Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: just started crashing and running extremely slow,

  1. #1
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    381

    Default just started crashing and running extremely slow,

    just now when i tried to run aswMRB it crashed and got a blue page saying it needed to run then it restarted

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
    Ran by Dad (administrator) on BRIDGES1 (12-07-2018 18:03:10)
    Running from C:\Users\Dad\Desktop
    Loaded Profiles: Dad (Available Profiles: Dad)
    Platform: Windows 10 Home Version 1709 16299.492 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Edge)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
    (AVM Software) C:\Program Files (x86)\Paltalk\update\pt_update_service.exe
    (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
    (Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
    (Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
    (Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
    (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
    (Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
    HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [BingSvc] => C:\Users\Dad\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364136 2018-05-15] (Piriform Ltd)
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
    Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2017-10-12]
    ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
    Startup: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2017-08-19]
    ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{4b213914-881c-4cd2-b83b-88424c186eef}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{840609af-911f-4c5e-a8eb-039c51d6f9ed}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{c9709154-fd6d-4b76-82af-c2d64867b8a8}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{df402617-2238-4387-82b5-8c59da1d4835}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-16] (Oracle Corporation)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-16] (Oracle Corporation)

    Edge:
    ======
    Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-03-15]

    FireFox:
    ========
    FF DefaultProfile: nnzgkec8.default
    FF ProfilePath: C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default [2018-07-12]
    FF Homepage: Mozilla\Firefox\Profiles\nnzgkec8.default -> www.yahoo.com
    FF Extension: (Unbranded Search Test) - C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default\Extensions\unbrandedsearchtest132@mozilla.com.xpi [2018-03-28] [Legacy]
    FF Extension: (ArcadeGala) - C:\Users\Dad\AppData\Roaming\Mozilla\Firefox\Profiles\nnzgkec8.default\Extensions\{b40e5bcd-5966-424f-8a15-6ecc3dba050a}.xpi [2018-07-06]
    FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-12-19] [Legacy] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] ()
    FF Plugin-x32: @flyordie.com/GamesPlugin -> C:\Program Files (x86)\Flyordie Plugin\npfod.dll [2017-08-08] (Solware)
    FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-16] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-16] (Oracle Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2007-11-27]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2007-11-27]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2007-11-27]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2007-11-27]

    Chrome:
    =======
    CHR HomePage: Default -> msn.com
    CHR Profile: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default [2018-06-05]
    CHR Extension: (Slides) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
    CHR Extension: (Docs) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
    CHR Extension: (Google Drive) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-19]
    CHR Extension: (YouTube) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-19]
    CHR Extension: (Myki Password Manager & Authenticator) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmikpgodpkclnkgmnpphehdgcimmided [2018-05-28]
    CHR Extension: (Sheets) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
    CHR Extension: (Google Docs Offline) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-19]
    CHR Extension: (Glossy Blue) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nheaocaplknjkpcnbadlgfpdfjaabiml [2017-11-17]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-22]
    CHR Extension: (Gmail) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-19]
    CHR Extension: (Chrome Media Router) - C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-22]
    CHR Profile: C:\Users\Dad\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-20]
    CHR HKU\S-1-5-21-2107755742-302254199-1763176924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
    R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
    R2 paltalk_update_service; C:\Program Files (x86)\Paltalk\update\pt_update_service.exe [1413608 2017-08-04] (AVM Software)
    R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [135816 2018-06-28] (Microsoft Corporation)
    R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (DEVGURU Co., LTD.)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-22] (Samsung Electronics Co., Ltd.)
    R3 easytether; C:\WINDOWS\System32\drivers\easytthrx.sys [22728 2015-11-22] (Mobile Stream)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-11] (Malwarebytes)
    R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-22] (Samsung Electronics Co., Ltd.)
    R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [53488 2018-05-22] ()
    S2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
    S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2018-03-15] (Microsoft Corporation)
    S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)
    R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-09-27] (Zemana Ltd.)
    S0 b06bdrv; System32\drivers\bxvbda.sys [X]
    S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-07-12 18:03 - 2018-07-12 18:04 - 000013733 _____ C:\Users\Dad\Desktop\FRST.txt
    2018-07-12 18:02 - 2018-07-12 18:03 - 000000000 ____D C:\FRST
    2018-07-12 18:00 - 2018-07-12 18:00 - 005198336 _____ (AVAST Software) C:\Users\Dad\Desktop\aswMBR.exe
    2018-07-12 17:58 - 2018-07-12 17:58 - 002412544 _____ (Farbar) C:\Users\Dad\Desktop\FRST64.exe
    2018-07-12 17:57 - 2018-07-12 17:58 - 000016281 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
    2018-07-12 17:56 - 2018-07-12 17:57 - 005766144 _____ (Tweaking.com) C:\Users\Dad\Downloads\tweaking.com_registry_backup_setup(1).exe
    2018-07-12 16:11 - 2018-07-12 16:11 - 000001223 _____ C:\Users\Dad\Desktop\stickhorsesdad.txt
    2018-07-12 16:05 - 2018-07-12 16:05 - 001367712 _____ (NCH Software) C:\Users\Dad\Downloads\WavePadAudioEditingSoftware.exe
    2018-07-03 16:34 - 2018-07-11 07:56 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2018-07-03 13:09 - 2018-07-03 13:20 - 585624510 _____ C:\Users\Dad\Downloads\Dragonfly_4_5_6_7_Pro_Web.zip
    2018-06-29 13:51 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
    2018-06-22 01:10 - 2017-05-22 04:20 - 000166288 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
    2018-06-22 01:10 - 2017-05-22 04:20 - 000131984 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
    2018-06-22 00:58 - 2018-06-22 00:58 - 000096096 _____ C:\Users\Dad\Downloads\serialnumberdetectiontool.exe
    2018-06-22 00:31 - 2017-05-22 04:20 - 000069120 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll
    2018-06-22 00:26 - 2018-06-22 00:27 - 041109664 _____ (Samsung Electronics) C:\Users\Dad\Downloads\SmartSwitchPC.exe
    2018-06-22 00:19 - 2018-06-22 00:20 - 031177024 _____ (Samsung Electronics Co., Ltd.) C:\Users\Dad\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_ver_1.5.65.0.exe
    2018-06-21 23:28 - 2018-06-21 23:29 - 015107071 _____ C:\Users\Dad\Downloads\Dragonfly-4, Dragonfly-5, Dragonfly-7 & Wi-Fish Installation and operation instructions 81358-3-EN(1).pdf
    2018-06-21 21:17 - 2018-06-21 21:17 - 000000000 ____D C:\ProgramData\Packages
    2018-06-13 21:49 - 2018-06-13 21:50 - 043322896 _____ C:\Users\Dad\Downloads\Firefox Setup 42.0.exe
    2018-06-12 14:58 - 2018-06-08 12:26 - 021754880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2018-06-12 14:58 - 2018-06-08 12:26 - 017084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2018-06-12 14:58 - 2018-06-08 12:03 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
    2018-06-12 14:58 - 2018-06-08 11:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
    2018-06-12 14:58 - 2018-06-08 11:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
    2018-06-12 14:58 - 2018-06-08 06:42 - 002491120 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
    2018-06-12 14:58 - 2018-06-08 06:41 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2018-06-12 14:58 - 2018-06-08 02:36 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2018-06-12 14:58 - 2018-06-08 02:36 - 000137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2018-06-12 14:58 - 2018-06-08 02:35 - 001093040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2018-06-12 14:58 - 2018-06-08 02:35 - 000924656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2018-06-12 14:58 - 2018-06-08 02:35 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2018-06-12 14:58 - 2018-06-08 02:35 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
    2018-06-12 14:58 - 2018-06-08 02:34 - 000748472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2018-06-12 14:58 - 2018-06-08 02:34 - 000423352 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2018-06-12 14:58 - 2018-06-08 02:33 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2018-06-12 14:58 - 2018-06-08 02:33 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2018-06-12 14:58 - 2018-06-08 02:33 - 001056184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2018-06-12 14:58 - 2018-06-08 02:33 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2018-06-12 14:58 - 2018-06-08 02:33 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2018-06-12 14:58 - 2018-06-08 02:33 - 000269720 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
    2018-06-12 14:58 - 2018-06-08 02:33 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
    2018-06-12 14:58 - 2018-06-08 02:33 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2018-06-12 14:58 - 2018-06-08 02:32 - 001638432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2018-06-12 14:58 - 2018-06-08 02:32 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2018-06-12 14:58 - 2018-06-08 02:32 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2018-06-12 14:58 - 2018-06-08 02:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
    2018-06-12 14:58 - 2018-06-08 02:32 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2018-06-12 14:58 - 2018-06-08 02:30 - 008594848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2018-06-12 14:58 - 2018-06-08 02:30 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2018-06-12 14:58 - 2018-06-08 02:30 - 001953544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2018-06-12 14:58 - 2018-06-08 02:30 - 001416360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2018-06-12 14:58 - 2018-06-08 02:29 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2018-06-12 14:58 - 2018-06-08 02:29 - 001210272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2018-06-12 14:58 - 2018-06-08 02:27 - 001173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2018-06-12 14:58 - 2018-06-08 02:27 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
    2018-06-12 14:58 - 2018-06-08 02:26 - 000712456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2018-06-12 14:58 - 2018-06-08 02:26 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2018-06-12 14:58 - 2018-06-08 02:25 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2018-06-12 14:58 - 2018-06-08 02:25 - 000525728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
    2018-06-12 14:58 - 2018-06-08 02:24 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2018-06-12 14:58 - 2018-06-08 02:24 - 006282280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2018-06-12 14:58 - 2018-06-08 02:24 - 003009736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2018-06-12 14:58 - 2018-06-08 02:24 - 002711248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2018-06-12 14:58 - 2018-06-08 02:24 - 001488288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2018-06-12 14:58 - 2018-06-08 02:24 - 001029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2018-06-12 14:58 - 2018-06-08 02:24 - 000891808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2018-06-12 14:58 - 2018-06-08 02:24 - 000247712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2018-06-12 14:58 - 2018-06-08 02:23 - 021357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2018-06-12 14:58 - 2018-06-08 02:23 - 004486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2018-06-12 14:58 - 2018-06-08 02:23 - 002472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
    2018-06-12 14:58 - 2018-06-08 02:23 - 002412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2018-06-12 14:58 - 2018-06-08 02:23 - 000824904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2018-06-12 14:58 - 2018-06-08 02:23 - 000706464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
    2018-06-12 14:58 - 2018-06-08 02:23 - 000677304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2018-06-12 14:58 - 2018-06-08 02:23 - 000137552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2018-06-12 14:58 - 2018-06-08 02:22 - 006791992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2018-06-12 14:58 - 2018-06-08 02:22 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2018-06-12 14:58 - 2018-06-08 02:22 - 001269640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2018-06-12 14:58 - 2018-06-08 02:22 - 000688072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2018-06-12 14:58 - 2018-06-08 02:22 - 000093624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2018-06-12 14:58 - 2018-06-08 02:21 - 007385096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2018-06-12 14:58 - 2018-06-08 02:21 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2018-06-12 14:58 - 2018-06-08 02:21 - 001779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2018-06-12 14:58 - 2018-06-08 02:21 - 000594080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2018-06-12 14:58 - 2018-06-08 02:21 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2018-06-12 14:58 - 2018-06-08 02:20 - 001101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2018-06-12 14:58 - 2018-06-08 01:26 - 025256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2018-06-12 14:58 - 2018-06-08 01:21 - 001931256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2018-06-12 14:58 - 2018-06-08 01:21 - 001614168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2018-06-12 14:58 - 2018-06-08 01:21 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2018-06-12 14:58 - 2018-06-08 01:19 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2018-06-12 14:58 - 2018-06-08 01:18 - 000212920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2018-06-12 14:58 - 2018-06-08 01:18 - 000097160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2018-06-12 14:58 - 2018-06-08 01:10 - 003485400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2018-06-12 14:58 - 2018-06-08 01:10 - 002338272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2018-06-12 14:58 - 2018-06-08 01:10 - 001124768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
    2018-06-12 14:58 - 2018-06-08 01:09 - 017161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2018-06-12 14:58 - 2018-06-08 01:09 - 006092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2018-06-12 14:58 - 2018-06-08 01:09 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2018-06-12 14:58 - 2018-06-08 01:09 - 000791968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2018-06-12 14:58 - 2018-06-08 01:09 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2018-06-12 14:58 - 2018-06-08 01:09 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
    2018-06-12 14:58 - 2018-06-08 01:08 - 020290256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2018-06-12 14:58 - 2018-06-08 01:08 - 003979696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2018-06-12 14:58 - 2018-06-08 01:08 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2018-06-12 14:58 - 2018-06-08 01:08 - 001990672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2018-06-12 14:58 - 2018-06-08 01:08 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2018-06-12 14:58 - 2018-06-08 01:07 - 002386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2018-06-12 14:58 - 2018-06-08 01:07 - 000975360 _____ C:\WINDOWS\system32\FaceProcessor.dll
    2018-06-12 14:58 - 2018-06-08 01:07 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2018-06-12 14:58 - 2018-06-08 01:07 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2018-06-12 14:58 - 2018-06-08 01:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2018-06-12 14:58 - 2018-06-08 01:07 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2018-06-12 14:58 - 2018-06-08 01:07 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
    2018-06-12 14:58 - 2018-06-08 01:06 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2018-06-12 14:58 - 2018-06-08 01:06 - 006015208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2018-06-12 14:58 - 2018-06-08 01:06 - 004668688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2018-06-12 14:58 - 2018-06-08 01:06 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2018-06-12 14:58 - 2018-06-08 01:06 - 001524784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2018-06-12 14:58 - 2018-06-08 01:06 - 000551696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2018-06-12 14:58 - 2018-06-08 01:06 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
    2018-06-12 14:58 - 2018-06-08 01:05 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
    2018-06-12 14:58 - 2018-06-08 01:04 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2018-06-12 14:58 - 2018-06-08 01:04 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2018-06-12 14:58 - 2018-06-08 01:04 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
    2018-06-12 14:58 - 2018-06-08 01:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2018-06-12 14:58 - 2018-06-08 01:03 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2018-06-12 14:58 - 2018-06-08 01:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2018-06-12 14:58 - 2018-06-08 01:02 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2018-06-12 14:58 - 2018-06-08 01:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2018-06-12 14:58 - 2018-06-08 01:02 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2018-06-12 14:58 - 2018-06-08 01:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2018-06-12 14:58 - 2018-06-08 01:02 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2018-06-12 14:58 - 2018-06-08 01:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
    2018-06-12 14:58 - 2018-06-08 01:01 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2018-06-12 14:58 - 2018-06-08 01:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
    2018-06-12 14:58 - 2018-06-08 01:01 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2018-06-12 14:58 - 2018-06-08 01:01 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2018-06-12 14:58 - 2018-06-08 01:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2018-06-12 14:58 - 2018-06-08 01:00 - 012833792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2018-06-12 14:58 - 2018-06-08 01:00 - 003180032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2018-06-12 14:58 - 2018-06-08 01:00 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2018-06-12 14:58 - 2018-06-08 01:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
    2018-06-12 14:58 - 2018-06-08 01:00 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2018-06-12 14:58 - 2018-06-08 00:59 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2018-06-12 14:58 - 2018-06-08 00:59 - 003124224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
    2018-06-12 14:58 - 2018-06-08 00:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
    2018-06-12 14:58 - 2018-06-08 00:59 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2018-06-12 14:58 - 2018-06-08 00:58 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2018-06-12 14:58 - 2018-06-08 00:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2018-06-12 14:58 - 2018-06-08 00:58 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2018-06-12 14:58 - 2018-06-08 00:58 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2018-06-12 14:58 - 2018-06-08 00:58 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2018-06-12 14:58 - 2018-06-08 00:58 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2018-06-12 14:58 - 2018-06-08 00:57 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2018-06-12 14:58 - 2018-06-08 00:57 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2018-06-12 14:58 - 2018-06-08 00:57 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2018-06-12 14:58 - 2018-06-08 00:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2018-06-12 14:58 - 2018-06-08 00:57 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2018-06-12 14:58 - 2018-06-08 00:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2018-06-12 14:58 - 2018-06-08 00:57 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2018-06-12 14:58 - 2018-06-08 00:56 - 002528768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2018-06-12 14:58 - 2018-06-08 00:56 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2018-06-12 14:58 - 2018-06-08 00:55 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
    2018-06-12 14:58 - 2018-06-08 00:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
    2018-06-12 14:58 - 2018-06-08 00:52 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
    2018-06-12 14:58 - 2018-06-08 00:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2018-06-12 14:58 - 2018-06-08 00:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2018-06-12 14:58 - 2018-06-08 00:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2018-06-12 14:58 - 2018-06-08 00:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
    2018-06-12 14:58 - 2018-06-08 00:45 - 018930688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2018-06-12 14:58 - 2018-06-08 00:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
    2018-06-12 14:58 - 2018-06-08 00:44 - 019358720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2018-06-12 14:58 - 2018-06-08 00:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2018-06-12 14:58 - 2018-06-08 00:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2018-06-12 14:58 - 2018-06-08 00:43 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2018-06-12 14:58 - 2018-06-08 00:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2018-06-12 14:58 - 2018-06-08 00:41 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2018-06-12 14:58 - 2018-06-08 00:41 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2018-06-12 14:58 - 2018-06-08 00:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2018-06-12 14:58 - 2018-06-08 00:41 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2018-06-12 14:58 - 2018-06-08 00:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2018-06-12 14:58 - 2018-06-08 00:40 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2018-06-12 14:58 - 2018-06-08 00:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2018-06-12 14:58 - 2018-06-08 00:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
    2018-06-12 14:58 - 2018-06-08 00:39 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
    2018-06-12 14:58 - 2018-06-08 00:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2018-06-12 14:58 - 2018-06-08 00:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
    2018-06-12 14:58 - 2018-06-08 00:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2018-06-12 14:58 - 2018-06-08 00:38 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2018-06-12 14:58 - 2018-06-08 00:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2018-06-12 14:58 - 2018-06-08 00:36 - 006060032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2018-06-12 14:58 - 2018-06-08 00:36 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2018-06-12 14:58 - 2018-06-08 00:35 - 007812608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2018-06-12 14:58 - 2018-06-08 00:35 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2018-06-12 14:58 - 2018-06-08 00:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2018-06-12 14:58 - 2018-06-08 00:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2018-06-12 14:58 - 2018-06-08 00:35 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2018-06-12 14:58 - 2018-06-08 00:35 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2018-06-12 14:58 - 2018-06-08 00:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2018-06-12 14:58 - 2018-05-12 08:57 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
    2018-06-12 14:58 - 2018-05-12 08:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
    2018-06-12 14:58 - 2018-05-12 08:55 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
    2018-06-12 14:58 - 2018-05-12 08:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
    2018-06-12 14:58 - 2018-05-11 18:15 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
    2018-06-12 14:58 - 2018-05-11 18:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2018-06-12 14:58 - 2018-05-11 18:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
    2018-06-12 14:58 - 2018-05-11 18:10 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2018-06-12 14:58 - 2018-05-11 18:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2018-06-12 14:58 - 2018-05-11 18:10 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2018-06-12 14:58 - 2018-05-11 18:09 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
    2018-06-12 14:58 - 2018-05-11 18:09 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2018-06-12 14:58 - 2018-05-11 18:08 - 000428440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2018-06-12 14:58 - 2018-05-11 18:08 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2018-06-12 14:58 - 2018-05-11 18:07 - 002711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2018-06-12 14:58 - 2018-05-11 18:07 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2018-06-12 14:58 - 2018-05-11 18:07 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2018-06-12 14:58 - 2018-05-11 18:05 - 000616792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2018-06-12 14:58 - 2018-05-11 16:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2018-06-12 14:58 - 2018-05-11 16:53 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2018-06-12 14:58 - 2018-05-11 16:53 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2018-06-12 14:58 - 2018-05-11 16:53 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2018-06-12 14:58 - 2018-05-11 16:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
    2018-06-12 14:58 - 2018-05-11 16:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
    2018-06-12 14:58 - 2018-05-11 16:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
    2018-06-12 14:58 - 2018-05-11 16:48 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2018-06-12 14:58 - 2018-05-11 16:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
    2018-06-12 14:58 - 2018-05-11 16:47 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2018-06-12 14:58 - 2018-05-11 16:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2018-06-12 14:58 - 2018-05-11 16:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2018-06-12 14:58 - 2018-05-11 16:45 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2018-06-12 14:58 - 2018-05-11 16:44 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2018-06-12 14:58 - 2018-05-11 16:42 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2018-06-12 14:58 - 2018-05-11 16:41 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2018-06-12 14:58 - 2018-05-11 16:40 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2018-06-12 14:58 - 2018-05-11 16:39 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
    2018-06-12 14:58 - 2018-05-11 16:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
    2018-06-12 14:58 - 2018-05-11 16:33 - 002762752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2018-06-12 14:58 - 2018-05-11 16:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2018-06-12 14:58 - 2018-05-11 16:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
    2018-06-12 14:58 - 2018-05-11 16:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2018-06-12 14:58 - 2018-05-11 16:20 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
    2018-06-12 14:58 - 2018-05-11 16:20 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
    2018-06-12 14:58 - 2018-05-11 16:19 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
    2018-06-12 14:57 - 2018-06-08 02:29 - 001849760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
    2018-06-12 14:57 - 2018-06-08 02:29 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
    2018-06-12 14:57 - 2018-06-08 02:29 - 000028576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
    2018-06-12 14:57 - 2018-06-08 02:24 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2018-06-12 14:57 - 2018-06-08 02:22 - 001358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
    2018-06-12 14:57 - 2018-06-08 02:22 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
    2018-06-12 14:57 - 2018-06-08 02:21 - 001206104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2018-06-12 14:57 - 2018-06-08 01:09 - 002993728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2018-06-12 14:57 - 2018-06-08 01:09 - 000832952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2018-06-12 14:57 - 2018-06-08 01:08 - 001075984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
    2018-06-12 14:57 - 2018-06-08 01:08 - 000640024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2018-06-12 14:57 - 2018-06-08 01:07 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
    2018-06-12 14:57 - 2018-06-08 01:06 - 001131696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2018-06-12 14:57 - 2018-06-08 01:06 - 000129208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2018-06-12 14:57 - 2018-06-08 01:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
    2018-06-12 14:57 - 2018-06-08 01:05 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
    2018-06-12 14:57 - 2018-06-08 01:05 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanelExternalHook.dll
    2018-06-12 14:57 - 2018-06-08 01:04 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2018-06-12 14:57 - 2018-06-08 01:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
    2018-06-12 14:57 - 2018-06-08 01:03 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2018-06-12 14:57 - 2018-06-08 01:01 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2018-06-12 14:57 - 2018-06-08 01:01 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
    2018-06-12 14:57 - 2018-06-08 01:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
    2018-06-12 14:57 - 2018-06-08 00:59 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2018-06-12 14:57 - 2018-06-08 00:59 - 001116672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2018-06-12 14:57 - 2018-06-08 00:59 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2018-06-12 14:57 - 2018-06-08 00:59 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2018-06-12 14:57 - 2018-06-08 00:57 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2018-06-12 14:57 - 2018-06-08 00:57 - 001135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2018-06-12 14:57 - 2018-06-08 00:56 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
    2018-06-12 14:57 - 2018-06-08 00:53 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2018-06-12 14:57 - 2018-06-08 00:52 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
    2018-06-12 14:57 - 2018-06-08 00:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2018-06-12 14:57 - 2018-06-08 00:40 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2018-06-12 14:57 - 2018-06-08 00:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2018-06-12 14:57 - 2018-06-08 00:39 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
    2018-06-12 14:57 - 2018-06-08 00:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
    2018-06-12 14:57 - 2018-06-08 00:35 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2018-06-12 14:57 - 2018-06-08 00:35 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2018-06-12 14:57 - 2018-06-08 00:35 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
    2018-06-12 14:57 - 2018-06-08 00:34 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
