Unabridged)
    2018-11-08 07:58 - 2018-11-08 08:12 - 000000000 ____D C:\Users\Stel\Downloads\Luis & The Aliens (2018) [BluRay] [720p] [YTS.AM]
    2018-11-08 07:40 - 2018-11-08 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2018-11-06 15:06 - 2018-11-06 15:06 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2018-11-06 15:06 - 2018-11-06 15:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2018-11-06 15:06 - 2018-11-06 15:06 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2018-11-06 15:06 - 2018-11-06 15:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2018-11-06 10:17 - 2018-11-06 12:08 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House March 2018
    2018-11-05 18:35 - 2018-11-06 22:00 - 000000000 ____D C:\Users\Stel\Downloads\Beatport Top 100 House May 2017 [MWBP]
    2018-11-05 18:35 - 2018-11-06 12:27 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House July 2018
    2018-11-05 17:29 - 2018-11-05 18:01 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House April 2018
    2018-11-05 17:21 - 2018-11-05 17:29 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House February 2018
    2018-11-05 16:54 - 2018-11-05 17:03 - 000000000 ____D C:\Users\Stel\Downloads\Deep and Sexy 20 Deep House and Funky House Music Tunes Vol 4
    2018-11-05 16:46 - 2018-11-05 17:21 - 000000000 ____D C:\Users\Stel\Downloads\Beatport And Traxsource Best House January 2018
    2018-11-05 16:34 - 2018-11-05 16:46 - 000000000 ____D C:\Users\Stel\Downloads\VA-King_Size_Deep-House_Vol_1
    2018-11-05 16:19 - 2018-11-05 16:34 - 000000000 ____D C:\Users\Stel\Downloads\Top50 Tracks Deep House Ver.5 (2018)
    2018-11-05 15:51 - 2018-11-05 16:19 - 000000000 ____D C:\Users\Stel\Downloads\Deep-House Jam Vol.3 (The Best Deep-House) (2018)
    2018-11-05 15:51 - 2018-11-05 15:51 - 000000000 ____D C:\Users\Stel\Downloads\VA - Ministry Of Sound Deep House Anthems (2018) Mp3 (320kbps) [Hunter]
    2018-11-03 00:04 - 2018-11-03 00:09 - 000000000 ____D C:\Users\Stel\Downloads\Diana Krall - Turn Up the Quiet (2017) flac
    2018-11-02 19:01 - 2018-11-03 00:04 - 000000000 ____D C:\Users\Stel\Downloads\2xHD - Audiophile Hi-Res System Test
    2018-11-02 18:59 - 2018-11-02 22:31 - 000000000 ____D C:\Users\Stel\Downloads\Mike.Oldfield.Return.To_Ommadawn.Deluxe.Edition.2017
    2018-11-02 18:45 - 2018-11-02 18:53 - 000000000 ____D C:\Users\Stel\Downloads\Daft Punk - Random Access Memories (2013) [FLAC]
    2018-11-02 18:32 - 2018-11-02 18:39 - 000000000 ____D C:\Users\Stel\Downloads\Laurie Anderson and Kronos Quartet - Landfall (2018)(FLAC)(CD)
    2018-11-02 11:35 - 2018-11-02 12:29 - 000000000 ____D C:\Users\Stel\Downloads\THE MILLION DOLLAR SCREENPLAY! Write your movie today
    2018-11-02 11:01 - 2018-11-02 11:05 - 089051905 _____ C:\Users\Stel\Downloads\Stock Trading Ninja - Learn How To Make Money Trading Stocks.rar
    2018-11-01 21:40 - 2018-11-01 22:14 - 000000000 ____D C:\Users\Stel\Downloads\The Equalizer 2 (2018) [WEBRip] [720p] [YTS.AM]
    2018-10-31 22:12 - 2018-10-31 22:41 - 000000000 ____D C:\Users\Stel\Downloads\Alpha (2018) [WEBRip] [720p] [YTS.AM]
    2018-10-31 22:00 - 2018-10-31 22:03 - 000000000 ____D C:\Users\Stel\Downloads\Queen - Bohemian Rhapsody (The Original Soundtrack) (2018) [320]
    2018-10-31 12:44 - 2018-10-31 12:45 - 026210808 _____ C:\Users\Stel\Desktop\trooper_1999.pdf
    2018-10-29 12:31 - 2018-11-01 16:44 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 21 2018 (True PDF)
    2018-10-29 12:30 - 2018-11-08 07:34 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 28 2018 (True PDF)
    2018-10-29 12:28 - 2018-11-01 16:44 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 12 2018 (True PDF)- [GloDLS]
    2018-10-28 22:14 - 2018-11-23 10:18 - 000000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForStel.job
    2018-10-28 22:14 - 2018-11-22 23:22 - 000003248 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForStel
    2018-10-26 11:45 - 2018-10-26 13:48 - 000000000 ____D C:\Users\Stel\Downloads\Incredibles 2 (2018) [WEBRip] [1080p] [YTS.AM]

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-24 15:59 - 2018-01-11 19:24 - 000000000 ____D C:\FRST
    2018-11-24 15:56 - 2017-12-01 21:43 - 000000000 ___RD C:\Users\Stel\Desktop\Cleaning
    2018-11-24 15:55 - 2016-10-24 03:43 - 000000000 ____D C:\ProgramData\Package Cache
    2018-11-24 15:49 - 2018-06-09 13:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2018-11-24 15:49 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2018-11-24 14:42 - 2018-07-05 15:48 - 000000740 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
    2018-11-24 10:11 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2018-11-24 10:11 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
    2018-11-24 09:49 - 2017-11-24 19:15 - 000000000 ____D C:\Users\Stel\AppData\Roaming\uTorrent
    2018-11-24 09:46 - 2017-11-24 16:46 - 000000000 ____D C:\Users\Stel\AppData\LocalLow\Mozilla
    2018-11-24 08:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2018-11-24 08:48 - 2018-06-09 13:19 - 001675524 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2018-11-24 08:48 - 2018-04-12 18:15 - 000636590 _____ C:\WINDOWS\system32\perfh008.dat
    2018-11-24 08:48 - 2018-04-12 18:15 - 000128784 _____ C:\WINDOWS\system32\perfc008.dat
    2018-11-24 08:41 - 2018-06-09 13:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2018-11-23 17:33 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2018-11-23 17:33 - 2017-03-19 01:04 - 000065536 _____ C:\WINDOWS\psp_storage.bin
    2018-11-23 14:15 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2018-11-23 13:52 - 2017-11-24 16:42 - 000000000 ____D C:\Users\Stel\AppData\Roaming\vlc
    2018-11-23 10:18 - 2018-06-09 13:16 - 000499952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2018-11-23 10:18 - 2018-01-09 13:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-11-23 10:18 - 2018-01-09 13:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2018-11-22 22:09 - 2018-08-11 19:58 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - July 1 2018 (True PDF)
    2018-11-22 18:02 - 2017-12-13 12:27 - 000000000 ____D C:\Users\Stel\AppData\Local\Packages
    2018-11-22 17:55 - 2017-12-01 21:42 - 000000000 ___RD C:\Users\Stel\Desktop\Internet and PC & Games
    2018-11-22 17:54 - 2018-06-09 13:28 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2018-11-22 17:53 - 2018-06-09 13:28 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2018-11-22 14:17 - 2018-09-03 16:14 - 000000000 ____D C:\Users\Stel\Desktop\Alexander & Timothy Hospital
    2018-11-21 14:35 - 2018-06-09 11:23 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2018-11-21 14:32 - 2016-07-16 13:47 - 000000108 _____ C:\WINDOWS\win.ini
    2018-11-21 06:55 - 2018-06-10 13:51 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - June 8 2018 (True PDF)
    2018-11-21 06:54 - 2018-01-01 20:26 - 000000000 ____D C:\Users\Stel\Desktop\Mags To Keep
    2018-11-20 15:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2018-11-20 08:09 - 2018-01-10 16:07 - 000000000 ____D C:\ProgramData\IObit
    2018-11-19 23:55 - 2018-06-09 13:19 - 000000000 ____D C:\Users\Stel
    2018-11-19 18:29 - 2018-01-10 16:07 - 000000000 ____D C:\ProgramData\ProductData
    2018-11-18 23:26 - 2018-09-18 21:14 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2018-11-18 23:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2018-11-18 23:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2018-11-18 23:26 - 2017-12-03 16:34 - 000000000 ____D C:\Users\Stel\AppData\Local\Adobe
    2018-11-18 16:42 - 2018-07-02 23:22 - 000000000 ____D C:\Users\Stel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
    2018-11-17 01:00 - 2018-04-12 01:41 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2018-11-17 01:00 - 2018-04-12 01:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2018-11-16 23:16 - 2018-06-09 13:28 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3063150416-1561372912-2056264558-1001
    2018-11-16 23:16 - 2018-06-09 13:19 - 000002371 _____ C:\Users\Stel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2018-11-16 23:16 - 2017-11-24 16:08 - 000000000 ___RD C:\Users\Stel\OneDrive
    2018-11-16 20:31 - 2017-11-26 11:00 - 000000000 ____D C:\Program Files\rempl
    2018-11-15 21:53 - 2017-12-02 12:03 - 000000000 ___RD C:\Users\Stel\3D Objects
    2018-11-15 21:53 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
    2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
    2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
    2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
    2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2018-11-15 21:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
    2018-11-15 18:25 - 2017-11-25 20:05 - 000000000 ____D C:\WINDOWS\system32\MRT
    2018-11-15 18:10 - 2017-11-25 20:04 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2018-11-15 17:44 - 2018-02-06 23:03 - 000002314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-11-09 08:45 - 2018-09-30 17:30 - 000000000 ____D C:\Users\Stel\Desktop\Wedding Invoices to move
    2018-11-08 07:40 - 2016-10-24 03:45 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2018-11-04 21:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
    2018-11-03 16:03 - 2018-02-16 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
    2018-11-03 16:03 - 2018-02-16 22:42 - 000000000 ____D C:\Program Files (x86)\Free YouTube Downloader
    2018-11-03 15:35 - 2017-11-25 12:56 - 000000000 ____D C:\Users\Stel\AppData\Roaming\MediaMonkey
    2018-11-02 17:50 - 2017-12-24 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
    2018-11-02 17:50 - 2017-12-24 00:21 - 000000000 ____D C:\Program Files (x86)\MediaMonkey
    2018-11-02 17:50 - 2017-12-01 21:44 - 000000000 ___RD C:\Users\Stel\Desktop\Audio Visual
    2018-10-30 19:46 - 2018-10-17 18:17 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - October 7 2018 (True PDF) - [GloDLS]
    2018-10-30 19:43 - 2018-09-23 00:29 - 000000000 ____D C:\Users\Stel\Downloads\2 Antoni mags
    2018-10-28 22:26 - 2018-02-19 13:37 - 000000000 ___RD C:\Users\Stel\Desktop\Photos 2018
    2018-10-28 22:23 - 2017-12-01 16:56 - 000000000 ____D C:\Users\Stel\Desktop\Shop Hair etc
    2018-10-28 07:26 - 2018-09-23 00:26 - 000000000 ____D C:\Users\Stel\Downloads\1 Assorted Hi Fi & Tech mags
    2018-10-27 22:05 - 2018-08-11 14:22 - 000000000 ____D C:\Users\Stel\Downloads\Assorted Magazines - August 7 2018 (True PDF)

    ==================== Files in the root of some directories =======

    2018-01-01 23:19 - 2018-01-01 23:19 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_010118_231944.txt
    2018-03-09 20:46 - 2018-03-09 20:46 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_030918_204624.txt
    2017-12-01 22:33 - 2017-12-01 22:33 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120117_223327.txt
    2017-12-01 22:35 - 2017-12-01 22:35 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120117_223512.txt
    2017-12-03 17:27 - 2017-12-03 17:27 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120317_172726.txt
    2017-12-03 17:31 - 2017-12-03 17:31 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120317_173155.txt
    2017-12-03 17:32 - 2017-12-03 17:32 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120317_173205.txt
    2017-12-05 10:34 - 2017-12-05 10:34 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120517_103415.txt
    2017-12-05 10:39 - 2017-12-05 10:39 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120517_103903.txt
    2017-12-06 13:36 - 2017-12-06 13:36 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120617_133614.txt
    2017-12-08 23:25 - 2017-12-08 23:25 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120817_232515.txt
    2017-12-08 23:25 - 2017-12-08 23:25 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120817_232524.txt
    2017-12-08 23:36 - 2017-12-08 23:36 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_120817_233658.txt
    2017-12-16 10:19 - 2017-12-16 10:19 - 000000000 _____ () C:\Users\Stel\AppData\Roaming\log_121617_101956.txt
    2017-11-24 16:06 - 2018-02-21 07:07 - 001059828 _____ () C:\Users\Stel\AppData\Local\BTServer.log

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-06-09 13:16

    ==================== End of FRST.txt ============================
     
  9. spoonthumb

    spoonthumb Thread Starter

    Joined:
    Jan 24, 2007
    Messages:
    109
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
    Ran by Stel (24-11-2018 16:01:07)
    Running from C:\Users\Stel\Desktop
    Windows 10 Home Version 1803 17134.407 (X64) (2018-06-09 11:29:17)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3063150416-1561372912-2056264558-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3063150416-1561372912-2056264558-503 - Limited - Disabled)
    defaultuser0 (S-1-5-21-3063150416-1561372912-2056264558-1000 - Limited - Disabled) => C:\Users\defaultuser0
    Guest (S-1-5-21-3063150416-1561372912-2056264558-501 - Limited - Disabled)
    Stel (S-1-5-21-3063150416-1561372912-2056264558-1001 - Administrator - Enabled) => C:\Users\Stel
    WDAGUtilityAccount (S-1-5-21-3063150416-1561372912-2056264558-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
    7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
    Ableton Live 10 Suite (HKLM\...\{FE06C730-0296-42D9-B869-4E819D7F47A3}) (Version: 10.0.0.0 - Ableton)
    ACP Application (HKLM\...\{FC5382F1-9A21-5071-E376-C401639D8227}) (Version: 2016.0809.2131.47 - Advanced Micro Devices, Inc.) Hidden
    Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
    AirDroid 3.3.0.0 (HKLM-x32\...\AirDroid) (Version: 3.3.0.0 - Sand Studio)
    AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
    AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
    Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
    Bandicam (HKLM-x32\...\Bandicam) (Version: 3.4.0.1226 - Bandicam.com)
    Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
    BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.30.50.1690 - BlueStack Systems, Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Catalyst Control Center Next Localization BR (HKLM\...\{6F8C7E9C-6C88-08DE-6F31-5395790F5148}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (HKLM\...\{9036ED75-13E0-2628-F0A6-B9DE9F4FED30}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (HKLM\...\{7F7C6545-CAFA-2F58-1C19-900545747191}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (HKLM\...\{FE4CC0BC-124C-4B4A-40D2-DB7A21F4CDAA}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (HKLM\...\{B63F9039-62FF-33D1-7CC0-35F1B7DFAF80}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (HKLM\...\{E74C7D57-F458-1E35-9904-4428C5CA1E7C}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (HKLM\...\{4B17EB4C-FF8D-E0C3-A576-E143A82CC7D9}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (HKLM\...\{0091B985-1F06-AC61-374A-BDCCC5405945}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (HKLM\...\{349AA249-E523-D0AB-235A-4B3B77DE6C9E}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (HKLM\...\{F581A9CB-4271-2631-003E-E870714D50BE}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (HKLM\...\{C74E37D5-4457-7F79-60A0-F5A870A572EC}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (HKLM\...\{696CE3C3-A3E6-6E42-E7D1-C4A823663F43}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (HKLM\...\{38E23A09-DA95-546E-9DB0-0674910F4E8B}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (HKLM\...\{0B6AC8F2-F8AA-C034-90D6-0DDA78389033}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (HKLM\...\{93CC5540-14E4-61E5-9F96-21F47A30BEC4}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (HKLM\...\{2019DF89-50CE-0EFE-8E15-5D2E9355736A}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (HKLM\...\{7D28DBD4-ECD3-1677-251A-293BAB571C7B}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (HKLM\...\{9331166D-900D-ACA4-3955-8548FFF6FC7A}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (HKLM\...\{C422C2AD-A58E-4BBC-1344-CC0F1361E9B5}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (HKLM\...\{0078B0A2-7F60-1FDE-BD14-76DCD7C47885}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (HKLM\...\{6EF31FA5-01A9-CD41-199F-8B5C7BE1ADCB}) (Version: 2016.0809.2136.37062 - Advanced Micro Devices, Inc.) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Click Install if prompted (HKLM-x32\...\{40830C8E-936E-4E08-AE37-240FF3343927}) (Version: 1.0.6.0 - ExpressVpn) Hidden
    CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
    CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
    DaVinci Resolve (HKLM\...\{3A2C86D3-248C-47EB-A791-AE7AC6F19C23}) (Version: 14.2.0012 - Blackmagic Design)
    DaVinci Resolve Panels (HKLM\...\{332552D0-B8EE-49BF-B904-E038A72BD2B2}) (Version: 1.1.2.0 - Blackmagic Design)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
    Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
    Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    ExpressVPN (HKLM-x32\...\{DF70BFBB-EFAF-4ED6-BBCA-BA00FF01E643}) (Version: 6.6.0.4121 - ExpressVPN) Hidden
    ExpressVPN (HKLM-x32\...\{ef177096-6c55-4848-adc8-41ffb583a002}) (Version: 6.6.0.4121 - ExpressVPN)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.1.0.5096 - Foxit Software Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
    HP Audio Switch (HKLM-x32\...\{0C5D69BD-B518-46DB-8471-506CD27F9478}) (Version: 1.0.138.0 - HP Inc.)
    HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
    HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
    HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
    HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
    HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
    HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.6.18.11 - HP Inc.)
    HP Support Solutions Framework (HKLM-x32\...\{FF4696FC-E862-4C69-9EC4-BCBD23063EB1}) (Version: 12.9.24.3 - HP Inc.)
    HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
    HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
    HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
    InPixio Photo Clip 7 (HKLM-x32\...\{829CAB57-8D17-49F8-A5B0-302B501FCEC2}) (Version: 7.7.0 - InPixio)
    IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.1 - IObit)
    IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.0.2.19 - IObit)
    iTunes (HKLM\...\{7EE6E263-19DA-4A33-BB8C-9BDC12BA1918}) (Version: 12.7.3.46 - Apple Inc.)
    Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
    Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version: - Code Jelly)
    LumaBook Designer 2.0 (HKLM-x32\...\LumaBook_LumaBook Designer 2.0) (Version: - )
    Luminar 2018 (HKLM\...\{93FA5785-6E17-4768-A000-CA6AD4794ED4}) (Version: 1.0.0.1010 - Skylum) Hidden
    Luminar 2018 (HKLM-x32\...\{2a30d72b-6ccc-453d-8ae2-70668c55f958}) (Version: 1.0.0.1010 - Skylum)
    Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
    MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
    Mi PC Suite (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\MiPhoneManager) (Version: - Xiaomi Inc.)
    Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation)
    Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
    Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
    Mozilla Firefox 63.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 63.0.3 (x86 en-US)) (Version: 63.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
    mydlink services plugin (HKLM-x32\...\{1A9B665A-5F27-4F71-BF90-22FDFE7A1635}) (Version: 1.0.2.7 - D-Link Corporation)
    Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.2.189 - Native Instruments)
    Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.9.132 - Native Instruments)
    Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.7.1.854 - Native Instruments)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.2 - OBS Project)
    Octodad (HKLM-x32\...\Octodad) (Version: - )
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
    OSDownloader (HKLM-x32\...\{C02C8C82-197C-46C1-AD18-EB0F5BF49F8A}_is1) (Version: 1.5 - OpenSubtitles.org)
    Poker Mania v3.3.3 (HKLM-x32\...\Poker Mania_is1) (Version: - )
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.57 - REALTEK Semiconductor Corp.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.76 - REALTEK Semiconductor Corp.)
    Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
    Roblox Player for Stel (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
    Roblox Player for Stel (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\roblox-player) (Version: - Roblox Corporation)
    Roblox Studio for Stel (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - Roblox Corporation)
    SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden
    Split Tunneling Driver (HKLM-x32\...\{F078B0B5-2F41-42C2-9162-B8C628D5E6FE}) (Version: 1.0.0.0 - ExpressVpn) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
    TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
    TeaTV version 1.4.0 (HKLM-x32\...\{A8C3DF97-73C2-479D-9B75-3DFA3FC6DEB1}_is1) (Version: 1.4.0 - TeaTV)
    TolorencTransof (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\TolorencTransof) (Version: 52.13 - OpolinSoma)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
    Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
    Web Companion (HKLM-x32\...\{b43a9ffa-5b79-4a1b-84b7-48c466c5d75c}) (Version: 4.3.1934.3766 - Lavasoft)
    WhatsApp (HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
    Who Is On My Wifi version 4.0.3 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 4.0.3 - IO3O LLC)
    WinISO (HKLM-x32\...\WinISO) (Version: 6.1.0.4435 - WinISO Computing Inc.)
    YouTube Downloader 4.6.995 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
    ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
    ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
    ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-08-09] (Advanced Micro Devices, Inc.)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
    ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
    ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-04-16] (Foxit Software Inc.)
    ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
    ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0C8FEE19-C701-42AF-8BB1-6C4ABA597CC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
    Task: {0CB9C088-23BC-483A-BF4A-E8E563D3DB07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-24] (Microsoft Corporation)
    Task: {1D88EAEA-8ACC-4253-8CC5-6870D5AFAB10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
    Task: {25A6C49A-4956-4059-95CC-C6DAC16F00E7} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
    Task: {2A72462B-4B31-4E7F-809D-036B44065128} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-11] (Piriform Ltd)
    Task: {31F6A522-B823-46E8-B560-AF8FE20EEBED} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-18] (Adobe Systems Incorporated)
    Task: {36CA512F-CD7E-4451-9FC3-441A562B955A} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
    Task: {3AD4B70A-D58B-490B-AA2C-C1072BE7A954} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-24] (Microsoft Corporation)
    Task: {3B61E633-9F43-46D3-AED2-BB63CFC0CF67} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
    Task: {3C17BCC9-CA32-4F2F-A997-44F3AFC8B113} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
    Task: {3E5F464E-349C-44EC-9AB8-8CC6925B0737} - System32\Tasks\SafeZone scheduled Autoupdate 1520715688 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
    Task: {3E8A5BD8-51F1-4DF5-81CD-D47A25FF48D9} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {3FE8E5A2-A1A1-4565-9CF3-5180AC1B6A06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
    Task: {41A7CD9F-815A-48BB-B91B-13422FAC32FA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
    Task: {563B2977-3965-45F4-97E9-372CFC239A2A} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
    Task: {5D461AC9-5565-4A10-BC23-114F98EA769A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe
    Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
    Task: {86BA2E84-1BEC-4730-8241-B95182371902} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-06] (Google Inc.)
    Task: {8ABA9705-E2A7-4E07-BB33-FC62F20C3457} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
    Task: {8F76E1C9-E0B2-4E63-8F87-BBED83200525} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
    Task: {92A5F51B-1363-485D-BD79-9C11EB0E2398} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe
    Task: {98AEA4F5-65B1-4C69-9F94-DF5F983C25FD} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
    Task: {99858E97-86F0-4E5C-A385-11546957020A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
    Task: {9BB4E587-D8C0-4927-8397-B058B964DD1A} - System32\Tasks\HPCeeScheduleForStel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
    Task: {AB6F85EF-2578-4DFF-B0E1-74FFB8E47F18} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
    Task: {AEB4E9B7-86B9-445D-B635-91C1E024C97E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
    Task: {B38E56AD-7354-4A7B-AFC1-5B46943F4878} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
    Task: {BC4B7670-69FE-43CC-80CE-463550E9CC39} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-26] ()
    Task: {C2EC92CA-C4B8-4F4A-8F29-16B8A2134F55} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2016-10-04] (HP Inc.)
    Task: {C8ED9658-D97D-4DB8-9F91-51E1CEF4D602} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-24] (Microsoft Corporation)
    Task: {CDCD575E-249F-493A-8190-A30A2488C567} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-24] (Microsoft Corporation)
    Task: {CE500C5D-EB4D-403B-BA12-CE1A6CD2B7B2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
    Task: {D2584687-5FA2-4933-BE7B-06CCDCA6BB9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-11-24] (Microsoft Corporation)
    Task: {D350CD43-1CD3-41A0-95D4-8D9108C292E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.)
    Task: {D65B24C7-D17D-41C4-A925-E27402F7DCE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2018-11-24] (Microsoft Corporation)
    Task: {D6727694-C6D8-4ADB-80B1-B0BC56552F98} - System32\Tasks\Uninstaller_SkipUac_Stel => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2018-08-08] (IObit)
    Task: {DB943FF8-CB70-4D1F-BE92-0F284BFA1DBF} - \AviraSystemSpeedupRemoval -> No File <==== ATTENTION
    Task: {EC4D77B5-EAE4-4505-8714-D753856695EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
    Task: {F929DE60-3D13-4F02-AC52-0F556C764293} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-06] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForStel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2018-04-12 01:34 - 2018-04-12 01:34 - 000444416 _____ () c:\windows\system32\SSDM.dll
    2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
    2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
    2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2018-04-09 07:04 - 2018-04-09 07:04 - 000339168 _____ () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe
    2018-11-23 09:36 - 2018-10-18 08:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2018-11-23 09:36 - 2018-10-18 08:44 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2018-05-23 19:48 - 2018-09-22 21:41 - 000025888 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
    2018-05-23 19:48 - 2018-09-22 21:41 - 000017696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
    2018-05-23 19:48 - 2018-09-22 21:41 - 000037664 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
    2018-04-09 07:06 - 2018-04-09 07:06 - 008620160 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe
    2018-11-15 18:26 - 2018-11-01 08:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2018-05-22 10:12 - 2018-05-22 10:13 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2018-05-22 10:12 - 2018-05-22 10:13 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2018-05-22 10:12 - 2018-05-22 10:13 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2018-05-22 10:12 - 2018-05-22 10:13 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
    2018-04-17 09:54 - 2018-04-17 09:56 - 001922232 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
    2016-08-09 20:36 - 2016-08-09 20:36 - 000138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    2018-06-09 07:40 - 2018-06-09 07:42 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    2018-06-09 07:40 - 2018-06-09 07:42 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
    2017-12-13 20:50 - 2017-12-13 21:15 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
    2018-04-27 15:33 - 2018-04-27 15:38 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
    2018-03-29 21:37 - 2018-03-29 21:51 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
    2018-06-09 07:40 - 2018-06-09 07:42 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
    2018-06-09 07:40 - 2018-06-09 07:42 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
    2018-06-09 07:40 - 2018-06-09 07:42 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
    2018-05-31 20:57 - 2018-05-31 21:05 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
    2018-03-29 21:37 - 2018-03-29 21:51 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
    2018-05-19 04:01 - 2018-05-19 04:02 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
    2018-05-08 06:32 - 2018-05-08 06:32 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2018-04-09 07:06 - 2018-04-09 07:06 - 006164864 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\libxvclient.dll
    2018-04-09 07:06 - 2018-04-09 07:06 - 000080512 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.NetworkUtils.dll
    2018-04-09 07:04 - 2018-04-09 07:04 - 000303104 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll
    2018-04-09 07:06 - 2018-04-09 07:06 - 000444032 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll
    2018-08-25 08:56 - 2018-05-02 16:42 - 000442128 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
    2018-08-25 08:56 - 2018-05-02 16:42 - 000210704 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
    2018-08-25 08:56 - 2018-05-02 16:42 - 000059664 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
    IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
    IE trusted site: HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\...\webcompanion.com -> hxxp://webcompanion.com

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2018-11-11 01:47 - 2018-11-24 09:45 - 000000106 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3063150416-1561372912-2056264558-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\46499186_356466551778852_6575050792179335168_n.jpg
    DNS Servers: 8.8.8.8 - 8.8.4.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.

    HKLM\...\StartupApproved\Run32: => "Dropbox"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [UDP Query User{AE26523A-9305-47B0-9288-ECBE983DBB36}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [TCP Query User{3AC9B039-A4A2-483C-BE96-C47A80029668}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [{5EC4633E-B849-43D2-9298-48CDC1B0E894}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
    FirewallRules: [UDP Query User{CF421C9B-674A-4127-B37A-1046AC3ACAAE}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [TCP Query User{58AEFDB8-2E24-413A-8FBC-D648CBC8B3E0}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
    FirewallRules: [{50CA4BC6-E911-49E6-ABF4-004C659CADA8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{3A3A29B5-C848-4F9A-B5D7-C7C16C315DA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{5DB44406-7B3A-48C3-B9B5-F0EE700F39A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{AC3E150D-58C3-42C2-A6A8-631FFE950394}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{59472FB9-D055-4CE0-A949-45879404D79E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{D6C5D6B4-42AB-44AB-A836-220F3C139B04}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [UDP Query User{0120ABE1-27E0-4F28-B1FC-DFF258AD323D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{4A74A3F3-4FFB-41D7-8EE3-576E853C136B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
    FirewallRules: [{7A0A9980-F07C-4D3F-BDCB-DE35ACC749BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{21EA1D34-C7DA-4740-981B-3CCE44788C25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [UDP Query User{D7BB1E04-E5FC-4CAF-A9CB-A15EBC7B3E3C}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
    FirewallRules: [TCP Query User{729DE5B8-F0C1-4CE2-A04F-8D2379C8E4B6}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe
    FirewallRules: [UDP Query User{A460EB71-ED47-4145-96C4-DCC9E069AA51}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
    FirewallRules: [TCP Query User{867D1F5F-AC19-4391-BBD4-7BA11AFB6C61}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
    FirewallRules: [{ACC39E5D-AA91-46A4-B56D-632BFBBE0BDF}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{6C684A5E-922A-4C28-9B91-3B42B400000E}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{601DB356-A82F-47B5-AE21-2B8E7EA247C4}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
    FirewallRules: [{EB1B6820-5E93-429C-B084-8D7E3999480C}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
    FirewallRules: [{3970DA8B-F32A-4454-9D8C-5A95849C4160}] => (Allow) C:\WINDOWS\system32\rundll32.exe
    FirewallRules: [{82BEF8BC-0C22-49F6-B131-46451474CEA7}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
    FirewallRules: [{D5AC0538-B828-477B-8D51-D919BA67E630}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
    FirewallRules: [{D596D5C8-8810-4188-BE5E-67BDEFF8DCE7}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe
    FirewallRules: [{90FC7AE6-1B93-4D04-816D-15C3C09C4606}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
    FirewallRules: [{C9B4AEC4-09CE-45E3-BD28-122BC3C502F1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
    FirewallRules: [{EFB27A2E-942D-4A85-A3C8-D59A3F2D51EF}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
    FirewallRules: [{99D15145-DE89-462E-A6AA-D51E87984E26}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
    FirewallRules: [{AB9852AE-B140-4195-A243-65F43BA1E625}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe
    FirewallRules: [{DA83CB27-CA37-471D-8D5D-6D18CBB8BB25}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
    FirewallRules: [{A8A0A0CB-E6AF-466B-BC16-FF6BEE2D3858}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
    FirewallRules: [{3075A295-BED3-4229-98B8-5E93C391912C}] => (Allow) C:\Program Files\CyberLink\PowerDirector14\PDR10.EXE
    FirewallRules: [{04581617-58B5-4FA7-8BF8-1615AB2E8A91}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
    FirewallRules: [{BBF5F5B2-519A-42DF-9764-B38A866C738A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
    FirewallRules: [{18427199-2951-42B8-877E-4254A1B1105D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
    FirewallRules: [{2B945FA9-D0FA-4B4A-B256-6DE81D52F16E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
    FirewallRules: [{2499E248-466D-44A4-B8AA-8D066788C817}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
    FirewallRules: [{8C86F27D-4659-4DAA-B537-A5DAC22B3BCF}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{4B4DCEC7-05E8-4B7A-BFB2-CD114F391A00}] => (Allow) C:\Users\Stel\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{59F2DB27-FA36-4E8C-84E9-D18E1E41BD4F}] => (Allow) C:\Users\Stel\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{45797643-616C-46EE-AE72-FBBF8EE4909D}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
    FirewallRules: [{390F6281-28BC-475A-8C81-DBA4A00F861D}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
    FirewallRules: [{9370DAC2-1022-49A0-B14D-17B1F51A2A85}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{C39FA58B-1331-426A-B51A-589F20A5664F}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
    FirewallRules: [{60683615-6C82-4682-B48F-B8A08685E19B}] => (Allow) C:\Users\Stel\AppData\Local\Temp\andy-x86\Setup.exe
    FirewallRules: [{FA91C014-19A0-47AF-AA18-2752EBB69EE5}] => (Allow) C:\Users\Stel\AppData\Local\Temp\andy-x86\Setup.exe
    FirewallRules: [{AE90C2A0-15BD-49BF-AD5C-A31A50FCBBEF}] => (Allow) C:\Users\Stel\AppData\Local\MiPhoneManager\main\MiPCSuite.exe
    FirewallRules: [TCP Query User{D8E96C6C-FBC6-405A-B758-EDADCAD22606}C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
    FirewallRules: [UDP Query User{B76D5069-D2EA-44C5-9218-707BC5C39183}C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
    FirewallRules: [{AAE686C7-4190-4567-88A8-866C18027DC3}] => (Block) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
    FirewallRules: [{BDE17E6B-4CEF-4705-BD34-3F68ADF522C7}] => (Block) C:\users\stel\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
    FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe
    FirewallRules: [{65646F10-0968-4E47-9CCB-304800628360}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
    FirewallRules: [{79BA30A7-F217-43EB-B712-B472AF6D16B8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
    FirewallRules: [{C2342E78-138A-4A94-8ABF-28D8E9386E28}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe
    FirewallRules: [TCP Query User{7F833BEC-8BC6-4473-BBCE-B3878F922F2A}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
    FirewallRules: [UDP Query User{AD0F15F5-3622-44D6-A903-CC573073AA3F}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
    FirewallRules: [{5408C287-4996-4230-A646-F1ACB19E7173}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
    FirewallRules: [{CA709D91-292C-4A0B-A156-C6B0EF145FD3}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
    FirewallRules: [{39B5BB85-FA53-410D-A129-773D526B0F2B}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
    FirewallRules: [{149E7453-17C8-4A1D-B7D9-8575CB6D7BEF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{940C5FD9-6FB0-45EB-8C71-976FE009BC5D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{E33E19C9-9FA6-4E76-8FC5-AD907DF4922F}] => (Allow) %systemroot%\system32\alg.exe
    FirewallRules: [{A94988B6-06C9-44C2-81A4-01972B46E9D9}] => (Allow) %systemroot%\system32\alg.exe
    FirewallRules: [{55B6F2A3-E10E-414B-9D12-E8ED2A6CE869}] => (Allow) %systemroot%\system32\alg.exe
    FirewallRules: [{EE98A4E6-A8D0-4351-86FF-7D529D55DE19}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{509CC91D-A9E5-4ED9-B58C-2CCC262644B9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{01A937C1-74BC-44B9-94A2-EAE367CA6282}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{52D6EC32-1687-454E-8E5D-4657EA1D46BB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{6D6AF77E-199B-41A6-A6EC-428C82BA1BC1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe

    ==================== Restore Points =========================

    22-11-2018 15:47:37 Windows Update
    24-11-2018 11:58:31 Removed Avira Software Updater

    ==================== Faulty Device Manager Devices =============

    Name: ExpressVPN Tap Adapter
    Description: ExpressVPN Tap Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: ExpressVPN
    Service: tapexpressvpn
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/24/2018 03:54:46 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
    .


    Λειτουργία:
    Εκτέλεση ασύγχρονης λειτουργίας

    Περιβάλλον:
    Τρέχουσα κατάσταση: DoSnapshotSet

    Error: (11/24/2018 03:51:31 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
    .


    Λειτουργία:
    Εκτέλεση ασύγχρονης λειτουργίας

    Περιβάλλον:
    Τρέχουσα κατάσταση: DoSnapshotSet

    Error: (11/24/2018 03:49:58 PM) (Source: AviraOptimizerHost) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (11/24/2018 03:49:48 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
    .


    Λειτουργία:
    Εκτέλεση ασύγχρονης λειτουργίας

    Περιβάλλον:
    Τρέχουσα κατάσταση: DoSnapshotSet

    Error: (11/24/2018 12:39:34 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
    .


    Λειτουργία:
    Εκτέλεση ασύγχρονης λειτουργίας

    Περιβάλλον:
    Τρέχουσα κατάσταση: DoSnapshotSet

    Error: (11/24/2018 11:58:32 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
    .


    Λειτουργία:
    Εκτέλεση ασύγχρονης λειτουργίας

    Περιβάλλον:
    Τρέχουσα κατάσταση: DoSnapshotSet

    Error: (11/24/2018 09:51:17 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
    .


    Λειτουργία:
    Εκτέλεση ασύγχρονης λειτουργίας

    Περιβάλλον:
    Τρέχουσα κατάσταση: DoSnapshotSet

    Error: (11/24/2018 09:50:26 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, Μια συσκευή που είναι συνδεδεμένη με το σύστημα δεν λειτουργεί.
    .


    Λειτουργία:
    Εκτέλεση ασύγχρονης λειτουργίας

    Περιβάλλον:
    Τρέχουσα κατάσταση: DoSnapshotSet


    System errors:
    =============
    Error: (11/24/2018 12:43:54 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O91JKA7N)
    Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    and APPID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    to the user LAPTOP-O91JKA7N\Stel SID (S-1-5-21-3063150416-1561372912-2056264558-1001) from address LocalHost (Χρήση LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2018 08:49:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2018 08:44:24 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O91JKA7N)
    Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    and APPID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    to the user LAPTOP-O91JKA7N\Stel SID (S-1-5-21-3063150416-1561372912-2056264558-1001) from address LocalHost (Χρήση LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2018 08:44:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Εκκίνηση permission for the COM Server application with CLSID
    Windows.SecurityCenter.WscBrokerManager
    and APPID
    Μη διαθέσιμο
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2018 08:43:39 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-O91JKA7N)
    Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    and APPID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    to the user LAPTOP-O91JKA7N\Stel SID (S-1-5-21-3063150416-1561372912-2056264558-1001) from address LocalHost (Χρήση LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2018 08:41:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

    Error: (11/24/2018 08:41:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The συγκεκριμένης εφαρμογής permission settings do not grant Τοπική Ενεργοποίηση permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Χρήση LRPC) running in the application container Μη διαθέσιμο SID (Μη διαθέσιμο). This security permission can be modified using the Component Services administrative tool.

    Error: (11/23/2018 05:33:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-O91JKA7N)
    Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.


    CodeIntegrity:
    ===================================

    Date: 2018-11-24 08:55:17.829
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-11-24 08:55:17.822
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-11-23 14:13:30.161
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-11-23 14:13:30.154
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-11-23 10:28:48.906
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-11-23 10:28:48.902
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    ==================== Memory info ===========================

    Processor: AMD A10-9600P RADEON R5, 10 COMPUTE CORES 4C+6G
    Percentage of memory in use: 59%
    Total physical RAM: 5727.12 MB
    Available physical RAM: 2332.54 MB
    Total Virtual: 6111.12 MB
    Available Virtual: 1887.11 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:223.55 GB) (Free:36.84 GB) NTFS
    Drive d: (RECOVERY) (Fixed) (Total:13.69 GB) (Free:1.64 GB) NTFS ==>[system with boot components (obtained from drive)]

    \\?\Volume{119a53ae-490e-4345-8970-3e64334f06e4}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.45 GB) NTFS
    \\?\Volume{3c9ffcd2-8c1e-4db0-ad41-44fd25c6e220}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 238.5 GB) (Disk ID: EC2B8572)

    Partition: GPT.

    ==================== End of Addition.txt ============================
     
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    No obvious signs of malware there but lots of dubious entries
    Firstly you are using illegal activation hacks for windows & office
    then you are downloading through torrents and the downloaded files might well be infected

    I won't work on a system that has pirated office or windows
    Topic is now closed
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1219464

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice