- Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Check the Addition.txt box
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Hi RK thanks for the advice so far.
I think I managed to do that computer is a 64bit.
I am going to attach 2 files I hope that will be Ok unless you wanted all the info longhand. (sorry had to do long 50 pages I think.)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Windows 8.1 (administrator) on ACER (10-07-2018 16:42:11)
Running from C:\Users\Windows 8.1\Downloads
Loaded Profiles: Windows 8.1 (Available Profiles: Windows 8.1)
Platform: Windows 10 Pro Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(KeepSolid Inc.) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Avira Operations Gmbh & Co. KG) C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe
(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google) C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\SwReporter\30.160.202\software_reporter_tool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-22] (AVAST Software)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-07-04] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{05ee6d76-be00-45fc-9229-900927d93e21}: [DhcpNameServer] 10.53.174.34
Tcpip\..\Interfaces\{2ebea07f-435d-4e83-a616-c8ec8aba1999}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{7c59009e-5ea0-4f40-a883-0a691daeb84b}: [DhcpNameServer] 192.168.224.1
Tcpip\..\Interfaces\{bbebb03f-3ba5-42e5-913a-944bee795ee6}: [DhcpNameServer] 10.208.0.1
Tcpip\..\Interfaces\{f91343c4-6f82-49d0-95e9-b82f954b3856}: [DhcpNameServer] 10.200.0.1
Internet Explorer:
==================
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\IEExt\ie_plugin.dll [2018-01-14] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\IEExt\ie_plugin.dll [2018-01-14] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-26] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-26] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: 5geabok7.default-1451838148255-1520428887763
FF ProfilePath: C:\Users\Windows 8.1\AppData\Roaming\Mozilla\Firefox\Profiles\5geabok7.default-1451838148255-1520428887763 [2018-07-01]
FF Extension: (Avast Online Security) - C:\Users\Windows 8.1\AppData\Roaming\Mozilla\Firefox\Profiles\5geabok7.default-1451838148255-1520428887763\Extensions\
[email protected] [2018-06-22]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-04]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-2532843739-1787431547-1269948887-1001\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFox => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_127.dll [2018-06-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_127.dll [2018-06-21] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-26] (Oracle Corporation)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-31] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-31] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.aol.com/"
CHR DefaultSearchURL: Default -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default [2018-07-10]
CHR Extension: (Docs) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-31]
CHR Extension: (YouTube) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-31]
CHR Extension: (Avira Password Manager) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2018-06-24]
CHR Extension: (Follow Feed | Feedly) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccmkbgknapokcjabmiaimipiepgpgbco [2018-01-05]
CHR Extension: (Google Search) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-31]
CHR Extension: (Avast Passwords) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-06-22]
CHR Extension: (Google Docs Offline) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-05-02]
CHR Extension: (Pinterest Save Button) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-10]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2018-07-10]
CHR Extension: (Save to Feedly Board) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhblphcdjcicefneapkhmleapfaocih [2018-01-05]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2018-07-01]
CHR Extension: (Skype) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2018-05-21]
CHR Extension: (Kaspersky Protection) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Buffer) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2018-03-10]
CHR Extension: (Gmail) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-21]
CHR Profile: C:\Users\Windows 8.1\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-26]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [880040 2018-07-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [225384 2018-07-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [225384 2018-07-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1164808 2018-07-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-22] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-30] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-22] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-30] (AVAST Software)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [428072 2018-07-04] (Avira Operations GmbH & Co. KG)
U2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [346528 2018-05-17] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [103328 2018-05-24] (Avira Operations GmbH & Co. KG)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe [426416 2018-01-14] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 ksu; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe [1565000 2016-11-27] (AO Kaspersky Lab)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2102248 2017-12-13] (Plex, Inc.)
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-31] (Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [114824 2017-05-31] (Avira Operations GmbH & Co. KG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [57160 2018-06-20] (KeepSolid Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [315768 2016-08-05] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B}
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD}
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-06-22] (AVAST Software)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-06-22] (AVAST Software)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-06-22] (AVAST Software)
S3 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-06-22] (AVAST Software)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-06-22] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-22] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-06-22] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-06-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-06-22] (AVAST Software)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-06-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-06-22] (AVAST Software)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-06-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-06-22] (AVAST Software)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-06-22] (AVAST Software)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-06-22] (AVAST Software)
R3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-21] (Qualcomm Atheros Communications, Inc.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-08-01] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [179376 2018-07-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-07-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-08-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-08-01] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-08-01] (Avira Operations GmbH & Co. KG)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 hmatap; C:\WINDOWS\System32\drivers\hmatap.sys [36456 2017-10-31] (The OpenVPN Project)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-25] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [120008 2018-05-04] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-05-04] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1191616 2018-05-04] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1057992 2018-05-04] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-05-04] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-25] (AO Kaspersky Lab)
R3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236488 2018-05-25] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-01-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [258864 2018-05-25] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [109248 2018-05-25] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [177848 2018-06-23] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-02-19] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [141000 2018-05-04] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-25] (AO Kaspersky Lab)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2017-10-25] (The OpenVPN Project)
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
U3 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-10 16:42 - 2018-07-10 16:43 - 000026913 _____ C:\Users\Windows 8.1\Downloads\FRST.txt
2018-07-10 16:41 - 2018-07-10 16:42 - 000000000 ____D C:\FRST
2018-07-10 16:38 - 2018-07-10 16:41 - 002412544 _____ (Farbar) C:\Users\Windows 8.1\Downloads\FRST64.exe
2018-07-10 16:35 - 2018-07-10 16:35 - 000001189 _____ C:\Users\Public\Desktop\Avira.lnk
2018-07-01 16:22 - 2018-07-01 16:22 - 001898376 _____ C:\Users\Windows 8.1\Downloads\avira_support_collector_en (1).exe
2018-07-01 16:21 - 2018-07-01 16:21 - 001898376 _____ C:\Users\Windows 8.1\Downloads\avira_support_collector_en.exe
2018-07-01 14:56 - 2018-07-01 14:56 - 000001190 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2018-07-01 14:56 - 2018-07-01 14:56 - 000000000 ____D C:\Users\Windows 8.1\AppData\Roaming\Western Digital
2018-07-01 14:55 - 2018-07-01 14:56 - 000000000 ____D C:\Program Files (x86)\Western Digital
2018-07-01 14:55 - 2018-07-01 14:55 - 000002226 _____ C:\Users\Public\Desktop\WD Backup.lnk
2018-07-01 14:55 - 2018-07-01 14:55 - 000001245 _____ C:\Users\Public\Desktop\WD Security.lnk
2018-07-01 14:55 - 2018-07-01 14:55 - 000000000 ____D C:\ProgramData\Western Digital
2018-07-01 14:55 - 2018-07-01 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2018-07-01 14:53 - 2018-07-01 14:53 - 000000000 ____D C:\Users\Windows 8.1\AppData\Local\Western Digital
2018-06-25 11:23 - 2018-06-25 11:24 - 000000232 _____ C:\WINDOWS\ntbtlog.txt
2018-06-25 10:38 - 2018-06-25 10:38 - 009497720 _____ (Symantec Corporation) C:\Users\Windows 8.1\Downloads\NPE.exe
2018-06-24 13:01 - 2018-06-24 13:01 - 000000881 _____ C:\WINDOWS\system32\Drivers\etc\hosts.bak
2018-06-24 12:20 - 2018-06-25 10:44 - 000000000 ____D C:\NPE
2018-06-24 12:14 - 2018-06-25 11:07 - 000000000 ____D C:\Users\Windows 8.1\AppData\Local\NPE
2018-06-24 12:14 - 2018-06-24 12:15 - 000000000 ____D C:\ProgramData\Norton
2018-06-24 11:37 - 2018-06-24 11:37 - 000000000 ____D C:\MSIaa859.tmp
2018-06-24 10:56 - 2018-06-24 10:56 - 000000000 ____D C:\Users\Windows 8.1\AppData\Local\D3DSCache
2018-06-23 16:31 - 2018-06-23 16:31 - 004015977 _____ C:\Users\Windows 8.1\Downloads\sales (1).zip
2018-06-23 16:31 - 2018-06-23 16:31 - 004013995 _____ C:\Users\Windows 8.1\Downloads\squeeze (1).zip
2018-06-23 16:11 - 2018-06-23 16:11 - 000326041 _____ C:\Users\Windows 8.1\Downloads\Membership-6-15-2018.zip
2018-06-23 13:25 - 2018-06-08 21:02 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-23 13:25 - 2018-06-08 19:06 - 001539488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-06-23 13:25 - 2018-06-08 12:31 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-23 13:25 - 2018-06-08 11:29 - 007520000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-23 13:25 - 2018-06-08 11:13 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-23 13:25 - 2018-06-08 11:09 - 006569960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-23 13:25 - 2018-06-08 11:04 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-23 13:25 - 2018-06-08 11:03 - 022005760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-23 13:25 - 2018-06-08 11:02 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-23 13:25 - 2018-06-08 11:00 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-23 13:25 - 2018-06-08 10:58 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-23 13:25 - 2018-05-20 21:43 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-23 13:25 - 2018-05-20 18:59 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-23 13:25 - 2018-05-20 13:52 - 007436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-23 13:25 - 2018-05-20 13:34 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-23 13:25 - 2018-05-20 13:30 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-23 13:25 - 2018-05-20 13:26 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-23 13:25 - 2018-05-20 13:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-23 13:24 - 2018-06-08 21:07 - 002266520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-06-23 13:24 - 2018-06-08 21:02 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-23 13:24 - 2018-06-08 21:01 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-06-23 13:24 - 2018-06-08 20:45 - 012712448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-23 13:24 - 2018-06-08 20:45 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-23 13:24 - 2018-06-08 20:43 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-23 13:24 - 2018-06-08 20:43 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-23 13:24 - 2018-06-08 20:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-23 13:24 - 2018-06-08 20:42 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-06-23 13:24 - 2018-06-08 20:42 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-23 13:24 - 2018-06-08 18:58 - 002206544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-06-23 13:24 - 2018-06-08 18:51 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-23 13:24 - 2018-06-08 18:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-06-23 13:24 - 2018-06-08 18:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-23 13:24 - 2018-06-08 18:06 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-23 13:24 - 2018-06-08 18:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-23 13:24 - 2018-06-08 12:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-23 13:24 - 2018-06-08 12:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-23 13:24 - 2018-06-08 12:35 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-23 13:24 - 2018-06-08 12:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-23 13:24 - 2018-06-08 12:34 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-23 13:24 - 2018-06-08 12:31 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-23 13:24 - 2018-06-08 11:33 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-23 13:24 - 2018-06-08 11:30 - 009148320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-23 13:24 - 2018-06-08 11:30 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-23 13:24 - 2018-06-08 11:30 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-23 13:24 - 2018-06-08 11:30 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-23 13:24 - 2018-06-08 11:30 - 000491328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 006817384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 004403280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 002836384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-23 13:24 - 2018-06-08 11:29 - 002753048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 002564984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001946328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001611592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-23 13:24 - 2018-06-08 11:29 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 001148808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-23 13:24 - 2018-06-08 11:29 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-06-23 13:24 - 2018-06-08 11:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-23 13:24 - 2018-06-08 11:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-23 13:24 - 2018-06-08 11:11 - 001461744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-23 13:24 - 2018-06-08 11:11 - 000550616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-23 13:24 - 2018-06-08 11:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-23 13:24 - 2018-06-08 11:10 - 002331584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-23 13:24 - 2018-06-08 11:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-23 13:24 - 2018-06-08 11:10 - 001011992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-23 13:24 - 2018-06-08 11:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 006527064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 004788512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 002535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 002242216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 001980872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 001805776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 001709720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 001380200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-06-23 13:24 - 2018-06-08 11:09 - 001020168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-23 13:24 - 2018-06-08 11:01 - 004563456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-23 13:24 - 2018-06-08 11:01 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-23 13:24 - 2018-06-08 11:00 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-23 13:24 - 2018-06-08 11:00 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-23 13:24 - 2018-06-08 11:00 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-23 13:24 - 2018-06-08 10:59 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-23 13:24 - 2018-06-08 10:59 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-23 13:24 - 2018-06-08 10:59 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-23 13:24 - 2018-06-08 10:59 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-23 13:24 - 2018-06-08 10:59 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-23 13:24 - 2018-06-08 10:59 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-23 13:24 - 2018-06-08 10:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-23 13:24 - 2018-06-08 10:58 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-06-23 13:24 - 2018-06-08 10:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-23 13:24 - 2018-06-08 10:58 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-23 13:24 - 2018-06-08 10:57 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-23 13:24 - 2018-06-08 10:57 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-23 13:24 - 2018-06-08 10:57 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-23 13:24 - 2018-06-08 10:55 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 001371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-23 13:24 - 2018-06-08 10:55 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-23 13:24 - 2018-06-08 10:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-23 13:24 - 2018-06-08 10:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-23 13:24 - 2018-06-08 10:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-23 13:24 - 2018-06-08 10:54 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-23 13:24 - 2018-06-08 10:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-23 13:24 - 2018-06-06 20:57 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-23 13:24 - 2018-06-06 06:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-23 13:24 - 2018-05-20 21:42 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-23 13:24 - 2018-05-20 21:23 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-23 13:24 - 2018-05-20 21:23 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-23 13:24 - 2018-05-20 21:22 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-23 13:24 - 2018-05-20 21:22 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-23 13:24 - 2018-05-20 20:14 - 020383712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-23 13:24 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-23 13:24 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-23 13:24 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-23 13:24 - 2018-05-20 18:45 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-23 13:24 - 2018-05-20 13:53 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-23 13:24 - 2018-05-20 13:53 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-23 13:24 - 2018-05-20 13:53 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-23 13:24 - 2018-05-20 13:52 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-23 13:24 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-23 13:24 - 2018-05-20 13:32 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-23 13:24 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-23 13:24 - 2018-05-20 13:31 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-23 13:24 - 2018-05-20 13:24 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-23 13:24 - 2018-05-20 13:23 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-23 13:24 - 2018-05-20 13:23 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-23 13:24 - 2018-05-20 13:23 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-23 13:24 - 2018-05-20 13:23 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-06-23 13:24 - 2018-05-20 13:21 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-23 13:24 - 2018-05-20 13:21 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-23 13:24 - 2018-05-20 13:21 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-23 13:24 - 2018-05-20 13:21 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-23 13:24 - 2018-05-20 13:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-23 13:24 - 2018-05-20 13:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-06-23 13:24 - 2018-05-20 13:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-23 13:23 - 2018-06-08 21:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-23 13:23 - 2018-06-08 21:07 - 000183712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2018-06-23 13:23 - 2018-06-08 21:07 - 000040864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-06-23 13:23 - 2018-06-08 21:07 - 000019872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll
2018-06-23 13:23 - 2018-06-08 21:05 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-23 13:23 - 2018-06-08 21:02 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-06-23 13:23 - 2018-06-08 21:01 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-23 13:23 - 2018-06-08 20:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-06-23 13:23 - 2018-06-08 20:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-23 13:23 - 2018-06-08 20:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-23 13:23 - 2018-06-08 20:45 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-23 13:23 - 2018-06-08 20:45 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-23 13:23 - 2018-06-08 20:44 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-06-23 13:23 - 2018-06-08 20:44 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-23 13:23 - 2018-06-08 20:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-23 13:23 - 2018-06-08 20:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-06-23 13:23 - 2018-06-08 20:43 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-23 13:23 - 2018-06-08 20:43 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-23 13:23 - 2018-06-08 20:43 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-06-23 13:23 - 2018-06-08 20:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-23 13:23 - 2018-06-08 20:42 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-23 13:23 - 2018-06-08 20:42 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-23 13:23 - 2018-06-08 20:42 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2018-06-23 13:23 - 2018-06-08 20:42 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-23 13:23 - 2018-06-08 20:42 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-06-23 13:23 - 2018-06-08 20:42 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-06-23 13:23 - 2018-06-08 20:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-23 13:23 - 2018-06-08 20:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-23 13:23 - 2018-06-08 20:41 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-06-23 13:23 - 2018-06-08 20:41 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-23 13:23 - 2018-06-08 20:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-23 13:23 - 2018-06-08 20:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-23 13:23 - 2018-06-08 20:40 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-06-23 13:23 - 2018-06-08 19:07 - 000148896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2018-06-23 13:23 - 2018-06-08 19:04 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-23 13:23 - 2018-06-08 18:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-23 13:23 - 2018-06-08 18:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-23 13:23 - 2018-06-08 18:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-23 13:23 - 2018-06-08 18:48 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-23 13:23 - 2018-06-08 18:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-23 13:23 - 2018-06-08 18:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-23 13:23 - 2018-06-08 18:47 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-06-23 13:23 - 2018-06-08 18:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-06-23 13:23 - 2018-06-08 18:46 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-23 13:23 - 2018-06-08 18:46 - 002016256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-23 13:23 - 2018-06-08 18:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-06-23 13:23 - 2018-06-08 18:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-23 13:23 - 2018-06-08 18:05 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-23 13:23 - 2018-06-08 16:00 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-23 13:23 - 2018-06-08 16:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-23 13:23 - 2018-06-08 12:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-23 13:23 - 2018-06-08 12:31 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-23 13:23 - 2018-06-08 12:30 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-23 13:23 - 2018-06-08 11:34 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-23 13:23 - 2018-06-08 11:34 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-23 13:23 - 2018-06-08 11:33 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-06-23 13:23 - 2018-06-08 11:33 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-23 13:23 - 2018-06-08 11:33 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-23 13:23 - 2018-06-08 11:31 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-23 13:23 - 2018-06-08 11:31 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-23 13:23 - 2018-06-08 11:31 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-23 13:23 - 2018-06-08 11:30 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-23 13:23 - 2018-06-08 11:30 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-23 13:23 - 2018-06-08 11:30 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-23 13:23 - 2018-06-08 11:30 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-23 13:23 - 2018-06-08 11:30 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-23 13:23 - 2018-06-08 11:30 - 000567184 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-06-23 13:23 - 2018-06-08 11:30 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-23 13:23 - 2018-06-08 11:30 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-23 13:23 - 2018-06-08 11:30 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-23 13:23 - 2018-06-08 11:30 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-23 13:23 - 2018-06-08 11:30 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-23 13:23 - 2018-06-08 11:30 - 000134584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-23 13:23 - 2018-06-08 11:29 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 001921952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 001288816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-23 13:23 - 2018-06-08 11:29 - 001150416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 001112608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 000885880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000792992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000413824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000413088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-06-23 13:23 - 2018-06-08 11:29 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-23 13:23 - 2018-06-08 11:29 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-23 13:23 - 2018-06-08 11:12 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-23 13:23 - 2018-06-08 11:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-06-23 13:23 - 2018-06-08 11:10 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-06-23 13:23 - 2018-06-08 11:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-06-23 13:23 - 2018-06-08 11:10 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 001129648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000988136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000770160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-06-23 13:23 - 2018-06-08 11:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-23 13:23 - 2018-06-08 11:03 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-23 13:23 - 2018-06-08 11:03 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-23 13:23 - 2018-06-08 11:03 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-23 13:23 - 2018-06-08 11:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-06-23 13:23 - 2018-06-08 11:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-06-23 13:23 - 2018-06-08 11:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-06-23 13:23 - 2018-06-08 11:02 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-23 13:23 - 2018-06-08 11:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-23 13:23 - 2018-06-08 11:01 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-23 13:23 - 2018-06-08 11:01 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-23 13:23 - 2018-06-08 11:01 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-06-23 13:23 - 2018-06-08 11:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-23 13:23 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-23 13:23 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-23 13:23 - 2018-06-08 11:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-06-23 13:23 - 2018-06-08 11:00 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-06-23 13:23 - 2018-06-08 11:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-23 13:23 - 2018-06-08 11:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-23 13:23 - 2018-06-08 11:00 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-23 13:23 - 2018-06-08 10:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-06-23 13:23 - 2018-06-08 10:59 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-23 13:23 - 2018-06-08 10:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-23 13:23 - 2018-06-08 10:59 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-23 13:23 - 2018-06-08 10:59 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-23 13:23 - 2018-06-08 10:58 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-23 13:23 - 2018-06-08 10:58 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-06-23 13:23 - 2018-06-08 10:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-23 13:23 - 2018-06-08 10:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-23 13:23 - 2018-06-08 10:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-06-23 13:23 - 2018-06-08 10:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-06-23 13:23 - 2018-06-08 10:57 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-23 13:23 - 2018-06-08 10:57 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-06-23 13:23 - 2018-06-08 10:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-23 13:23 - 2018-06-08 10:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-23 13:23 - 2018-06-08 10:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-23 13:23 - 2018-06-08 10:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-23 13:23 - 2018-06-08 10:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 001033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-06-23 13:23 - 2018-06-08 10:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-23 13:23 - 2018-06-08 10:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-06-23 13:23 - 2018-06-08 10:54 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-23 13:23 - 2018-06-08 10:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-06-23 13:23 - 2018-06-08 10:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-23 13:23 - 2018-06-08 10:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-23 13:23 - 2018-06-08 10:53 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-23 13:23 - 2018-06-08 10:53 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-06-23 13:23 - 2018-06-08 10:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-23 13:23 - 2018-06-08 10:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-23 13:23 - 2018-06-08 10:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-23 13:23 - 2018-06-08 09:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-06-23 13:23 - 2018-06-02 01:24 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-23 13:23 - 2018-06-02 00:54 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-23 13:23 - 2018-05-25 05:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-06-23 13:23 - 2018-05-20 21:45 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-23 13:23 - 2018-05-20 21:42 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-23 13:23 - 2018-05-20 21:26 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-23 13:23 - 2018-05-20 21:23 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-23 13:23 - 2018-05-20 21:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-23 13:23 - 2018-05-20 21:22 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-23 13:23 - 2018-05-20 20:20 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-06-23 13:23 - 2018-05-20 20:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-23 13:23 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-23 13:23 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-23 13:23 - 2018-05-20 18:39 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-23 13:23 - 2018-05-20 18:35 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-23 13:23 - 2018-05-20 18:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-23 13:23 - 2018-05-20 16:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-23 13:23 - 2018-05-20 14:33 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-23 13:23 - 2018-05-20 13:53 - 001947808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-23 13:23 - 2018-05-20 13:53 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-23 13:23 - 2018-05-20 13:53 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-23 13:23 - 2018-05-20 13:52 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-23 13:23 - 2018-05-20 13:52 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-23 13:23 - 2018-05-20 13:52 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-23 13:23 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-23 13:23 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-23 13:23 - 2018-05-20 13:32 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-23 13:23 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-23 13:23 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-23 13:23 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-23 13:23 - 2018-05-20 13:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-23 13:23 - 2018-05-20 13:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-23 13:23 - 2018-05-20 13:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-23 13:23 - 2018-05-20 13:27 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-23 13:23 - 2018-05-20 13:27 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-23 13:23 - 2018-05-20 13:26 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-06-23 13:23 - 2018-05-20 13:26 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-23 13:23 - 2018-05-20 13:26 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-23 13:23 - 2018-05-20 13:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-23 13:23 - 2018-05-20 13:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-23 13:23 - 2018-05-20 13:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-23 13:23 - 2018-05-20 13:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-23 13:23 - 2018-05-20 13:25 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-23 13:23 - 2018-05-20 13:25 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-23 13:23 - 2018-05-20 13:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-23 13:23 - 2018-05-20 13:24 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-23 13:23 - 2018-05-20 13:23 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-23 13:23 - 2018-05-20 13:21 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-23 13:23 - 2018-05-20 13:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-23 13:23 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-23 13:23 - 2018-05-20 13:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-23 13:23 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-23 13:23 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-23 13:23 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-23 13:23 - 2018-05-20 13:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-23 13:23 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-23 13:23 - 2018-05-20 13:12 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-23 13:23 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-23 13:23 - 2018-05-20 13:11 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-23 13:23 - 2018-05-20 10:26 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-23 13:23 - 2018-05-18 19:08 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-23 12:57 - 2018-06-23 12:57 - 000099951 _____ C:\Users\Windows 8.1\Desktop\VPN PDF 3.pdf
2018-06-22 13:42 - 2018-06-22 13:40 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-06-22 13:41 - 2018-06-22 13:40 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-10 16:42 - 2017-05-31 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-07-10 16:40 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-10 16:39 - 2018-05-21 17:02 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2018-07-10 16:39 - 2018-05-21 17:02 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2018-07-10 16:38 - 2018-05-21 18:16 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EF1F7207-FAC2-4CBB-B3B9-9B6D553D8F32}
2018-07-10 16:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-10 16:36 - 2017-11-29 17:45 - 000000000 ____D C:\Users\Windows 8.1\AppData\Local\AVAST Software
2018-07-10 16:35 - 2017-04-02 07:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-10 16:33 - 2018-01-15 06:05 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-07-10 16:33 - 2018-01-14 23:02 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-07-10 16:33 - 2014-11-13 04:37 - 000000000 __SHD C:\Users\Windows 8.1\IntelGraphicsProfiles
2018-07-07 11:35 - 2018-05-21 18:16 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-07-07 11:35 - 2018-01-14 23:04 - 000001504 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-07-06 14:46 - 2018-01-14 23:03 - 000002289 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2018-07-06 14:45 - 2018-05-21 18:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-06 14:45 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-06 14:43 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-06 14:43 - 2017-09-02 15:24 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-07-06 14:19 - 2018-05-21 17:49 - 000000000 ____D C:\Users\Windows 8.1
2018-07-06 14:14 - 2018-05-21 17:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-04 16:24 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-04 16:24 - 2016-10-27 22:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-04 16:24 - 2014-11-13 04:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-01 18:34 - 2017-07-08 14:19 - 000000000 ____D C:\Users\Windows 8.1\AppData\LocalLow\Mozilla
2018-07-01 18:34 - 2014-11-13 04:36 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-01 17:29 - 2018-03-05 20:43 - 000000000 ____D C:\Users\Windows 8.1\AppData\Local\CrashDumps
2018-07-01 15:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2018-07-01 15:29 - 2014-11-13 04:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-01 15:29 - 2014-11-13 04:34 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-01 15:07 - 2017-07-08 16:53 - 000000000 ____D C:\Users\Windows 8.1\AppData\Local\GoToMeeting
2018-06-25 11:57 - 2014-11-13 04:46 - 000000000 ____D C:\Users\Windows 8.1\AppData\Roaming\Skype
2018-06-24 13:17 - 2018-01-26 07:18 - 000000000 ____D C:\Users\Windows 8.1\AppData\Local\Packages
2018-06-24 13:12 - 2017-07-31 06:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-24 13:07 - 2018-03-02 18:55 - 000000000 ____D C:\Program Files (x86)\Cheatsheet Generator
2018-06-24 09:09 - 2018-05-21 18:00 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-24 09:06 - 2018-01-26 07:36 - 000000000 ___RD C:\Users\Windows 8.1\3D Objects
2018-06-24 09:06 - 2016-02-13 15:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-24 09:03 - 2018-05-21 17:46 - 000408480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-24 09:02 - 2016-07-26 13:02 - 000000676 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2532843739-1787431547-1269948887-1001.job
2018-06-24 09:02 - 2016-07-26 13:02 - 000000580 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2532843739-1787431547-1269948887-1001.job
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-23 17:11 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-23 17:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-23 17:11 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-23 17:10 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-23 17:10 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-23 17:10 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-23 17:10 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-23 17:10 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-23 15:28 - 2018-05-25 06:27 - 000177848 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-06-23 14:05 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-23 09:13 - 2018-05-21 18:16 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2532843739-1787431547-1269948887-1001
2018-06-23 09:12 - 2018-05-21 17:49 - 000002385 _____ C:\Users\Windows 8.1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-23 09:12 - 2016-04-08 00:21 - 000000000 ___RD C:\Users\Windows 8.1\OneDrive
2018-06-22 15:50 - 2018-05-21 18:16 - 000003836 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2532843739-1787431547-1269948887-1001
2018-06-22 15:50 - 2018-05-21 18:16 - 000003740 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2532843739-1787431547-1269948887-1001
2018-06-22 13:41 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-06-22 13:40 - 2018-05-21 17:02 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-06-22 13:40 - 2018-05-21 17:02 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-06-22 13:40 - 2018-05-21 17:02 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-06-22 13:40 - 2018-05-21 17:02 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-06-22 13:40 - 2018-05-21 17:02 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-06-22 13:40 - 2018-05-21 17:02 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-06-22 13:40 - 2018-05-21 17:02 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-06-22 13:40 - 2018-05-21 17:02 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-06-22 13:39 - 2018-05-21 17:02 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-06-22 13:39 - 2018-05-21 17:02 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-06-22 13:39 - 2018-05-21 17:02 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-06-22 13:39 - 2018-05-21 17:02 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-06-22 13:39 - 2018-05-21 17:02 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-06-22 13:39 - 2018-01-05 20:53 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-06-21 13:32 - 2015-05-12 12:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-21 13:22 - 2017-05-31 20:44 - 000000000 ____D C:\Program Files (x86)\Avira
2018-06-21 13:07 - 2017-10-12 06:25 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-21 13:07 - 2015-05-12 12:22 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-21 12:57 - 2018-05-02 13:36 - 000000000 ____D C:\Program Files (x86)\VPN Unlimited
2018-06-21 12:56 - 2018-05-02 13:36 - 000001140 _____ C:\Users\Public\Desktop\VPN Unlimited.lnk
2018-06-21 12:56 - 2018-05-02 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2018-06-21 12:55 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-21 12:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-21 17:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Windows 8.1 (10-07-2018 16:44:43)
Running from C:\Users\Windows 8.1\Downloads
Windows 10 Pro Version 1803 17134.112 (X64) (2018-05-21 16:17:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2532843739-1787431547-1269948887-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2532843739-1787431547-1269948887-503 - Limited - Disabled)
Guest (S-1-5-21-2532843739-1787431547-1269948887-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2532843739-1787431547-1269948887-504 - Limited - Disabled)
Windows 8.1 (S-1-5-21-2532843739-1787431547-1269948887-1001 - Administrator - Enabled) => C:\Users\Windows 8.1
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Kaspersky Free (Enabled - Out of date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Kaspersky Free (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACDSee Pro 4 (HKLM-x32\...\{88D4FE78-6EA6-4DFB-9FC2-8BC316F0C2FD}) (Version: 4.0.237 - ACD Systems International Inc.)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.127 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AIMP2 (HKLM-x32\...\AIMP2) (Version: - AIMP DevTeam)
Amazon Kindle (HKU\S-1-5-21-2532843739-1787431547-1269948887-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Pro Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 65.2.491.182 - AVAST Software)
Avira (HKLM-x32\...\{218C5045-A3A1-486C-91F5-A1B4D4772F8D}) (Version: 1.2.116.18787 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{b883705a-0784-4d1e-9766-601e8d66945a}) (Version: 1.2.115.14232 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.36.211 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.14.1.26975 - Avira Operations GmbH & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{14E3F849-589B-42DB-83C4-D856CFE94BCC}) (Version: 1.0.67.2779 - Avira Operations Gmbh & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{9158dccb-03a7-493c-b07e-f47b9784425c}) (Version: 1.0.65.2672 - Avira Operations Gmbh & Co. KG) Hidden
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{E47D0BE2-95DF-422B-AD01-5C8A184C239A}) (Version: 2.0.5.32390 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cheatsheet Generator (HKLM-x32\...\{9162E8BE-57E7-4B23-95CC-44BB5CFBB405}) (Version: 1.0.0 - Dirk Wagner)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1129 - CyberLink Corp.)
EditPad Lite 7.6.3 (HKLM\...\EditPad Lite) (Version: 7.6.3 - Just Great Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoToMeeting 8.29.1.8953 (HKU\S-1-5-21-2532843739-1787431547-1269948887-1001\...\GoToMeeting) (Version: 8.29.1.8953 - LogMeIn, Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Software Updater (HKLM-x32\...\{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab) Hidden
Kaspersky Software Updater (HKLM-x32\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab)
Keyword Research Ninja 1.0 (HKU\S-1-5-21-2532843739-1787431547-1269948887-1001\...\968efe0ce29a96a9) (Version: 1.0.0.6 - Binary Pros)
Keyword Researcher Pro version 11.031 (HKLM-x32\...\Keyword Researcher Pro_is1) (Version: 11.031 - Clever Gizmos)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2532843739-1787431547-1269948887-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 60.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 60.0.2 (x86 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
Nero 8 Lite 8.3.2.1 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.2.1 - Updatepack.nl)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plex Media Server (HKLM-x32\...\{2fb84613-d20f-4778-8955-66178d5dee6f}) (Version: 1.10.1.4602 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{CB3C17B5-1DE6-4D78-9447-38C6F1277A2A}) (Version: 1.10.1602 - Plex, Inc.) Hidden
Quintura Search™ (HKLM-x32\...\Quintura Search™_is1) (Version: - Quintura Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.3.34 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{AF155B47-DEA7-4C29-9260-44D0CDBE2DAC}) (Version: 9.0.2558.0 - SmartSoft Ltd.)
Stopping Plex (HKLM-x32\...\{5E4EA395-F2C2-4A16-A4C7-99897E1859F2}) (Version: 1.10.1602 - Plex, Inc.) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Text Formatter Plus version 1.2.15 (HKLM-x32\...\Text Formatter Plus_is1) (Version: 1.2.15.481 - )
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
VPN Unlimited 4.23 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.23 - KeepSolid Inc.)
WD Backup (HKLM-x32\...\{46162462-824f-4ea9-a312-38841e3dab7d}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{9669966E-5595-4820-A879-DD48B3DF05BF}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{06628A2D-167D-4F5E-8C98-60CFA0B161D1}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{7c73600b-2542-4641-a960-74bed274be03}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A2D70EE4-2462-4F04-9955-5761E3F3F47A}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{f1fc402c-35fd-40c0-97e4-5bee07891caf}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2532843739-1787431547-1269948887-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Windows 8.1\AppData\Local\GoToMeeting\8679\G2MOutlookAddin64.dll (LogMeIn, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll [2018-02-21] (SmartSoft Ltd.)
ContextMenuHandlers1-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\aimp_shell.dll [2009-03-06] (AIMP DevTeam)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
ContextMenuHandlers1-x32: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-05-04] (AO Kaspersky Lab)
ContextMenuHandlers1-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-07-10] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [SmartFTP] -> {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} => C:\Program Files\SmartFTP Client\ShellTools.dll [2018-02-21] (SmartSoft Ltd.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-05-04] (AO Kaspersky Lab)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
ContextMenuHandlers4-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\aimp_shell.dll [2009-03-06] (AIMP DevTeam)
ContextMenuHandlers4-x32: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-05-04] (AO Kaspersky Lab)
ContextMenuHandlers4-x32: [SmartFTP] -> {F87DED31-303F-4ED1-9BCE-D360FBC74E0A} => C:\Program Files\SmartFTP Client\ShellTools.dll [2018-02-21] (SmartSoft Ltd.)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-22] (AVAST Software)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-05-04] (AO Kaspersky Lab)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-07-10] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01104BE2-E826-47D9-A0C1-0F6BDF2C5457} - System32\Tasks\G2MUploadTask-S-1-5-21-2532843739-1787431547-1269948887-1001 => C:\Users\Windows 8.1\AppData\Local\GoToMeeting\8953\g2mupload.exe [2018-06-22] (LogMeIn, Inc.)
Task: {0767E7B9-E7ED-490A-A27A-C31E81DBA13B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0AB19FFD-0E23-4C5D-A92C-445606B911F8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C1E128E-C3EC-4E44-918E-AFD698ADFE62} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {105D92BE-57C9-4F71-8947-D504805B40B5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {135B5AD9-F08A-4DC6-99C0-76AA54B4FCA9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1565C6BC-7205-4FDE-9B20-284B6E6D02A0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {1C2087FA-6A90-484D-8245-3BCD643368B2} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-30] (AVAST Software)
Task: {1F43B04F-F5E1-4AC9-A7D0-4060F2FA0E4F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {209E1AB0-37B6-43BF-91EC-B501C8157A99} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-07-10] (Avira Operations GmbH & Co. KG)
Task: {22DB4ADD-7C43-4732-9B60-C3216AA78D31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.)
Task: {29185AFF-E037-403A-B6E9-E5CD482658D0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2B1F5448-C3C2-4CA3-84E9-C085F869C7C2} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2B538013-D916-49FC-BEB8-9495AB3B78A8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {365A0740-5244-4C26-AB61-C6412B3AF2EA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {380D68CE-4C41-42B2-B306-EB7B97439892} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3AE536C3-125D-4430-AB6C-BB438195B30D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42E5C629-49D9-4F17-9660-BFD984E45906} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {469CF64D-3483-4B94-AE62-BAD4B625F5FB} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-05-31] (Avira Operations GmbH & Co. KG)
Task: {4C48EB88-FB0A-46E0-ABDC-F33053084296} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F85CDAC-8774-4494-A395-9177EF7F4DAE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {539CB3BB-2503-4902-AE92-00669E872E93} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {57547FEA-B434-4891-BC46-5A4C82D9B515} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A4036D5-9298-47C5-88EE-B4CD81BA368B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-30] (AVAST Software)
Task: {5B700546-3C98-4CD2-92DE-98E8B255BAF3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5BCC4875-0BC3-4427-9553-DC6ABED35042} - System32\Tasks\G2MUpdateTask-S-1-5-21-2532843739-1787431547-1269948887-1001 => C:\Users\Windows 8.1\AppData\Local\GoToMeeting\8953\g2mupdate.exe [2018-06-22] (LogMeIn, Inc.)
Task: {60CDD4FB-B8C7-4468-96AC-EC166107F7A2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6925EB8A-628A-4657-8AFB-944817CB4A8C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {71034660-50A2-4970-ADE5-008859CE5695} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C9493D5-AFF1-4EA5-B352-36F2B95BBAC8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {832EF2F4-CAFA-4E01-869A-6BD6BE299363} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-06-13] (Avira Operations Gmbh & Co. KG)
Task: {838CA0BC-AE2C-4114-B022-C4A0DB9C7983} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-06-13] (Avira Operations Gmbh & Co. KG)
Task: {89144CC1-ADDD-49CE-8091-FB12277CC68B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-09] ()
Task: {8B2E515B-0058-4CE1-B62A-8618EC564C8B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F5FC3D1-59AF-4C35-AD80-65DB7F485CC2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {99E91C2F-367E-411B-9A75-90D0420F94D5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {9A50EE89-162C-45C2-A2A2-1304ADF2602C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A66F5977-940E-4ACC-AB90-1F8AA6295F6A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AF89AACD-A56A-49F1-BF32-C89914A6C314} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B0B5C66F-8130-4654-93A3-FA0CA43F6854} - System32\Tasks\{784D683C-8945-4E08-B9C9-627735EF2AA8} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/6.0.0.120/en/go/help.faq.installer?LastError=1618
Task: {B168F4BD-1DBF-438A-862A-7CC29360936F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B7105996-EDC0-4CC4-B8CA-B4124737B886} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD5505FA-183E-405D-B402-005A312352ED} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C3199D72-D0D9-4B6F-BA0F-35F352CC2123} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-22] (AVAST Software)
Task: {C36CBCA7-993F-4AD2-9175-60D5C10A10D2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C783F796-C9D5-4A6B-A372-F4383F69674A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-21] (Adobe Systems Incorporated)
Task: {CEF95507-C8DC-4C47-ADD3-C6A09E886EC8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CEFBD034-040F-4668-92F5-3BA2125D3D42} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D234E7AC-8E13-432C-ABF9-EB818D9923D0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D77658ED-7240-4024-933C-802A9369BB94} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [2018-06-13] (Avira Operations Gmbh & Co. KG)
Task: {D79F7B71-FD28-4311-8B6D-D99518A7E4D1} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {E64C0754-61F8-4F57-B846-5206EE49375A} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2017-05-31] (Avira Operations GmbH & Co. KG)
Task: {E7794DEA-0AA2-4F42-A300-ED9DEBD63BF4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.)
Task: {EDEDDBA4-9432-4BB9-85C6-97AE7745998D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2BFB135-DCCF-4177-8AC8-7432571C14FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {F4019B4B-F5E9-400C-AA81-E0F11A5675B2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-22] (AVAST Software)
Task: {F9EDBEA4-6A76-4C80-95C6-953297EB0BC3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2532843739-1787431547-1269948887-1001.job => C:\Users\Windows 8.1\AppData\Local\GoToMeeting\8953\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2532843739-1787431547-1269948887-1001.job => C:\Users\Windows 8.1\AppData\Local\GoToMeeting\8953\g2mupload.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-10-20 17:42 - 2017-10-20 17:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-23 13:24 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-21 13:35 - 2018-06-21 13:36 - 000062464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-06-21 13:35 - 2018-06-21 13:36 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-01 14:59 - 2018-07-01 14:59 - 027126784 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-01 14:59 - 2018-07-01 14:59 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-01 14:59 - 2018-07-01 14:59 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 14:11 - 2017-09-26 14:11 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-01 14:59 - 2018-07-01 14:59 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-23 06:45 - 2018-05-23 06:53 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 06:45 - 2018-05-23 06:53 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 06:45 - 2018-05-23 06:55 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 06:45 - 2018-05-23 06:53 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-23 06:45 - 2018-05-23 06:47 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-01 15:29 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-07-01 15:29 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-06-22 13:40 - 2018-06-22 13:40 - 000483544 _____ () c:\program files\avast software\avast\streamback.dll
2018-07-06 14:16 - 2018-07-06 14:16 - 005843088 _____ () c:\program files\avast software\avast\defs\18070604\algo.dll
2018-06-22 13:40 - 2018-06-22 13:40 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-06-22 13:39 - 2018-06-22 13:39 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-06-22 13:39 - 2018-06-22 13:39 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-06-22 13:39 - 2018-06-22 13:39 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-07-07 11:35 - 2018-07-07 11:35 - 005843088 _____ () c:\program files\avast software\avast\defs\18070700\algo.dll
2018-07-10 16:37 - 2018-07-10 16:37 - 005841040 _____ () c:\program files\avast software\avast\defs\18071002\algo.dll
2018-01-14 23:03 - 2018-01-14 23:03 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\kpcengine.2.3.dll
2017-12-13 06:18 - 2017-12-13 06:18 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2017-12-13 06:18 - 2017-12-13 06:18 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2018-05-02 13:36 - 2018-06-20 16:21 - 002713928 _____ () C:\Program Files (x86)\VPN Unlimited\vpnu_private_sdk.dll
2014-11-13 04:32 - 2013-09-16 06:19 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2018-03-03 03:43 - 2018-03-03 03:43 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-06-22 13:39 - 2018-06-22 13:39 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-06-24 13:01 - 000000054 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2532843739-1787431547-1269948887-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6FD63570-87E8-4CFE-88F8-355C4502D834}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [{4CFB409B-7269-4B9F-ADC8-031144250979}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [{FC510B93-C39A-479C-BCD3-8DAC3F2AC1A7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{22380941-7C75-408B-A912-D576F75C1B03}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe
FirewallRules: [{CA9FFB8F-E137-4DCB-B3A1-DDDBAF380DC1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{39364F75-156A-4A83-B0C4-06D1C5279A7A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{28D50727-B3DE-4525-8BF0-7C3BBF156545}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DD72A4EC-C663-49CA-87A7-633122F79D70}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8A6FAF1F-3033-495E-A5A5-94B035B808FC}] => (Allow) C:\Program Files\SmartFTP Client\SmartFTP.exe
FirewallRules: [{58F1736C-98A8-4EDC-BDD0-225AAF48CAC2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
FirewallRules: [{896B5063-8CF8-400F-A421-24FD48C6FC60}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
FirewallRules: [{DA9CDB59-842B-4F3E-98E8-901ECCB43030}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{9A913261-18CC-4E63-BB10-54562EDA5B4D}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{4F92E996-31EB-4741-A513-C229A5032DFA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{AC53F1F2-D3D8-4A1E-BFAE-8EE394891C49}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe
FirewallRules: [{E6D437C9-69EF-4D0D-9A87-B178DB179358}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2F1B0DA8-F142-4374-9AA5-F2E2D7C56D32}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A4D2689F-A120-4D01-8358-2CB5A35DFEFE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5A27FD79-EE0C-45F6-9B57-D1E0D71A46E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{270F5697-7780-453B-A3B1-2A4FAE841CE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E760A935-E49D-4699-90D5-F8D7D2BD4877}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{4D902E10-EE42-463A-8D93-DC2EC67E1DED}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{6BDCE66F-C8AD-4A5D-9393-C21CF4B7A508}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4978F1FB-F13E-4B1C-B77B-A2ADAF487C4B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AC14CBED-3B78-4030-931C-C51C366BE795}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DA759AA-879F-49BF-8F43-7F725BA82B23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D70474DD-FCDD-4B79-BBCA-73D640FC53B9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5F5F8846-590D-4AB1-BB25-66A058B3399B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{E455205C-60BC-4D9E-9ECC-312E420324DA}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{FA1B642F-C8EC-4562-B55C-52F240D435B4}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{7BDFB8E6-10AB-4D41-A32A-A4A30D69CC65}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4BC4B012-281A-4884-84B4-5557646398BB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{2DA66643-3E3E-4D61-AA21-BBE12BE4EFF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
24-06-2018 11:12:47 Restore Operation
01-07-2018 14:49:11 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2018 04:39:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. The specified account already exists.
Error: (07/10/2018 04:38:16 PM) (Source: Windows Search Service) (EventID: 3100) (User: )
Description: Unable to initialize the filter host process. Terminating.
Details:
This operation returned because the timeout period expired. (HRESULT : 0x800705b4) (0x800705b4)
Error: (07/10/2018 04:37:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Nero\Nero Toolkit\Nero DiscSpeed\DiscSpeed.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_fb3f961b30681c12.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.112_none_42ecccf244e44518.manifest.
Error: (07/10/2018 04:36:32 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. The specified account already exists.
Error: (07/10/2018 04:33:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname acer.local already in use; will try acer-2.local instead
Error: (07/10/2018 04:33:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 16 acer.local. AAAA FE80:0000:0000:0000:9104:0528:8904:E324
Error: (07/10/2018 04:33:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:9104:0528:8904:E324:5353 16 acer.local. AAAA FD0C:8FFF:0438:4300:9104:0528:8904:E324
Error: (07/10/2018 04:33:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing: 16 acer.local. AAAA FE80:0000:0000:0000:9104:0528:8904:E324
System errors:
=============
Error: (07/10/2018 04:37:25 PM) (Source: DCOM) (EventID: 10016) (User: acer)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user acer\Windows 8.1 SID (S-1-5-21-2532843739-1787431547-1269948887-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/10/2018 04:33:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/07/2018 11:34:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/06/2018 02:46:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the UnistoreSvc_4f430 service to connect.
Error: (07/06/2018 02:46:25 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
Error: (07/06/2018 02:46:24 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
Error: (07/06/2018 02:46:22 PM) (Source: DCOM) (EventID: 10010) (User: acer)
Description: The server {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} did not register with DCOM within the required timeout.
Error: (07/06/2018 02:46:19 PM) (Source: DCOM) (EventID: 10001) (User: acer)
Description: Unable to start a DCOM Server: microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca as Unavailable/Unavailable. The error:
"298"
Happened while starting this command:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
==================== Memory info ===========================
Processor: Intel® Core i3-4150 CPU @ 3.50GHz
Percentage of memory in use: 76%
Total physical RAM: 3905.45 MB
Available physical RAM: 929.01 MB
Total Virtual: 7105.45 MB
Available Virtual: 3690.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:150.03 GB) (Free:92.76 GB) NTFS
Drive d: () (Fixed) (Total:775.39 GB) (Free:773.67 GB) NTFS
\\?\Volume{1b840bf1-6adc-11e4-824f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS
\\?\Volume{6605892c-6adc-11e4-8250-448a5ba1179d}\ (HPASERVICE) (Fixed) (Total:5.75 GB) (Free:0.85 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: CEF0B7F9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=775.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5.8 GB) - (Type=27)
==================== End of Addition.txt ============================
Thanks very much again
Paul