    2018-06-12 14:57 - 2018-05-12 08:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
    2018-06-12 14:57 - 2018-05-12 08:52 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
    2018-06-12 14:57 - 2018-05-12 08:52 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
    2018-06-12 14:57 - 2018-05-11 18:15 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
    2018-06-12 14:57 - 2018-05-11 18:08 - 000757792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2018-06-12 14:57 - 2018-05-11 18:07 - 001084736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
    2018-06-12 14:57 - 2018-05-11 16:54 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2018-06-12 14:57 - 2018-05-11 16:53 - 001033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
    2018-06-12 14:57 - 2018-05-11 16:52 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
    2018-06-12 14:57 - 2018-05-11 16:52 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
    2018-06-12 14:57 - 2018-05-11 16:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
    2018-06-12 14:57 - 2018-05-11 16:50 - 002186240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
    2018-06-12 14:57 - 2018-05-11 16:50 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
    2018-06-12 14:57 - 2018-05-11 16:50 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
    2018-06-12 14:57 - 2018-05-11 16:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2018-06-12 14:57 - 2018-05-11 16:49 - 001685504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
    2018-06-12 14:57 - 2018-05-11 16:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
    2018-06-12 14:57 - 2018-05-11 16:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
    2018-06-12 14:57 - 2018-05-11 16:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
    2018-06-12 14:57 - 2018-05-11 16:47 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
    2018-06-12 14:57 - 2018-05-11 16:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
    2018-06-12 14:57 - 2018-05-11 16:47 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
    2018-06-12 14:57 - 2018-05-11 16:40 - 001363968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2018-06-12 14:57 - 2018-05-11 16:31 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
    2018-06-12 14:57 - 2018-05-11 16:31 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
    2018-06-12 14:57 - 2018-05-11 16:31 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
    2018-06-12 14:57 - 2018-05-11 16:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2018-06-12 14:57 - 2018-05-11 16:29 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
    2018-06-12 14:57 - 2018-05-11 16:29 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
    2018-06-12 14:57 - 2018-05-11 16:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
    2018-06-12 14:57 - 2018-05-11 16:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
    2018-06-12 14:57 - 2018-05-11 16:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
    2018-06-12 14:57 - 2018-05-11 16:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
    2018-06-12 14:57 - 2018-05-11 16:26 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-07-12 18:03 - 2017-12-07 21:35 - 000199699 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
    2018-07-12 17:57 - 2017-09-25 11:36 - 000002315 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2018-07-12 16:59 - 2018-02-02 04:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2018-07-12 16:05 - 2018-02-02 04:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
    2018-07-12 16:05 - 2017-07-11 20:40 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
    2018-07-12 16:05 - 2017-07-11 20:40 - 000001198 _____ C:\Users\Public\Desktop\WavePad Sound Editor.lnk
    2018-07-12 11:34 - 2018-02-02 04:30 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7E7F596B-AAC6-435F-B4E6-35ACBDC689CA}
    2018-07-12 11:16 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
    2018-07-12 11:15 - 2017-10-01 01:20 - 000000000 ____D C:\Program Files\rempl
    2018-07-11 12:34 - 2018-02-01 18:41 - 000000000 ___DC C:\WINDOWS\Panther
    2018-07-11 12:33 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
    2018-07-11 12:17 - 2018-02-02 04:29 - 000099063 _____ C:\WINDOWS\diagwrn.xml
    2018-07-11 12:17 - 2018-02-02 04:29 - 000099063 _____ C:\WINDOWS\diagerr.xml
    2018-07-11 11:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\registration
    2018-07-11 11:08 - 2018-04-12 05:19 - 000000000 ___HD C:\$WINDOWS.~BT
    2018-07-11 10:49 - 2018-06-03 07:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2018-07-11 10:49 - 2018-06-02 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2018-07-11 10:49 - 2018-04-10 08:53 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
    2018-07-11 10:49 - 2018-04-08 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Thumbnails
    2018-07-11 10:49 - 2018-04-04 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2018-07-11 10:49 - 2018-03-28 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
    2018-07-11 10:49 - 2018-02-02 04:13 - 000000000 ____D C:\Users\Dad
    2018-07-11 10:49 - 2018-01-01 10:33 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
    2018-07-11 10:49 - 2017-10-20 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2018-07-11 10:49 - 2017-10-09 03:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2018-07-11 10:49 - 2017-10-08 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2018-07-11 10:49 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2018-07-11 10:49 - 2017-08-19 00:43 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
    2018-07-11 10:49 - 2017-08-18 23:37 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk
    2018-07-11 10:49 - 2017-06-14 07:36 - 000000000 ____D C:\Program Files\UNP
    2018-07-11 10:49 - 2017-06-06 02:28 - 000000000 ____D C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dwyco CDC-X
    2018-07-11 10:49 - 2017-06-05 02:11 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
    2018-07-11 10:49 - 2017-06-05 00:57 - 000000000 ____D C:\Program Files\Common Files\logishrd
    2018-07-11 10:49 - 2015-12-31 12:50 - 000000000 __RHD C:\Users\Public\AccountPictures
    2018-07-11 09:37 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
    2018-07-11 09:17 - 2018-02-02 04:30 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
    2018-07-11 08:19 - 2018-02-02 04:29 - 002274076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2018-07-11 07:56 - 2018-02-02 04:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2018-07-11 07:10 - 2017-06-04 23:32 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
    2018-07-11 03:13 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2018-07-11 03:03 - 2017-06-06 01:21 - 000000000 ____D C:\WINDOWS\system32\MRT
    2018-07-11 03:00 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2018-07-11 03:00 - 2017-06-06 01:21 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2018-07-11 00:06 - 2017-08-18 04:20 - 000000000 ____D C:\Users\Dad\Desktop\NCH Recordings
    2018-07-10 18:22 - 2018-06-08 22:10 - 009589248 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
    2018-07-10 18:22 - 2018-03-16 02:19 - 000004570 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2018-07-07 13:02 - 2017-06-12 15:50 - 000000000 ____D C:\Users\Dad\AppData\Local\ElevatedDiagnostics
    2018-07-05 22:33 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2018-07-01 23:05 - 2017-11-29 18:39 - 000000000 ____D C:\Users\Dad\Downloads\New folder 2017
    2018-06-28 19:46 - 2018-05-08 17:05 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2018-06-28 19:46 - 2018-05-08 17:05 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2018-06-26 13:50 - 2018-05-16 22:12 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2018-06-26 13:50 - 2017-06-19 13:37 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-06-26 13:06 - 2018-03-04 19:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2018-06-22 03:55 - 2018-02-25 22:12 - 000000000 ____D C:\Users\Dad\AppData\Local\CrashDumps
    2018-06-22 01:27 - 2015-12-31 12:53 - 000000000 __RDL C:\Users\Dad\OneDrive
    2018-06-22 01:20 - 2018-02-02 04:30 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2107755742-302254199-1763176924-1001
    2018-06-22 01:20 - 2017-06-04 23:52 - 000002364 _____ C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2018-06-21 23:01 - 2018-06-04 20:30 - 000000000 ____D C:\Users\Dad\Desktop\raymarine
    2018-06-16 07:23 - 2017-08-08 16:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-06-15 06:33 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
    2018-06-15 03:39 - 2017-12-06 23:43 - 109430784 _____ C:\Users\Dad\Documents\dwyco-backup-diff-54614d2d0d4ce1a22951.sql
    2018-06-15 03:39 - 2017-12-06 23:43 - 109430784 _____ C:\Users\Dad\Documents\dwyco-backup-diff-54614d2d0d4ce1a22951.old.sql
    2018-06-13 21:53 - 2018-05-17 04:45 - 000001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2018-06-13 21:53 - 2018-03-22 00:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2018-06-13 21:53 - 2017-08-08 16:03 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2018-06-12 18:36 - 2018-02-02 10:35 - 000000000 ___RD C:\Users\Dad\3D Objects
    2018-06-12 18:11 - 2018-02-02 04:09 - 000231096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
    2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
    2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2018-06-12 18:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2018-06-12 18:09 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
    2018-06-12 16:50 - 2016-11-26 05:03 - 000000000 ____D C:\Users\Dad\AppData\LocalLow\Mozilla
    2018-06-12 15:07 - 2017-10-12 10:52 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

    ==================== Files in the root of some directories =======

    2017-06-06 00:45 - 2018-05-02 12:15 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.1.txt
    2017-06-06 00:45 - 2017-06-06 00:56 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.2.txt
    2017-06-06 00:45 - 2017-06-06 00:45 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.3.txt
    2017-06-06 00:45 - 2018-05-22 08:40 - 000001167 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt
    2017-06-06 00:45 - 2018-05-22 08:40 - 000000000 _____ () C:\Users\Dad\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
    2018-04-10 01:22 - 2018-04-10 01:22 - 000000875 _____ () C:\Users\Dad\AppData\Local\recently-used.xbel
    2018-02-09 20:50 - 2018-02-09 20:50 - 000000003 _____ () C:\Users\Dad\AppData\Local\updater.log
    2018-02-09 20:50 - 2018-02-12 05:33 - 000000059 _____ () C:\Users\Dad\AppData\Local\UserProducts.xml

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-07-05 03:32

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
    Ran by Dad (12-07-2018 18:04:27)
    Running from C:\Users\Dad\Desktop
    Windows 10 Home Version 1709 16299.492 (X64) (2018-02-02 09:33:10)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2107755742-302254199-1763176924-500 - Administrator - Disabled)
    Dad (S-1-5-21-2107755742-302254199-1763176924-1001 - Administrator - Enabled) => C:\Users\Dad
    DefaultAccount (S-1-5-21-2107755742-302254199-1763176924-503 - Limited - Disabled)
    Guest (S-1-5-21-2107755742-302254199-1763176924-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2107755742-302254199-1763176924-1005 - Limited - Enabled)
    WDAGUtilityAccount (S-1-5-21-2107755742-302254199-1763176924-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
    ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
    Dwyco CDC-X version 2.17 (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\Dwyco CDC-X_is1) (Version: 2.17 - Dwyco, Inc.)
    Easy Thumbnails (Remove only) (HKLM-x32\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
    erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
    iTunes (HKLM\...\{BE065D5C-5EB5-4F39-A112-32897C297935}) (Version: 12.7.5.9 - Apple Inc.)
    Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
    Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
    Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
    Microsoft OneDrive (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
    Mozilla Firefox 60.0.1 ESR (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.1 ESR (x64 en-US)) (Version: 60.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
    Paltalk (HKLM-x32\...\Paltalk) (Version: - )
    Paltalk Messenger 11.8 (HKLM-x32\...\Paltalk Messenger) (Version: 11.8.667.17975 - AVM Software Inc.)
    QuickBooks Online Edition Utilities V11 (HKLM-x32\...\{06346CB3-EB19-4CD8-8DDC-3C46EA2785A0}) (Version: 1.0.0 - Intuit)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
    Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
    SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
    Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
    SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 4.01 - NCH Software)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
    Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.19 - Tweaking.com)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
    UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.13 - NCH Software)
    Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
    World of Tanks (HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
    ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {18E61CDA-83AA-49D1-943F-14A92ECCD261} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10] (Adobe Systems Incorporated)
    Task: {2346F721-A9D9-4A64-8DA2-AE86F27DE23A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
    Task: {2430C92A-CB91-4DF8-AE98-2F6BD8F956DB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
    Task: {37F4D2E2-0574-4037-BD0A-94B879EBF583} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.)
    Task: {3E5733FD-B96F-4498-BBC5-C6B7B122EB21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
    Task: {491AB039-0341-4956-83F6-3106AC11F233} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
    Task: {53C8437B-28E0-48F0-A635-6F9032372A86} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-06-28] (Microsoft Corporation)
    Task: {659E516D-2DA0-44B1-84E9-C151948C49B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
    Task: {6F6B5D80-9EB5-48ED-8769-6ACD7E5630A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
    Task: {7D738910-14A4-4408-9B42-521F259B2A0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-15] (Piriform Ltd)
    Task: {90410327-3FDA-489E-A835-D72B23D4D45D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated)
    Task: {97B74E30-A850-4CEC-B3D3-9D3044D7DCA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
    Task: {B0503919-9EAF-478E-8474-B463F64F275A} - System32\Tasks\update-S-1-5-21-2107755742-302254199-1763176924-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
    Task: {B219E19E-CAFB-4F29-A867-9D6948A8DCBB} - System32\Tasks\NCH Software\WavePadSevenDays => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe [2018-06-21] (NCH Software)
    Task: {B7FE982C-F16F-4351-9D5A-8997CAA17840} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
    Task: {C876E438-10C0-4240-B01C-36D655881E82} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-15] (Piriform Ltd)
    Task: {E749E9EF-2C90-421D-A2AA-D920463EEED4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-19] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
    Task: C:\WINDOWS\Tasks\update-S-1-5-21-2107755742-302254199-1763176924-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
    Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk\Remove settings.lnk -> C:\Program Files (x86)\Paltalk\ng_clean_settings.bat ()

    ==================== Loaded Modules (Whitelisted) ==============

    2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2018-03-15 03:14 - 2018-06-10 02:53 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2018-06-12 14:58 - 2018-06-08 01:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2018-06-12 14:58 - 2018-06-08 00:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
    2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
    2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\webcompanion.com -> hxxp://webcompanion.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\123simsen.com -> www.123simsen.com

    There are 7936 more sites.


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-06-05 02:11 - 2018-05-24 23:24 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dad\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20180626_061637.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run: => "ZAM"
    HKLM\...\StartupApproved\Run32: => "LWS"
    HKLM\...\StartupApproved\Run32: => "SDTray"
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "BingSvc"
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2107755742-302254199-1763176924-1001\...\StartupApproved\Run: => "World of Tanks"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{8CCAC849-70E3-46E5-917C-BC8AF033E480}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [{75A45EA3-8F6E-40A6-ABEA-BEE725167883}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{AB709A6E-44BB-49AD-8FD6-4C5F1FC92929}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{E6212E99-160B-4688-8CBA-D7A12F5EC108}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{F3B37680-C314-40B7-BC39-16EEDE3EF147}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{46B65E1E-BEDF-4DC5-9D92-8D74D4F9F47D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [UDP Query User{D040F650-7821-46C1-B3E2-FC21FE4540A8}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
    FirewallRules: [TCP Query User{003B7E6E-80BD-439B-8A70-857B9C41445E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
    FirewallRules: [UDP Query User{E97CF5CC-E875-4413-AF67-EA0BDE39744F}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
    FirewallRules: [TCP Query User{652BCC34-0101-42ED-8CFC-BDF4E367733E}C:\users\dad\documents\dwyco\cdc-x\cdcx.exe] => (Allow) C:\users\dad\documents\dwyco\cdc-x\cdcx.exe
    FirewallRules: [UDP Query User{CA8FC303-D0A8-43A6-84C6-54CAC9CA4FC0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{3BB79B1F-5EAF-409D-9277-3D93CF6A5BBB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{D6644C78-5BEB-4F4F-ADF4-0DFCEECD800B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
    FirewallRules: [TCP Query User{DDA1ECFF-9C07-456F-AED1-E7E4ACC6DC69}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
    FirewallRules: [{3983567D-ABED-414F-8346-E716A1AC4AD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{842718F1-D799-4129-B411-C6AA75BCCAF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{BEC79ECD-6681-4E93-B010-ADEB31358442}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
    FirewallRules: [{3B10229E-CDCB-4838-A588-A36298F46539}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
    FirewallRules: [{EE52C107-CFB0-4AB6-AB07-511083C515F1}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
    FirewallRules: [{0B8C3854-02F3-4873-8137-AA07C6AACD70}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
    FirewallRules: [{FE373094-A60A-41B7-AAB1-E8E73E51FDF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{48380C01-FCD2-4F6A-9B1C-67F99EA78734}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{EBDFAB83-DB28-46FF-ACAD-B9196138DC43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{1C69D635-125C-45A4-8052-574907AB5E4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{C43DEF9A-0D00-4861-9417-D955CE8D48A3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{962B321F-7152-4FBD-9B27-D42683404A59}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [{6B0572D4-BCED-4BD1-9B3A-9CF6F68474AD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{A734E6FD-D1B1-436C-8A73-8725E911EA94}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    11-07-2018 09:55:45 Windows Update

    ==================== Faulty Device Manager Devices =============

    Name: Remote NDIS based Internet Sharing Device
    Description: Remote NDIS based Internet Sharing Device
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: usbrndis6
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4969

    Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4969

    Error: (07/12/2018 04:58:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3688

    Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 3688

    Error: (07/12/2018 04:58:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (07/12/2018 04:58:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 2391

    Error: (07/12/2018 04:58:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 2391


    System errors:
    =============
    Error: (07/11/2018 12:26:28 PM) (Source: WinRM) (EventID: 10142) (User: )
    Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.

    Error: (07/11/2018 09:47:59 AM) (Source: DCOM) (EventID: 10010) (User: BRIDGES1)
    Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca did not register with DCOM within the required timeout.

    Error: (07/11/2018 09:36:29 AM) (Source: DCOM) (EventID: 10016) (User: BRIDGES1)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    and APPID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    to the user Bridges1\Dad SID (S-1-5-21-2107755742-302254199-1763176924-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

    Error: (07/11/2018 08:16:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0xc1900101: Feature update to Windows 10, version 1803.

    Error: (07/11/2018 07:56:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The sxuptp service failed to start due to the following error:
    This driver has been blocked from loading

    Error: (07/11/2018 07:56:48 AM) (Source: Application Popup) (EventID: 875) (User: )
    Description: sxuptp.sys

    Error: (07/11/2018 07:56:28 AM) (Source: volmgr) (EventID: 46) (User: )
    Description: Crash dump initialization failed!

    Error: (07/11/2018 03:13:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Update Orchestrator Service service terminated with the following error:
    This operation returned because the timeout period expired.


    Windows Defender:
    ===================================
    Date: 2018-07-11 12:56:39.488
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {523D745B-AA46-4F74-BD03-702A396F867B}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-07-04 17:52:03.586
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {9A184CF1-F7AF-4107-879B-CEFC2F8FDB63}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-06-23 09:21:24.292
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {AE3E8476-5272-446E-81BC-A56434C5C171}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-06-22 06:55:27.277
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {FFFD08B7-C968-4E99-B92E-BCB89E674834}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-06-18 10:04:05.144
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {E15EFFB3-1213-4396-B6CB-4DF6B942C365}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2018-07-11 08:35:25.977
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.271.808.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.15000.2
    Error code: 0x8024402c
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    Date: 2018-06-17 08:50:45.338
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.269.1420.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14901.4
    Error code: 0x8024402c
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    Date: 2018-06-12 07:29:39.328
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.269.1109.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14901.4
    Error code: 0x800704cf
    Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.

    Date: 2018-06-09 21:37:55.650
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.269.945.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14901.4
    Error code: 0x800704cf
    Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.

    Date: 2018-06-04 20:02:16.262
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.269.625.0
    Update Source: Microsoft Update Server
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.14901.4
    Error code: 0x8024402c
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    CodeIntegrity:
    ===================================

    Date: 2018-06-03 07:04:14.015
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-06-03 07:04:14.001
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-06-03 07:04:13.993
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-06-03 07:04:13.985
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-06-03 07:04:13.946
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-06-03 07:04:13.905
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-06-02 03:13:47.581
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    Date: 2018-06-02 03:13:43.027
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
    Percentage of memory in use: 49%
    Total physical RAM: 6048.27 MB
    Available physical RAM: 3041.29 MB
    Total Virtual: 6432.27 MB
    Available Virtual: 3052 MB

    ==================== Drives ================================

    Drive c: (Gateway) (Fixed) (Total:918.41 GB) (Free:724.11 GB) NTFS
    Drive d: (Recovery1) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
    Drive e: (AT&T Velocity) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS

    \\?\Volume{1f74b045-50b1-11e1-94c3-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
    \\?\Volume{1f74b044-50b1-11e1-94c3-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:13 GB) (Free:2.93 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 5D81C09C)
    Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=918.4 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ==

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Not seeing anything that would scream malware but do see errors related to Windows Defender and MalwareBytes
    Microsoft Update Server
    The network location cannot be reached.

    Have seen some people complain that windows update is causing problems recently.
    ~~
    Let's do a few quick checks to see if anything can be found.

    AdwCleaner - Fix Mode
    • Download AdwCleaner and move it to your Desktop
    • Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
    • Accept the EULA (I accept), then click on Scan
    • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
    • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
    • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


    RogueKiller
    • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
    • Once done, move the executable file to your Desktop, right-click on it and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
    • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
    • Wait for the scan to complete
    • On completion, the results will be displayed
    • Check every single entry (threat found), and click on the Remove Selected button
    • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
    • This will open the report in Notepad. Copy/paste its content in your next reply


    Your next reply(ies) should therefore contain:
    • Copy/pasted AdwCleaner clean log
    • Copy/pasted RogueKiller clean log


    created by Aura
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    381

    Default

    ok thx julie...i guess the no malware is good...i also meant to ad yesterday it installed updates and rebooting it came back my desktop was black except for trash can, click start and nothing, no search task bar was blank but i could open task manager looking ror system restore and all services were stopped. i rebooted and it all came back on

    # -------------------------------
    # Malwarebytes AdwCleaner 7.2.1.0
    # -------------------------------
    # Build: 06-26-2018
    # Database: 2018-07-04.1
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 07-12-2018
    # Duration: 00:00:03
    # OS: Windows 10 Home
    # Cleaned: 7
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    Deleted C:\ProgramData\lavasoft\web companion

    ***** [ Files ] *****

    No malicious files cleaned.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    Deleted HKCU\Software\csastats
    Deleted HKCU\Software\Lavasoft\Web Companion
    Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    Deleted Ask
    Deleted AOL

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [1624 octets] - [12/07/2018 21:34:49]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

    RogueKiller V12.12.26.0 (x64) [Jul 9 2018] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : https://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 10 (10.0.16299) 64 bits version
    Started in : Normal mode
    User : Dad [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Mode : Delete -- Date : 07/12/2018 21:44:14 (Duration : 00:34:30)

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 0 ¤¤¤

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ WMI : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

    ¤¤¤ Web browsers : 2 ¤¤¤
    [PUM.SearchEngine][Firefox:Config] nnzgkec8.default : user_pref("browser.search.selectedEngine", "Bing Search Engine"); -> Deleted
    [PUM.SearchEngine][Firefox:Config] nnzgkec8.default : user_pref("browser.search.defaultenginename", "Bing Search Engine"); -> Deleted

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD10EARX-22N0YB0 +++++
    --- User ---
    [MBR] 395f820b994590424fb028d3ee911c22
    [BSP] c84f0775631c57deff6de31deddf500e : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 MB
    1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 27265024 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 27469824 | Size: 940455 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: ZTE MMC Storage USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive4: Generic- SD/MMC USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive5: Generic- MS/MS-Pro/HG USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive6: Generic- SD/MMC/MS/MSPRO USB Device +++++
    Error reading User MBR! ([15] The device is not ready. )
    Error reading LL1 MBR! NOT VALID!
    Error reading LL2 MBR! ([32] The request is not supported. )

  4. #4
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    What you've posted is the same as to what I've seen after windows updates this month.

    Emsisoft Emergency Kit - Fix Mode
    Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
    • Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
    • Once the extraction is complete, the EEK folder will open. Right-click on start emergency kit scanner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
    • EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
    • After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
    • Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
    • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
    • After the restart, open EEK again (in the C:\EEK folder);
    • This time, click on Logs;
    • From there, go under the Quarantine Log tab, and click on the Export button;
    • Save the log on your desktop, then open it, and copy/paste its content in your next reply;
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #5
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    381

    Default

    ok juliet, thanks. when i do get updates or prompts i do them when i shut it down and let them install at night. the last i selected a time to do the updates and when i got on the next day it was just starting to run. it took over an hour and i needed to use my pc and i stopped them and it then said restoring previous version of windows and that took maybe an hour. in the end it did nothing on updates

    Emsisoft Emergency Kit - Version 2018.6
    Last update: 7/13/2018 10:44:25 PM
    User account: BRIDGES1\Dad
    Computer name: BRIDGES1
    OS version: Windows 10x64

    Scan settings:

    Scan type: Malware Scan
    Objects: Rootkits, Memory, Traces, Files

    Detect PUPs: On
    Scan archives: Off
    Scan mail archives: Off
    ADS Scan: On
    File extension filter: Off
    Direct disk access: Off

    Scan start: 7/13/2018 10:45:49 PM

    Scanned 20517
    Found 0

    Scan end: 7/13/2018 10:58:19 PM
    Scan time: 0:12:30

  6. #6
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Let's see if we can go after them manually and get them done and out of the way.

    https://support.microsoft.com/en-us/...ate-windows-10

    Hows the computer now.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #7
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    381

    Default

    ok i'm gonna run this and this may be where it messes up and it may say updating, do not restart and may say that for hours which i don't think is right. once it did and i bumped it accidentally and it rebooted and came back saying reinstalling your former version and it took hours also...we'll see what happens...

  8. #8
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    do not restart and may say that for hours which i don't think is right.
    I agree with you.
    Windows update has messed something up here not sure what but seems to say compatibility.


    Let's see if we can find errors using event manager to find out whats going on,
    Diagnose System Problems with Event Viewer
    https://support.microsoft.com/en-us/...rosoft-windows
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  9. #9
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    381

    Default

    julie how do i use that? not familiar with it.

  10. #10
    Senior Member
    Join Date
    Feb 2008
    Location
    L.A. (Lower Arkansas)
    Posts
    381

    Default

    well juliet i was looking at event viewer and clicked on one thing then another and ended up here https://answers.microsoft.com/en-us/...=1531713561355 and i'll keep you up on anything i find out there. thanks.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •