rcb56
2018-07-13, 01:19
just now when i tried to run aswMRB it crashed and got a blue page saying it needed to run then it restarted
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Dad (administrator) on BRIDGES1 (12-07-2018 18:03:10)
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available Profiles: Dad)
Platform: Windows 10 Home Version 1709 16299.492 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVM Software) C:\Program Files (x86)\Paltalk\update\pt_update_service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [BingSvc] => C:\Users\Dad\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364136 2018-05-15] (Piriform Ltd)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2017-10-12]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2017-08-19]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4b213914-881c-4cd2-b83b-88424c186eef}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{840609af-911f-4c5e-a8eb-039c51d6f9ed}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c9709154-fd6d-4b76-82af-c2d64867b8a8}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{df402617-2238-4387-82b5-8c59da1d4835}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-16] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-16] (Oracle Corporation)
Edge:
======
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-03-15]
FireFox:
========
FF DefaultProfile: nnzgkec8.default
FF ProfilePath: C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default [2018-07-12]
FF Homepage: Mozilla\Firefox\Profiles\nnzgkec8.default -> www.yahoo.com
FF Extension: (Unbranded Search Test) - C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default\Extensions\unbrandedsearchtest132@mozilla.com.xpi [2018-03-28] [Legacy]
FF Extension: (ArcadeGala) - C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default\Extensions\{b40e5bcd-5966-424f-8a15-6ecc3dba050a}.xpi [2018-07-06]
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-12-19] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll [2017-08-08] (Solware)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-16] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2007-11-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2007-11-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2007-11-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2007-11-27]
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR Profile: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default [2018-06-05]
CHR Extension: (Slides) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Docs) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Google Drive) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-19]
CHR Extension: (YouTube) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-19]
CHR Extension: (Myki Password Manager & Authenticator) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmikpgodpkclnkgmnpphehdgcimmided [2018-05-28]
CHR Extension: (Sheets) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-19]
CHR Extension: (Glossy Blue) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nheaocaplknjkpcnbadlgfpdfjaabiml [2017-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-22]
CHR Extension: (Gmail) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-19]
CHR Extension: (Chrome Media Router) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-22]
CHR Profile: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-20]
CHR HKU\S-1-5-21-2107755742-302254199-1763176924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
R2 paltalk_update_service; C:\Program Files (x86)\Paltalk\update\pt_update_service.exe [1413608 2017-08-04] (AVM Software)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [135816 2018-06-28] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd.)
R3 easytether; C:\WINDOWS\System32\drivers\easytthrx.sys [22728 2015-11-22] (Mobile Stream)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-11] (Malwarebytes)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd.)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [53488 2018-05-22] ()
S2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2018-03-15] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-09-27] (Zemana Ltd.)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-12 18:03 - 2018-07-12 18:04 - 000013733 _____ C:\Users\Dad\Desktop\FRST.txt
2018-07-12 18:02 - 2018-07-12 18:03 - 000000000 ____D C:\FRST
2018-07-12 18:00 - 2018-07-12 18:00 - 005198336 _____ (AVAST Software) C:\Users\Dad\Desktop\aswMBR.exe
2018-07-12 17:58 - 2018-07-12 17:58 - 002412544 _____ (Farbar) C:\Users\Dad\Desktop\FRST64.exe
2018-07-12 17:57 - 2018-07-12 17:58 - 000016281 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2018-07-12 17:56 - 2018-07-12 17:57 - 005766144 _____ (Tweaking.com) C:\Users\Dad\Downloads\tweaking.com_registry_backup_setup(1).exe
2018-07-12 16:11 - 2018-07-12 16:11 - 000001223 _____ C:\Users\Dad\Desktop\stickhorsesdad.txt
2018-07-12 16:05 - 2018-07-12 16:05 - 001367712 _____ (NCH Software) C:\Users\Dad\Downloads\WavePadAudioEditingSoftware.exe
2018-07-03 16:34 - 2018-07-11 07:56 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-03 13:09 - 2018-07-03 13:20 - 585624510 _____ C:\Users\Dad\Downloads\Dragonfly_4_5_6_7_Pro_Web.zip
2018-06-29 13:51 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-06-22 01:10 - 2017-05-22 04:20 - 000166288 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2018-06-22 01:10 - 2017-05-22 04:20 - 000131984 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2018-06-22 00:58 - 2018-06-22 00:58 - 000096096 _____ C:\Users\Dad\Downloads\serialnumberdetectiontool.exe
2018-06-22 00:31 - 2017-05-22 04:20 - 000069120 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll
2018-06-22 00:26 - 2018-06-22 00:27 - 041109664 _____ (Samsung Electronics) C:\Users\Dad\Downloads\SmartSwitchPC.exe
2018-06-22 00:19 - 2018-06-22 00:20 - 031177024 _____ (Samsung Electronics Co., Ltd.) C:\Users\Dad\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_ver_1.5.65.0.exe
2018-06-21 23:28 - 2018-06-21 23:29 - 015107071 _____ C:\Users\Dad\Downloads\Dragonfly-4, Dragonfly-5, Dragonfly-7 & Wi-Fish Installation and operation instructions 81358-3-EN(1).pdf
2018-06-21 21:17 - 2018-06-21 21:17 - 000000000 ____D C:\ProgramData\Packages
2018-06-13 21:49 - 2018-06-13 21:50 - 043322896 _____ C:\Users\Dad\Downloads\Firefox Setup 42.0.exe
2018-06-12 14:58 - 2018-06-08 12:26 - 021754880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-12 14:58 - 2018-06-08 12:26 - 017084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-12 14:58 - 2018-06-08 12:03 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-12 14:58 - 2018-06-08 11:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-12 14:58 - 2018-06-08 11:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-12 14:58 - 2018-06-08 06:42 - 002491120 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-12 14:58 - 2018-06-08 06:41 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-12 14:58 - 2018-06-08 02:36 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-06-12 14:58 - 2018-06-08 02:36 - 000137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-12 14:58 - 2018-06-08 02:35 - 001093040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-12 14:58 - 2018-06-08 02:35 - 000924656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-12 14:58 - 2018-06-08 02:35 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-12 14:58 - 2018-06-08 02:35 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-12 14:58 - 2018-06-08 02:34 - 000748472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-06-12 14:58 - 2018-06-08 02:34 - 000423352 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-06-12 14:58 - 2018-06-08 02:33 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-12 14:58 - 2018-06-08 02:33 - 001056184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-12 14:58 - 2018-06-08 02:33 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000269720 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-06-12 14:58 - 2018-06-08 02:32 - 001638432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-12 14:58 - 2018-06-08 02:30 - 008594848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-12 14:58 - 2018-06-08 02:30 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-12 14:58 - 2018-06-08 02:30 - 001953544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-12 14:58 - 2018-06-08 02:30 - 001416360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-12 14:58 - 2018-06-08 02:29 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-12 14:58 - 2018-06-08 02:29 - 001210272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-12 14:58 - 2018-06-08 02:27 - 001173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-12 14:58 - 2018-06-08 02:27 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-12 14:58 - 2018-06-08 02:26 - 000712456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-12 14:58 - 2018-06-08 02:26 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-06-12 14:58 - 2018-06-08 02:25 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-06-12 14:58 - 2018-06-08 02:25 - 000525728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-12 14:58 - 2018-06-08 02:24 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 006282280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 003009736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 002711248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 001488288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 001029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 000891808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-06-12 14:58 - 2018-06-08 02:24 - 000247712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 021357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 004486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 002472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 002412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 000824904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 000706464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 000677304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-12 14:58 - 2018-06-08 02:23 - 000137552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 006791992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 001269640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 000688072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 000093624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 007385096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 001779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 000594080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-12 14:58 - 2018-06-08 02:20 - 001101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-12 14:58 - 2018-06-08 01:26 - 025256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-12 14:58 - 2018-06-08 01:21 - 001931256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-12 14:58 - 2018-06-08 01:21 - 001614168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-12 14:58 - 2018-06-08 01:21 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-12 14:58 - 2018-06-08 01:19 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-12 14:58 - 2018-06-08 01:18 - 000212920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-06-12 14:58 - 2018-06-08 01:18 - 000097160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-12 14:58 - 2018-06-08 01:10 - 003485400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-06-12 14:58 - 2018-06-08 01:10 - 002338272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-12 14:58 - 2018-06-08 01:10 - 001124768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 017161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 006092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 000791968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-06-12 14:58 - 2018-06-08 01:09 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-06-12 14:58 - 2018-06-08 01:08 - 020290256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-12 14:58 - 2018-06-08 01:08 - 003979696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-12 14:58 - 2018-06-08 01:08 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-12 14:58 - 2018-06-08 01:08 - 001990672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-12 14:58 - 2018-06-08 01:08 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 002386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000975360 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-06-12 14:58 - 2018-06-08 01:07 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 006015208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 004668688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 001524784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 000551696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-06-12 14:58 - 2018-06-08 01:05 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-12 14:58 - 2018-06-08 01:04 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-12 14:58 - 2018-06-08 01:04 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-12 14:58 - 2018-06-08 01:04 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-12 14:58 - 2018-06-08 01:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-12 14:58 - 2018-06-08 01:03 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-12 14:58 - 2018-06-08 01:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-12 14:58 - 2018-06-08 01:00 - 012833792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 003180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-06-12 14:58 - 2018-06-08 00:59 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-12 14:58 - 2018-06-08 00:59 - 003124224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-12 14:58 - 2018-06-08 00:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-06-12 14:58 - 2018-06-08 00:59 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-12 14:58 - 2018-06-08 00:57 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-12 14:58 - 2018-06-08 00:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-12 14:58 - 2018-06-08 00:56 - 002528768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-12 14:58 - 2018-06-08 00:56 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-12 14:58 - 2018-06-08 00:55 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-06-12 14:58 - 2018-06-08 00:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-06-12 14:58 - 2018-06-08 00:52 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-06-12 14:58 - 2018-06-08 00:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-12 14:58 - 2018-06-08 00:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-12 14:58 - 2018-06-08 00:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-12 14:58 - 2018-06-08 00:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-06-12 14:58 - 2018-06-08 00:45 - 018930688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-12 14:58 - 2018-06-08 00:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-06-12 14:58 - 2018-06-08 00:44 - 019358720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-12 14:58 - 2018-06-08 00:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-12 14:58 - 2018-06-08 00:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-12 14:58 - 2018-06-08 00:43 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-06-12 14:58 - 2018-06-08 00:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-12 14:58 - 2018-06-08 00:40 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-12 14:58 - 2018-06-08 00:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-12 14:58 - 2018-06-08 00:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-06-12 14:58 - 2018-06-08 00:39 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-12 14:58 - 2018-06-08 00:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-12 14:58 - 2018-06-08 00:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-06-12 14:58 - 2018-06-08 00:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-12 14:58 - 2018-06-08 00:38 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-12 14:58 - 2018-06-08 00:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-06-12 14:58 - 2018-06-08 00:36 - 006060032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-12 14:58 - 2018-06-08 00:36 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 007812608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-12 14:58 - 2018-06-08 00:35 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-12 14:58 - 2018-05-12 08:57 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-06-12 14:58 - 2018-05-12 08:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-06-12 14:58 - 2018-05-12 08:55 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-12 14:58 - 2018-05-12 08:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-12 14:58 - 2018-05-11 18:15 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-06-12 14:58 - 2018-05-11 18:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-12 14:58 - 2018-05-11 18:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-06-12 14:58 - 2018-05-11 18:10 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-12 14:58 - 2018-05-11 18:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-12 14:58 - 2018-05-11 18:10 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-12 14:58 - 2018-05-11 18:09 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-06-12 14:58 - 2018-05-11 18:09 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-12 14:58 - 2018-05-11 18:08 - 000428440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-06-12 14:58 - 2018-05-11 18:08 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-06-12 14:58 - 2018-05-11 18:07 - 002711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-12 14:58 - 2018-05-11 18:07 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-06-12 14:58 - 2018-05-11 18:07 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-12 14:58 - 2018-05-11 18:05 - 000616792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-06-12 14:58 - 2018-05-11 16:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-12 14:58 - 2018-05-11 16:53 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:53 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:53 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-06-12 14:58 - 2018-05-11 16:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-06-12 14:58 - 2018-05-11 16:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-06-12 14:58 - 2018-05-11 16:48 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-06-12 14:58 - 2018-05-11 16:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-06-12 14:58 - 2018-05-11 16:47 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-06-12 14:58 - 2018-05-11 16:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-12 14:58 - 2018-05-11 16:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-06-12 14:58 - 2018-05-11 16:45 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-06-12 14:58 - 2018-05-11 16:44 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-12 14:58 - 2018-05-11 16:42 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-12 14:58 - 2018-05-11 16:41 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-12 14:58 - 2018-05-11 16:40 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-12 14:58 - 2018-05-11 16:39 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-12 14:58 - 2018-05-11 16:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-06-12 14:58 - 2018-05-11 16:33 - 002762752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-12 14:58 - 2018-05-11 16:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-06-12 14:58 - 2018-05-11 16:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-06-12 14:58 - 2018-05-11 16:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-06-12 14:58 - 2018-05-11 16:20 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-12 14:58 - 2018-05-11 16:20 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:19 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-12 14:57 - 2018-06-08 02:29 - 001849760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-12 14:57 - 2018-06-08 02:29 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-12 14:57 - 2018-06-08 02:29 - 000028576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-12 14:57 - 2018-06-08 02:24 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-12 14:57 - 2018-06-08 02:22 - 001358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-12 14:57 - 2018-06-08 02:22 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-12 14:57 - 2018-06-08 02:21 - 001206104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-06-12 14:57 - 2018-06-08 01:09 - 002993728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-12 14:57 - 2018-06-08 01:09 - 000832952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2018-06-12 14:57 - 2018-06-08 01:08 - 001075984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-12 14:57 - 2018-06-08 01:08 - 000640024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-12 14:57 - 2018-06-08 01:07 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-12 14:57 - 2018-06-08 01:06 - 001131696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-06-12 14:57 - 2018-06-08 01:06 - 000129208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-06-12 14:57 - 2018-06-08 01:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-12 14:57 - 2018-06-08 01:05 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-12 14:57 - 2018-06-08 01:05 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanelExternalHook.dll
2018-06-12 14:57 - 2018-06-08 01:04 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 01:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-12 14:57 - 2018-06-08 01:03 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-12 14:57 - 2018-06-08 01:01 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 01:01 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-12 14:57 - 2018-06-08 01:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2018-06-12 14:57 - 2018-06-08 00:59 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-12 14:57 - 2018-06-08 00:59 - 001116672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-12 14:57 - 2018-06-08 00:59 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-12 14:57 - 2018-06-08 00:59 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-12 14:57 - 2018-06-08 00:57 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-12 14:57 - 2018-06-08 00:57 - 001135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-12 14:57 - 2018-06-08 00:56 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-12 14:57 - 2018-06-08 00:53 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-12 14:57 - 2018-06-08 00:52 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-06-12 14:57 - 2018-06-08 00:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-12 14:57 - 2018-06-08 00:40 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 00:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 00:39 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2018-06-12 14:57 - 2018-06-08 00:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-12 14:57 - 2018-06-08 00:35 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-12 14:57 - 2018-06-08 00:35 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-12 14:57 - 2018-06-08 00:35 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-12 14:57 - 2018-06-08 00:34 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2018-06-12 14:57 - 2018-05-12 08:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-12 14:57 - 2018-05-12 08:52 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-06-12 14:57 - 2018-05-12 08:52 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
2018-06-12 14:57 - 2018-05-11 18:15 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-06-12 14:57 - 2018-05-11 18:08 - 000757792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-06-12 14:57 - 2018-05-11 18:07 - 001084736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-12 14:57 - 2018-05-11 16:54 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-12 14:57 - 2018-05-11 16:53 - 001033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-12 14:57 - 2018-05-11 16:52 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
2018-06-12 14:57 - 2018-05-11 16:52 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-06-12 14:57 - 2018-05-11 16:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 002186240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-12 14:57 - 2018-05-11 16:49 - 001685504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2018-06-12 14:57 - 2018-05-11 16:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-06-12 14:57 - 2018-05-11 16:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-06-12 14:57 - 2018-05-11 16:40 - 001363968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-12 14:57 - 2018-05-11 16:31 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
2018-06-12 14:57 - 2018-05-11 16:31 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-06-12 14:57 - 2018-05-11 16:31 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2018-06-12 14:57 - 2018-05-11 16:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-12 14:57 - 2018-05-11 16:29 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2018-06-12 14:57 - 2018-05-11 16:29 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2018-06-12 14:57 - 2018-05-11 16:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2018-06-12 14:57 - 2018-05-11 16:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-06-12 14:57 - 2018-05-11 16:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-06-12 14:57 - 2018-05-11 16:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2018-06-12 14:57 - 2018-05-11 16:26 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-12 18:03 - 2017-12-07 21:35 - 000199699 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-07-12 17:57 - 2017-09-25 11:36 - 000002315 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2018-07-12 16:59 - 2018-02-02 04:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-12 16:05 - 2018-02-02 04:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2018-07-12 16:05 - 2017-07-11 20:40 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2018-07-12 16:05 - 2017-07-11 20:40 - 000001198 _____ C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2018-07-12 11:34 - 2018-02-02 04:30 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7E7F596B-AAC6-435F-B4E6-35ACBDC689CA}
2018-07-12 11:16 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-07-12 11:15 - 2017-10-01 01:20 - 000000000 ____D C:\Program Files\rempl
2018-07-11 12:34 - 2018-02-01 18:41 - 000000000 ___DC C:\WINDOWS\Panther
2018-07-11 12:33 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-07-11 12:17 - 2018-02-02 04:29 - 000099063 _____ C:\WINDOWS\diagwrn.xml
2018-07-11 12:17 - 2018-02-02 04:29 - 000099063 _____ C:\WINDOWS\diagerr.xml
2018-07-11 11:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\registration
2018-07-11 11:08 - 2018-04-12 05:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-07-11 10:49 - 2018-06-03 07:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-11 10:49 - 2018-06-02 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-07-11 10:49 - 2018-04-10 08:53 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-07-11 10:49 - 2018-04-08 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Thumbnails
2018-07-11 10:49 - 2018-04-04 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-11 10:49 - 2018-03-28 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
2018-07-11 10:49 - 2018-02-02 04:13 - 000000000 ____D C:\Users\Dad
2018-07-11 10:49 - 2018-01-01 10:33 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-07-11 10:49 - 2017-10-20 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-07-11 10:49 - 2017-10-09 03:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-07-11 10:49 - 2017-10-08 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-07-11 10:49 - 2017-08-19 00:43 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2018-07-11 10:49 - 2017-08-18 23:37 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk
2018-07-11 10:49 - 2017-06-14 07:36 - 000000000 ____D C:\Program Files\UNP
2018-07-11 10:49 - 2017-06-06 02:28 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dwyco CDC-X
2018-07-11 10:49 - 2017-06-05 02:11 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-07-11 10:49 - 2017-06-05 00:57 - 000000000 ____D C:\Program Files\Common Files\logishrd
2018-07-11 10:49 - 2015-12-31 12:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-11 09:37 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-11 09:17 - 2018-02-02 04:30 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-07-11 08:19 - 2018-02-02 04:29 - 002274076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-11 07:56 - 2018-02-02 04:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-11 07:10 - 2017-06-04 23:32 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-07-11 03:13 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-11 03:03 - 2017-06-06 01:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 03:00 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-11 03:00 - 2017-06-06 01:21 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-11 00:06 - 2017-08-18 04:20 - 000000000 ____D C:\Users\Dad\Desktop\NCH Recordings
2018-07-10 18:22 - 2018-06-08 22:10 - 009589248 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-07-10 18:22 - 2018-03-16 02:19 - 000004570 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-07 13:02 - 2017-06-12 15:50 - 000000000 ____D C:\Users\Dad\AppData\Local\ElevatedDiagnostics
2018-07-05 22:33 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-07-01 23:05 - 2017-11-29 18:39 - 000000000 ____D C:\Users\Dad\Downloads\New folder 2017
2018-06-28 19:46 - 2018-05-08 17:05 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-28 19:46 - 2018-05-08 17:05 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-26 13:50 - 2018-05-16 22:12 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-26 13:50 - 2017-06-19 13:37 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 13:06 - 2018-03-04 19:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-22 03:55 - 2018-02-25 22:12 - 000000000 ____D C:\Users\Dad\AppData\Local\CrashDumps
2018-06-22 01:27 - 2015-12-31 12:53 - 000000000 __RDL C:\Users\Dad\OneDrive
2018-06-22 01:20 - 2018-02-02 04:30 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2107755742-302254199-1763176924-1001
2018-06-22 01:20 - 2017-06-04 23:52 - 000002364 _____ C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-21 23:01 - 2018-06-04 20:30 - 000000000 ____D C:\Users\Dad\Desktop\raymarine
2018-06-16 07:23 - 2017-08-08 16:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-15 06:33 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2018-06-15 03:39 - 2017-12-06 23:43 - 109430784 _____ C:\Users\Dad\Documents\dwyco-backup-diff-54614d2d0d4ce1a22951.sql
2018-06-15 03:39 - 2017-12-06 23:43 - 109430784 _____ C:\Users\Dad\Documents\dwyco-backup-diff-54614d2d0d4ce1a22951.old.sql
2018-06-13 21:53 - 2018-05-17 04:45 - 000001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-06-13 21:53 - 2018-03-22 00:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-13 21:53 - 2017-08-08 16:03 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-06-12 18:36 - 2018-02-02 10:35 - 000000000 ___RD C:\Users\Dad\3D Objects
2018-06-12 18:11 - 2018-02-02 04:09 - 000231096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-12 18:09 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-12 16:50 - 2016-11-26 05:03 - 000000000 ____D C:\Users\Dad\AppData\LocalLow\Mozilla
2018-06-12 15:07 - 2017-10-12 10:52 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
==================== Files in the root of some directories =======
2017-06-06 00:45 - 2018-05-02 12:15 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.1.txt
2017-06-06 00:45 - 2017-06-06 00:56 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.2.txt
2017-06-06 00:45 - 2017-06-06 00:45 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.3.txt
2017-06-06 00:45 - 2018-05-22 08:40 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt
2017-06-06 00:45 - 2018-05-22 08:40 - 000000000 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2018-04-10 01:22 - 2018-04-10 01:22 - 000000875 _____ () C:\Users\Dad\AppData\Local\recently-used.xbel
2018-02-09 20:50 - 2018-02-09 20:50 - 000000003 _____ () C:\Users\Dad\AppData\Local\updater.log
2018-02-09 20:50 - 2018-02-12 05:33 - 000000059 _____ () C:\Users\Dad\AppData\Local\UserProducts.xml
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-05 03:32
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Dad (12-07-2018 18:04:27)
Running from C:\Users\Dad\Desktop
Windows 10 Home Version 1709 16299.492 (X64) (2018-02-02 09:33:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2107755742-302254199-1763176924-500 - Administrator - Disabled)
Dad (S-1-5-21-2107755742-302254199-1763176924-1001 - Administrator - Enabled) => C:\Users\Dad
DefaultAccount (S-1-5-21-2107755742-302254199-1763176924-503 - Limited - Disabled)
Guest (S-1-5-21-2107755742-302254199-1763176924-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2107755742-302254199-1763176924-1005 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2107755742-302254199-1763176924-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Dwyco CDC-X version 2.17 (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Dwyco CDC-X_is1) (Version: 2.17 - Dwyco, Inc.)
Easy Thumbnails (Remove only) (HKLM-x32\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
iTunes (HKLM\...\{BE065D5C-5EB5-4F39-A112-32897C297935}) (Version: 12.7.5.9 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Firefox 60.0.1 ESR (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.1 ESR (x64 en-US)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
Paltalk (HKLM-x32\...\Paltalk) (Version: - )
Paltalk Messenger 11.8 (HKLM-x32\...\Paltalk Messenger) (Version: 11.8.667.17975 - AVM Software Inc.)
QuickBooks Online Edition Utilities V11 (HKLM-x32\...\{06346CB3-EB19-4CD8-8DDC-3C46EA2785A0}) (Version: 1.0.0 - Intuit)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 4.01 - NCH Software)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.19 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.13 - NCH Software)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18E61CDA-83AA-49D1-943F-14A92ECCD261} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {2346F721-A9D9-4A64-8DA2-AE86F27DE23A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2430C92A-CB91-4DF8-AE98-2F6BD8F956DB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {37F4D2E2-0574-4037-BD0A-94B879EBF583} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.)
Task: {3E5733FD-B96F-4498-BBC5-C6B7B122EB21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {491AB039-0341-4956-83F6-3106AC11F233} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {53C8437B-28E0-48F0-A635-6F9032372A86} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-06-28] (Microsoft Corporation)
Task: {659E516D-2DA0-44B1-84E9-C151948C49B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {6F6B5D80-9EB5-48ED-8769-6ACD7E5630A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {7D738910-14A4-4408-9B42-521F259B2A0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-15] (Piriform Ltd)
Task: {90410327-3FDA-489E-A835-D72B23D4D45D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {97B74E30-A850-4CEC-B3D3-9D3044D7DCA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {B0503919-9EAF-478E-8474-B463F64F275A} - System32\Tasks\update-S-1-5-21-2107755742-302254199-1763176924-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {B219E19E-CAFB-4F29-A867-9D6948A8DCBB} - System32\Tasks\NCH Software\WavePadSevenDays => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe [2018-06-21] (NCH Software)
Task: {B7FE982C-F16F-4351-9D5A-8997CAA17840} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {C876E438-10C0-4240-B01C-36D655881E82} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-15] (Piriform Ltd)
Task: {E749E9EF-2C90-421D-A2AA-D920463EEED4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2107755742-302254199-1763176924-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk\Remove settings.lnk -> C:\Program Files (x86)\Paltalk\ng_clean_settings.bat ()
==================== Loaded Modules (Whitelisted) ==============
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-15 03:14 - 2018-06-10 02:53 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-12 14:58 - 2018-06-08 00:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123simsen.com -> www.123simsen.com
There are 7936 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-06-05 02:11 - 2018-05-24 23:24 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dad\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20180626_061637.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "World of Tanks"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8CCAC849-70E3-46E5-917C-BC8AF033E480}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{75A45EA3-8F6E-40A6-ABEA-BEE725167883}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AB709A6E-44BB-49AD-8FD6-4C5F1FC92929}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6212E99-160B-4688-8CBA-D7A12F5EC108}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F3B37680-C314-40B7-BC39-16EEDE3EF147}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46B65E1E-BEDF-4DC5-9D92-8D74D4F9F47D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{D040F650-7821-46C1-B3E2-FC21FE4540A8}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [TCP Query User{003B7E6E-80BD-439B-8A70-857B9C41445E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{E97CF5CC-E875-4413-AF67-EA0BDE39744F}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [TCP Query User{652BCC34-0101-42ED-8CFC-BDF4E367733E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{CA8FC303-D0A8-43A6-84C6-54CAC9CA4FC0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{3BB79B1F-5EAF-409D-9277-3D93CF6A5BBB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D6644C78-5BEB-4F4F-ADF4-0DFCEECD800B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{DDA1ECFF-9C07-456F-AED1-E7E4ACC6DC69}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{3983567D-ABED-414F-8346-E716A1AC4AD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{842718F1-D799-4129-B411-C6AA75BCCAF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BEC79ECD-6681-4E93-B010-ADEB31358442}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{3B10229E-CDCB-4838-A588-A36298F46539}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{EE52C107-CFB0-4AB6-AB07-511083C515F1}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{0B8C3854-02F3-4873-8137-AA07C6AACD70}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{FE373094-A60A-41B7-AAB1-E8E73E51FDF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{48380C01-FCD2-4F6A-9B1C-67F99EA78734}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBDFAB83-DB28-46FF-ACAD-B9196138DC43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1C69D635-125C-45A4-8052-574907AB5E4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C43DEF9A-0D00-4861-9417-D955CE8D48A3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{962B321F-7152-4FBD-9B27-D42683404A59}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{6B0572D4-BCED-4BD1-9B3A-9CF6F68474AD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A734E6FD-D1B1-436C-8A73-8725E911EA94}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
11-07-2018 09:55:45 Windows Update
==================== Faulty Device Manager Devices =============
Name: Remote NDIS based Internet Sharing Device
Description: Remote NDIS based Internet Sharing Device
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: usbrndis6
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4969
Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4969
Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3688
Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3688
Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/12/2018 04:58:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2391
Error: (07/12/2018 04:58:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2391
System errors:
=============
Error: (07/11/2018 12:26:28 PM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.
Error: (07/11/2018 09:47:59 AM) (Source: DCOM) (EventID: 10010) (User: BRIDGES1)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca did not register with DCOM within the required timeout.
Error: (07/11/2018 09:36:29 AM) (Source: DCOM) (EventID: 10016) (User: BRIDGES1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user Bridges1\Dad SID (S-1-5-21-2107755742-302254199-1763176924-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (07/11/2018 08:16:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0xc1900101: Feature update to Windows 10, version 1803.
Error: (07/11/2018 07:56:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The sxuptp service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/11/2018 07:56:48 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: sxuptp.sys
Error: (07/11/2018 07:56:28 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (07/11/2018 03:13:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
This operation returned because the timeout period expired.
Windows Defender:
===================================
Date: 2018-07-11 12:56:39.488
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {523D745B-AA46-4F74-BD03-702A396F867B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-07-04 17:52:03.586
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9A184CF1-F7AF-4107-879B-CEFC2F8FDB63}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-23 09:21:24.292
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AE3E8476-5272-446E-81BC-A56434C5C171}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-22 06:55:27.277
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FFFD08B7-C968-4E99-B92E-BCB89E674834}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-18 10:04:05.144
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E15EFFB3-1213-4396-B6CB-4DF6B942C365}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-07-11 08:35:25.977
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.271.808.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15000.2
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-06-17 08:50:45.338
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1420.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-06-12 07:29:39.328
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1109.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.
Date: 2018-06-09 21:37:55.650
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.945.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.
Date: 2018-06-04 20:02:16.262
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.625.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2018-06-03 07:04:14.015
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:14.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.993
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.985
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.946
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-02 03:13:47.581
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-02 03:13:43.027
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 49%
Total physical RAM: 6048.27 MB
Available physical RAM: 3041.29 MB
Total Virtual: 6432.27 MB
Available Virtual: 3052 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:918.41 GB) (Free:724.11 GB) NTFS
Drive d: (Recovery1) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
Drive e: (AT&T Velocity) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
\\?\Volume{1f74b045-50b1-11e1-94c3-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{1f74b044-50b1-11e1-94c3-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:13 GB) (Free:2.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5D81C09C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=918.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ==
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Dad (administrator) on BRIDGES1 (12-07-2018 18:03:10)
Running from C:\Users\Dad\Desktop
Loaded Profiles: Dad (Available Profiles: Dad)
Platform: Windows 10 Home Version 1709 16299.492 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVM Software) C:\Program Files (x86)\Paltalk\update\pt_update_service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [BingSvc] => C:\Users\Dad\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364136 2018-05-15] (Piriform Ltd)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2017-10-12]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2017-08-19]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4b213914-881c-4cd2-b83b-88424c186eef}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{840609af-911f-4c5e-a8eb-039c51d6f9ed}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c9709154-fd6d-4b76-82af-c2d64867b8a8}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{df402617-2238-4387-82b5-8c59da1d4835}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-16] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-16] (Oracle Corporation)
Edge:
======
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-03-15]
FireFox:
========
FF DefaultProfile: nnzgkec8.default
FF ProfilePath: C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default [2018-07-12]
FF Homepage: Mozilla\Firefox\Profiles\nnzgkec8.default -> www.yahoo.com
FF Extension: (Unbranded Search Test) - C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default\Extensions\unbrandedsearchtest132@mozilla.com.xpi [2018-03-28] [Legacy]
FF Extension: (ArcadeGala) - C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default\Extensions\{b40e5bcd-5966-424f-8a15-6ecc3dba050a}.xpi [2018-07-06]
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-12-19] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll [2017-08-08] (Solware)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-16] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2007-11-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2007-11-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2007-11-27]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2007-11-27]
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR Profile: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default [2018-06-05]
CHR Extension: (Slides) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Docs) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Google Drive) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-19]
CHR Extension: (YouTube) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-19]
CHR Extension: (Myki Password Manager & Authenticator) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmikpgodpkclnkgmnpphehdgcimmided [2018-05-28]
CHR Extension: (Sheets) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-19]
CHR Extension: (Glossy Blue) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nheaocaplknjkpcnbadlgfpdfjaabiml [2017-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-22]
CHR Extension: (Gmail) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-19]
CHR Extension: (Chrome Media Router) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-22]
CHR Profile: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-20]
CHR HKU\S-1-5-21-2107755742-302254199-1763176924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
R2 paltalk_update_service; C:\Program Files (x86)\Paltalk\update\pt_update_service.exe [1413608 2017-08-04] (AVM Software)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [135816 2018-06-28] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd.)
R3 easytether; C:\WINDOWS\System32\drivers\easytthrx.sys [22728 2015-11-22] (Mobile Stream)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-11] (Malwarebytes)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd.)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [53488 2018-05-22] ()
S2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2018-03-15] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-09-27] (Zemana Ltd.)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-12 18:03 - 2018-07-12 18:04 - 000013733 _____ C:\Users\Dad\Desktop\FRST.txt
2018-07-12 18:02 - 2018-07-12 18:03 - 000000000 ____D C:\FRST
2018-07-12 18:00 - 2018-07-12 18:00 - 005198336 _____ (AVAST Software) C:\Users\Dad\Desktop\aswMBR.exe
2018-07-12 17:58 - 2018-07-12 17:58 - 002412544 _____ (Farbar) C:\Users\Dad\Desktop\FRST64.exe
2018-07-12 17:57 - 2018-07-12 17:58 - 000016281 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2018-07-12 17:56 - 2018-07-12 17:57 - 005766144 _____ (Tweaking.com) C:\Users\Dad\Downloads\tweaking.com_registry_backup_setup(1).exe
2018-07-12 16:11 - 2018-07-12 16:11 - 000001223 _____ C:\Users\Dad\Desktop\stickhorsesdad.txt
2018-07-12 16:05 - 2018-07-12 16:05 - 001367712 _____ (NCH Software) C:\Users\Dad\Downloads\WavePadAudioEditingSoftware.exe
2018-07-03 16:34 - 2018-07-11 07:56 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-03 13:09 - 2018-07-03 13:20 - 585624510 _____ C:\Users\Dad\Downloads\Dragonfly_4_5_6_7_Pro_Web.zip
2018-06-29 13:51 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-06-22 01:10 - 2017-05-22 04:20 - 000166288 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2018-06-22 01:10 - 2017-05-22 04:20 - 000131984 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2018-06-22 00:58 - 2018-06-22 00:58 - 000096096 _____ C:\Users\Dad\Downloads\serialnumberdetectiontool.exe
2018-06-22 00:31 - 2017-05-22 04:20 - 000069120 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll
2018-06-22 00:26 - 2018-06-22 00:27 - 041109664 _____ (Samsung Electronics) C:\Users\Dad\Downloads\SmartSwitchPC.exe
2018-06-22 00:19 - 2018-06-22 00:20 - 031177024 _____ (Samsung Electronics Co., Ltd.) C:\Users\Dad\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_ver_1.5.65.0.exe
2018-06-21 23:28 - 2018-06-21 23:29 - 015107071 _____ C:\Users\Dad\Downloads\Dragonfly-4, Dragonfly-5, Dragonfly-7 & Wi-Fish Installation and operation instructions 81358-3-EN(1).pdf
2018-06-21 21:17 - 2018-06-21 21:17 - 000000000 ____D C:\ProgramData\Packages
2018-06-13 21:49 - 2018-06-13 21:50 - 043322896 _____ C:\Users\Dad\Downloads\Firefox Setup 42.0.exe
2018-06-12 14:58 - 2018-06-08 12:26 - 021754880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-12 14:58 - 2018-06-08 12:26 - 017084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-12 14:58 - 2018-06-08 12:03 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-12 14:58 - 2018-06-08 11:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-12 14:58 - 2018-06-08 11:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-12 14:58 - 2018-06-08 06:42 - 002491120 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-12 14:58 - 2018-06-08 06:41 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-12 14:58 - 2018-06-08 02:36 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-06-12 14:58 - 2018-06-08 02:36 - 000137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-12 14:58 - 2018-06-08 02:35 - 001093040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-12 14:58 - 2018-06-08 02:35 - 000924656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-12 14:58 - 2018-06-08 02:35 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-12 14:58 - 2018-06-08 02:35 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-12 14:58 - 2018-06-08 02:34 - 000748472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-06-12 14:58 - 2018-06-08 02:34 - 000423352 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-06-12 14:58 - 2018-06-08 02:33 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-12 14:58 - 2018-06-08 02:33 - 001056184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-12 14:58 - 2018-06-08 02:33 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000269720 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-12 14:58 - 2018-06-08 02:33 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-06-12 14:58 - 2018-06-08 02:32 - 001638432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-12 14:58 - 2018-06-08 02:32 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-12 14:58 - 2018-06-08 02:30 - 008594848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-12 14:58 - 2018-06-08 02:30 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-12 14:58 - 2018-06-08 02:30 - 001953544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-12 14:58 - 2018-06-08 02:30 - 001416360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-12 14:58 - 2018-06-08 02:29 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-12 14:58 - 2018-06-08 02:29 - 001210272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-12 14:58 - 2018-06-08 02:27 - 001173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-12 14:58 - 2018-06-08 02:27 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-12 14:58 - 2018-06-08 02:26 - 000712456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-12 14:58 - 2018-06-08 02:26 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-06-12 14:58 - 2018-06-08 02:25 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-06-12 14:58 - 2018-06-08 02:25 - 000525728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-12 14:58 - 2018-06-08 02:24 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 006282280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 003009736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 002711248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 001488288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 001029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-06-12 14:58 - 2018-06-08 02:24 - 000891808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-06-12 14:58 - 2018-06-08 02:24 - 000247712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 021357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 004486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 002472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 002412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 000824904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 000706464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-12 14:58 - 2018-06-08 02:23 - 000677304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-12 14:58 - 2018-06-08 02:23 - 000137552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 006791992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 001269640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 000688072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-12 14:58 - 2018-06-08 02:22 - 000093624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 007385096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 001779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 000594080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-12 14:58 - 2018-06-08 02:21 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-12 14:58 - 2018-06-08 02:20 - 001101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-12 14:58 - 2018-06-08 01:26 - 025256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-12 14:58 - 2018-06-08 01:21 - 001931256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-12 14:58 - 2018-06-08 01:21 - 001614168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-12 14:58 - 2018-06-08 01:21 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-12 14:58 - 2018-06-08 01:19 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-12 14:58 - 2018-06-08 01:18 - 000212920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-06-12 14:58 - 2018-06-08 01:18 - 000097160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-12 14:58 - 2018-06-08 01:10 - 003485400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-06-12 14:58 - 2018-06-08 01:10 - 002338272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-12 14:58 - 2018-06-08 01:10 - 001124768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 017161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 006092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 000791968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-06-12 14:58 - 2018-06-08 01:09 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-12 14:58 - 2018-06-08 01:09 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-06-12 14:58 - 2018-06-08 01:08 - 020290256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-12 14:58 - 2018-06-08 01:08 - 003979696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-12 14:58 - 2018-06-08 01:08 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-12 14:58 - 2018-06-08 01:08 - 001990672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-12 14:58 - 2018-06-08 01:08 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 002386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000975360 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-06-12 14:58 - 2018-06-08 01:07 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-12 14:58 - 2018-06-08 01:07 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 006015208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 004668688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 001524784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 000551696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-12 14:58 - 2018-06-08 01:06 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-06-12 14:58 - 2018-06-08 01:05 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-12 14:58 - 2018-06-08 01:04 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-12 14:58 - 2018-06-08 01:04 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-12 14:58 - 2018-06-08 01:04 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-12 14:58 - 2018-06-08 01:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-12 14:58 - 2018-06-08 01:03 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-12 14:58 - 2018-06-08 01:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-06-12 14:58 - 2018-06-08 01:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-06-12 14:58 - 2018-06-08 01:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-12 14:58 - 2018-06-08 01:00 - 012833792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 003180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-06-12 14:58 - 2018-06-08 00:59 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-12 14:58 - 2018-06-08 00:59 - 003124224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-12 14:58 - 2018-06-08 00:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-06-12 14:58 - 2018-06-08 00:59 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-12 14:58 - 2018-06-08 00:58 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-12 14:58 - 2018-06-08 00:57 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-12 14:58 - 2018-06-08 00:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-12 14:58 - 2018-06-08 00:57 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-12 14:58 - 2018-06-08 00:56 - 002528768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-12 14:58 - 2018-06-08 00:56 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-12 14:58 - 2018-06-08 00:55 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-06-12 14:58 - 2018-06-08 00:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-06-12 14:58 - 2018-06-08 00:52 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-06-12 14:58 - 2018-06-08 00:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-12 14:58 - 2018-06-08 00:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-12 14:58 - 2018-06-08 00:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-12 14:58 - 2018-06-08 00:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-06-12 14:58 - 2018-06-08 00:45 - 018930688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-12 14:58 - 2018-06-08 00:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-06-12 14:58 - 2018-06-08 00:44 - 019358720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-12 14:58 - 2018-06-08 00:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-12 14:58 - 2018-06-08 00:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-12 14:58 - 2018-06-08 00:43 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-06-12 14:58 - 2018-06-08 00:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-12 14:58 - 2018-06-08 00:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-12 14:58 - 2018-06-08 00:40 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-12 14:58 - 2018-06-08 00:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-12 14:58 - 2018-06-08 00:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-06-12 14:58 - 2018-06-08 00:39 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-12 14:58 - 2018-06-08 00:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-12 14:58 - 2018-06-08 00:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-06-12 14:58 - 2018-06-08 00:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-12 14:58 - 2018-06-08 00:38 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-12 14:58 - 2018-06-08 00:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-06-12 14:58 - 2018-06-08 00:36 - 006060032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-12 14:58 - 2018-06-08 00:36 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 007812608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-12 14:58 - 2018-06-08 00:35 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-12 14:58 - 2018-06-08 00:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-12 14:58 - 2018-05-12 08:57 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-06-12 14:58 - 2018-05-12 08:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-06-12 14:58 - 2018-05-12 08:55 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-12 14:58 - 2018-05-12 08:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-12 14:58 - 2018-05-11 18:15 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-06-12 14:58 - 2018-05-11 18:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-12 14:58 - 2018-05-11 18:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-06-12 14:58 - 2018-05-11 18:10 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-12 14:58 - 2018-05-11 18:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-12 14:58 - 2018-05-11 18:10 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-12 14:58 - 2018-05-11 18:09 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-06-12 14:58 - 2018-05-11 18:09 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-12 14:58 - 2018-05-11 18:08 - 000428440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-06-12 14:58 - 2018-05-11 18:08 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-06-12 14:58 - 2018-05-11 18:07 - 002711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-12 14:58 - 2018-05-11 18:07 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-06-12 14:58 - 2018-05-11 18:07 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-12 14:58 - 2018-05-11 18:05 - 000616792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-06-12 14:58 - 2018-05-11 16:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-12 14:58 - 2018-05-11 16:53 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:53 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:53 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-06-12 14:58 - 2018-05-11 16:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-06-12 14:58 - 2018-05-11 16:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-06-12 14:58 - 2018-05-11 16:48 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-06-12 14:58 - 2018-05-11 16:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-06-12 14:58 - 2018-05-11 16:47 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-06-12 14:58 - 2018-05-11 16:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-12 14:58 - 2018-05-11 16:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-06-12 14:58 - 2018-05-11 16:45 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-06-12 14:58 - 2018-05-11 16:44 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-12 14:58 - 2018-05-11 16:42 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-12 14:58 - 2018-05-11 16:41 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-12 14:58 - 2018-05-11 16:40 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-12 14:58 - 2018-05-11 16:39 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-12 14:58 - 2018-05-11 16:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-06-12 14:58 - 2018-05-11 16:33 - 002762752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-12 14:58 - 2018-05-11 16:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-06-12 14:58 - 2018-05-11 16:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-06-12 14:58 - 2018-05-11 16:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-06-12 14:58 - 2018-05-11 16:20 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-12 14:58 - 2018-05-11 16:20 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-12 14:58 - 2018-05-11 16:19 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-12 14:57 - 2018-06-08 02:29 - 001849760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-12 14:57 - 2018-06-08 02:29 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-12 14:57 - 2018-06-08 02:29 - 000028576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-12 14:57 - 2018-06-08 02:24 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-12 14:57 - 2018-06-08 02:22 - 001358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-12 14:57 - 2018-06-08 02:22 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-12 14:57 - 2018-06-08 02:21 - 001206104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-06-12 14:57 - 2018-06-08 01:09 - 002993728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-12 14:57 - 2018-06-08 01:09 - 000832952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2018-06-12 14:57 - 2018-06-08 01:08 - 001075984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-12 14:57 - 2018-06-08 01:08 - 000640024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-12 14:57 - 2018-06-08 01:07 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-12 14:57 - 2018-06-08 01:06 - 001131696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-06-12 14:57 - 2018-06-08 01:06 - 000129208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-06-12 14:57 - 2018-06-08 01:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-12 14:57 - 2018-06-08 01:05 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-12 14:57 - 2018-06-08 01:05 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanelExternalHook.dll
2018-06-12 14:57 - 2018-06-08 01:04 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 01:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-12 14:57 - 2018-06-08 01:03 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-12 14:57 - 2018-06-08 01:01 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 01:01 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-12 14:57 - 2018-06-08 01:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2018-06-12 14:57 - 2018-06-08 00:59 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-12 14:57 - 2018-06-08 00:59 - 001116672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-12 14:57 - 2018-06-08 00:59 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-12 14:57 - 2018-06-08 00:59 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-12 14:57 - 2018-06-08 00:57 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-12 14:57 - 2018-06-08 00:57 - 001135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-12 14:57 - 2018-06-08 00:56 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-12 14:57 - 2018-06-08 00:53 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-12 14:57 - 2018-06-08 00:52 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-06-12 14:57 - 2018-06-08 00:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-12 14:57 - 2018-06-08 00:40 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 00:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-12 14:57 - 2018-06-08 00:39 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2018-06-12 14:57 - 2018-06-08 00:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-12 14:57 - 2018-06-08 00:35 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-12 14:57 - 2018-06-08 00:35 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-12 14:57 - 2018-06-08 00:35 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-12 14:57 - 2018-06-08 00:34 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2018-06-12 14:57 - 2018-05-12 08:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-12 14:57 - 2018-05-12 08:52 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-06-12 14:57 - 2018-05-12 08:52 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
2018-06-12 14:57 - 2018-05-11 18:15 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-06-12 14:57 - 2018-05-11 18:08 - 000757792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-06-12 14:57 - 2018-05-11 18:07 - 001084736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-12 14:57 - 2018-05-11 16:54 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-12 14:57 - 2018-05-11 16:53 - 001033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-12 14:57 - 2018-05-11 16:52 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
2018-06-12 14:57 - 2018-05-11 16:52 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-06-12 14:57 - 2018-05-11 16:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 002186240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
2018-06-12 14:57 - 2018-05-11 16:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-12 14:57 - 2018-05-11 16:49 - 001685504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2018-06-12 14:57 - 2018-05-11 16:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-06-12 14:57 - 2018-05-11 16:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-06-12 14:57 - 2018-05-11 16:47 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-06-12 14:57 - 2018-05-11 16:40 - 001363968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-12 14:57 - 2018-05-11 16:31 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
2018-06-12 14:57 - 2018-05-11 16:31 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-06-12 14:57 - 2018-05-11 16:31 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2018-06-12 14:57 - 2018-05-11 16:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-12 14:57 - 2018-05-11 16:29 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2018-06-12 14:57 - 2018-05-11 16:29 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2018-06-12 14:57 - 2018-05-11 16:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2018-06-12 14:57 - 2018-05-11 16:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-06-12 14:57 - 2018-05-11 16:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-06-12 14:57 - 2018-05-11 16:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2018-06-12 14:57 - 2018-05-11 16:26 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-12 18:03 - 2017-12-07 21:35 - 000199699 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-07-12 17:57 - 2017-09-25 11:36 - 000002315 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2018-07-12 16:59 - 2018-02-02 04:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-12 16:05 - 2018-02-02 04:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2018-07-12 16:05 - 2017-07-11 20:40 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2018-07-12 16:05 - 2017-07-11 20:40 - 000001198 _____ C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2018-07-12 11:34 - 2018-02-02 04:30 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7E7F596B-AAC6-435F-B4E6-35ACBDC689CA}
2018-07-12 11:16 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-07-12 11:15 - 2017-10-01 01:20 - 000000000 ____D C:\Program Files\rempl
2018-07-11 12:34 - 2018-02-01 18:41 - 000000000 ___DC C:\WINDOWS\Panther
2018-07-11 12:33 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-07-11 12:17 - 2018-02-02 04:29 - 000099063 _____ C:\WINDOWS\diagwrn.xml
2018-07-11 12:17 - 2018-02-02 04:29 - 000099063 _____ C:\WINDOWS\diagerr.xml
2018-07-11 11:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\registration
2018-07-11 11:08 - 2018-04-12 05:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-07-11 10:49 - 2018-06-03 07:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-11 10:49 - 2018-06-02 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-07-11 10:49 - 2018-04-10 08:53 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-07-11 10:49 - 2018-04-08 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Thumbnails
2018-07-11 10:49 - 2018-04-04 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-11 10:49 - 2018-03-28 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
2018-07-11 10:49 - 2018-02-02 04:13 - 000000000 ____D C:\Users\Dad
2018-07-11 10:49 - 2018-01-01 10:33 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2018-07-11 10:49 - 2017-10-20 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-07-11 10:49 - 2017-10-09 03:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-07-11 10:49 - 2017-10-08 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-07-11 10:49 - 2017-08-19 00:43 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
2018-07-11 10:49 - 2017-08-18 23:37 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk
2018-07-11 10:49 - 2017-06-14 07:36 - 000000000 ____D C:\Program Files\UNP
2018-07-11 10:49 - 2017-06-06 02:28 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dwyco CDC-X
2018-07-11 10:49 - 2017-06-05 02:11 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-07-11 10:49 - 2017-06-05 00:57 - 000000000 ____D C:\Program Files\Common Files\logishrd
2018-07-11 10:49 - 2015-12-31 12:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-11 09:37 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-11 09:17 - 2018-02-02 04:30 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-07-11 08:19 - 2018-02-02 04:29 - 002274076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-11 07:56 - 2018-02-02 04:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-11 07:10 - 2017-06-04 23:32 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-07-11 03:13 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-11 03:03 - 2017-06-06 01:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 03:00 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-11 03:00 - 2017-06-06 01:21 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-11 00:06 - 2017-08-18 04:20 - 000000000 ____D C:\Users\Dad\Desktop\NCH Recordings
2018-07-10 18:22 - 2018-06-08 22:10 - 009589248 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-07-10 18:22 - 2018-03-16 02:19 - 000004570 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-07 13:02 - 2017-06-12 15:50 - 000000000 ____D C:\Users\Dad\AppData\Local\ElevatedDiagnostics
2018-07-05 22:33 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-07-01 23:05 - 2017-11-29 18:39 - 000000000 ____D C:\Users\Dad\Downloads\New folder 2017
2018-06-28 19:46 - 2018-05-08 17:05 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-28 19:46 - 2018-05-08 17:05 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-26 13:50 - 2018-05-16 22:12 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-26 13:50 - 2017-06-19 13:37 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 13:06 - 2018-03-04 19:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-22 03:55 - 2018-02-25 22:12 - 000000000 ____D C:\Users\Dad\AppData\Local\CrashDumps
2018-06-22 01:27 - 2015-12-31 12:53 - 000000000 __RDL C:\Users\Dad\OneDrive
2018-06-22 01:20 - 2018-02-02 04:30 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2107755742-302254199-1763176924-1001
2018-06-22 01:20 - 2017-06-04 23:52 - 000002364 _____ C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-21 23:01 - 2018-06-04 20:30 - 000000000 ____D C:\Users\Dad\Desktop\raymarine
2018-06-16 07:23 - 2017-08-08 16:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-15 06:33 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2018-06-15 03:39 - 2017-12-06 23:43 - 109430784 _____ C:\Users\Dad\Documents\dwyco-backup-diff-54614d2d0d4ce1a22951.sql
2018-06-15 03:39 - 2017-12-06 23:43 - 109430784 _____ C:\Users\Dad\Documents\dwyco-backup-diff-54614d2d0d4ce1a22951.old.sql
2018-06-13 21:53 - 2018-05-17 04:45 - 000001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-06-13 21:53 - 2018-03-22 00:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-13 21:53 - 2017-08-08 16:03 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-06-12 18:36 - 2018-02-02 10:35 - 000000000 ___RD C:\Users\Dad\3D Objects
2018-06-12 18:11 - 2018-02-02 04:09 - 000231096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-12 18:09 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-12 16:50 - 2016-11-26 05:03 - 000000000 ____D C:\Users\Dad\AppData\LocalLow\Mozilla
2018-06-12 15:07 - 2017-10-12 10:52 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
==================== Files in the root of some directories =======
2017-06-06 00:45 - 2018-05-02 12:15 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.1.txt
2017-06-06 00:45 - 2017-06-06 00:56 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.2.txt
2017-06-06 00:45 - 2017-06-06 00:45 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.3.txt
2017-06-06 00:45 - 2018-05-22 08:40 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt
2017-06-06 00:45 - 2018-05-22 08:40 - 000000000 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2018-04-10 01:22 - 2018-04-10 01:22 - 000000875 _____ () C:\Users\Dad\AppData\Local\recently-used.xbel
2018-02-09 20:50 - 2018-02-09 20:50 - 000000003 _____ () C:\Users\Dad\AppData\Local\updater.log
2018-02-09 20:50 - 2018-02-12 05:33 - 000000059 _____ () C:\Users\Dad\AppData\Local\UserProducts.xml
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-07-05 03:32
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Dad (12-07-2018 18:04:27)
Running from C:\Users\Dad\Desktop
Windows 10 Home Version 1709 16299.492 (X64) (2018-02-02 09:33:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2107755742-302254199-1763176924-500 - Administrator - Disabled)
Dad (S-1-5-21-2107755742-302254199-1763176924-1001 - Administrator - Enabled) => C:\Users\Dad
DefaultAccount (S-1-5-21-2107755742-302254199-1763176924-503 - Limited - Disabled)
Guest (S-1-5-21-2107755742-302254199-1763176924-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2107755742-302254199-1763176924-1005 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2107755742-302254199-1763176924-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Dwyco CDC-X version 2.17 (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Dwyco CDC-X_is1) (Version: 2.17 - Dwyco, Inc.)
Easy Thumbnails (Remove only) (HKLM-x32\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
iTunes (HKLM\...\{BE065D5C-5EB5-4F39-A112-32897C297935}) (Version: 12.7.5.9 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Firefox 60.0.1 ESR (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.1 ESR (x64 en-US)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
Paltalk (HKLM-x32\...\Paltalk) (Version: - )
Paltalk Messenger 11.8 (HKLM-x32\...\Paltalk Messenger) (Version: 11.8.667.17975 - AVM Software Inc.)
QuickBooks Online Edition Utilities V11 (HKLM-x32\...\{06346CB3-EB19-4CD8-8DDC-3C46EA2785A0}) (Version: 1.0.0 - Intuit)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 4.01 - NCH Software)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.19 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.13 - NCH Software)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18E61CDA-83AA-49D1-943F-14A92ECCD261} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {2346F721-A9D9-4A64-8DA2-AE86F27DE23A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2430C92A-CB91-4DF8-AE98-2F6BD8F956DB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {37F4D2E2-0574-4037-BD0A-94B879EBF583} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.)
Task: {3E5733FD-B96F-4498-BBC5-C6B7B122EB21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {491AB039-0341-4956-83F6-3106AC11F233} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {53C8437B-28E0-48F0-A635-6F9032372A86} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-06-28] (Microsoft Corporation)
Task: {659E516D-2DA0-44B1-84E9-C151948C49B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {6F6B5D80-9EB5-48ED-8769-6ACD7E5630A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {7D738910-14A4-4408-9B42-521F259B2A0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-15] (Piriform Ltd)
Task: {90410327-3FDA-489E-A835-D72B23D4D45D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
Task: {97B74E30-A850-4CEC-B3D3-9D3044D7DCA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {B0503919-9EAF-478E-8474-B463F64F275A} - System32\Tasks\update-S-1-5-21-2107755742-302254199-1763176924-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {B219E19E-CAFB-4F29-A867-9D6948A8DCBB} - System32\Tasks\NCH Software\WavePadSevenDays => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe [2018-06-21] (NCH Software)
Task: {B7FE982C-F16F-4351-9D5A-8997CAA17840} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {C876E438-10C0-4240-B01C-36D655881E82} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-15] (Piriform Ltd)
Task: {E749E9EF-2C90-421D-A2AA-D920463EEED4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2107755742-302254199-1763176924-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk\Remove settings.lnk -> C:\Program Files (x86)\Paltalk\ng_clean_settings.bat ()
==================== Loaded Modules (Whitelisted) ==============
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-15 03:14 - 2018-06-10 02:53 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-12 14:58 - 2018-06-08 01:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-12 14:58 - 2018-06-08 00:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123simsen.com -> www.123simsen.com
There are 7936 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-06-05 02:11 - 2018-05-24 23:24 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dad\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20180626_061637.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "World of Tanks"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{8CCAC849-70E3-46E5-917C-BC8AF033E480}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{75A45EA3-8F6E-40A6-ABEA-BEE725167883}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AB709A6E-44BB-49AD-8FD6-4C5F1FC92929}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6212E99-160B-4688-8CBA-D7A12F5EC108}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F3B37680-C314-40B7-BC39-16EEDE3EF147}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46B65E1E-BEDF-4DC5-9D92-8D74D4F9F47D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{D040F650-7821-46C1-B3E2-FC21FE4540A8}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [TCP Query User{003B7E6E-80BD-439B-8A70-857B9C41445E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{E97CF5CC-E875-4413-AF67-EA0BDE39744F}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [TCP Query User{652BCC34-0101-42ED-8CFC-BDF4E367733E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
FirewallRules: [UDP Query User{CA8FC303-D0A8-43A6-84C6-54CAC9CA4FC0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{3BB79B1F-5EAF-409D-9277-3D93CF6A5BBB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D6644C78-5BEB-4F4F-ADF4-0DFCEECD800B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{DDA1ECFF-9C07-456F-AED1-E7E4ACC6DC69}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{3983567D-ABED-414F-8346-E716A1AC4AD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{842718F1-D799-4129-B411-C6AA75BCCAF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BEC79ECD-6681-4E93-B010-ADEB31358442}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{3B10229E-CDCB-4838-A588-A36298F46539}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{EE52C107-CFB0-4AB6-AB07-511083C515F1}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{0B8C3854-02F3-4873-8137-AA07C6AACD70}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{FE373094-A60A-41B7-AAB1-E8E73E51FDF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{48380C01-FCD2-4F6A-9B1C-67F99EA78734}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBDFAB83-DB28-46FF-ACAD-B9196138DC43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1C69D635-125C-45A4-8052-574907AB5E4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C43DEF9A-0D00-4861-9417-D955CE8D48A3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{962B321F-7152-4FBD-9B27-D42683404A59}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{6B0572D4-BCED-4BD1-9B3A-9CF6F68474AD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A734E6FD-D1B1-436C-8A73-8725E911EA94}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
11-07-2018 09:55:45 Windows Update
==================== Faulty Device Manager Devices =============
Name: Remote NDIS based Internet Sharing Device
Description: Remote NDIS based Internet Sharing Device
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: usbrndis6
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4969
Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4969
Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3688
Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3688
Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/12/2018 04:58:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2391
Error: (07/12/2018 04:58:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2391
System errors:
=============
Error: (07/11/2018 12:26:28 PM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.
Error: (07/11/2018 09:47:59 AM) (Source: DCOM) (EventID: 10010) (User: BRIDGES1)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca did not register with DCOM within the required timeout.
Error: (07/11/2018 09:36:29 AM) (Source: DCOM) (EventID: 10016) (User: BRIDGES1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user Bridges1\Dad SID (S-1-5-21-2107755742-302254199-1763176924-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (07/11/2018 08:16:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0xc1900101: Feature update to Windows 10, version 1803.
Error: (07/11/2018 07:56:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The sxuptp service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/11/2018 07:56:48 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: sxuptp.sys
Error: (07/11/2018 07:56:28 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
Error: (07/11/2018 03:13:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error:
This operation returned because the timeout period expired.
Windows Defender:
===================================
Date: 2018-07-11 12:56:39.488
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {523D745B-AA46-4F74-BD03-702A396F867B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-07-04 17:52:03.586
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9A184CF1-F7AF-4107-879B-CEFC2F8FDB63}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-23 09:21:24.292
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AE3E8476-5272-446E-81BC-A56434C5C171}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-22 06:55:27.277
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FFFD08B7-C968-4E99-B92E-BCB89E674834}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-18 10:04:05.144
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E15EFFB3-1213-4396-B6CB-4DF6B942C365}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-07-11 08:35:25.977
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.271.808.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15000.2
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-06-17 08:50:45.338
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1420.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-06-12 07:29:39.328
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.1109.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.
Date: 2018-06-09 21:37:55.650
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.945.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.
Date: 2018-06-04 20:02:16.262
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.625.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2018-06-03 07:04:14.015
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:14.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.993
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.985
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.946
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-03 07:04:13.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-02 03:13:47.581
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-02 03:13:43.027
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 49%
Total physical RAM: 6048.27 MB
Available physical RAM: 3041.29 MB
Total Virtual: 6432.27 MB
Available Virtual: 3052 MB
==================== Drives ================================
Drive c: (Gateway) (Fixed) (Total:918.41 GB) (Free:724.11 GB) NTFS
Drive d: (Recovery1) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
Drive e: (AT&T Velocity) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
\\?\Volume{1f74b045-50b1-11e1-94c3-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{1f74b044-50b1-11e1-94c3-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:13 GB) (Free:2.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5D81C09C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=918.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ==