Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop battery does not charge, becomes laggy


  • Please log in to reply

#16
Tracychow

Tracychow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Fixlog from FRST:

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018

Ran by TRACY (21-07-2018 22:18:24) Run:1
Running from C:\Users\TRACY\Desktop\geekstogo
Loaded Profiles: TRACY (Available Profiles: TRACY)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
DeleteValue: HKEY_USERS\S-1-5-21-3886821244-992500499-3182294369-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]|"C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.18.0_x86__qmba6cd70vzyy\AuraListen.exe"
DeleteValue: HKEY_USERS\S-1-5-21-3886821244-992500499-3182294369-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|"C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.22.0_x86__qmba6cd70vzyy\AuraListen.exe"
Reboot:
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
 
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
"HKEY_USERS\S-1-5-21-3886821244-992500499-3182294369-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\"C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.18.0_x86__qmba6cd70vzyy\AuraListen.exe"" => not found
"HKEY_USERS\S-1-5-21-3886821244-992500499-3182294369-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\"C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.22.0_x86__qmba6cd70vzyy\AuraListen.exe"" => not found
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 22:18:44 ====

  • 0

Advertisements


#17
Tracychow

Tracychow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

FRST LOG:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018

Ran by TRACY (administrator) on DESKTOP-466VVQU (21-07-2018 22:20:05)
Running from C:\Users\TRACY\Desktop\geekstogo
Loaded Profiles: TRACY (Available Profiles: TRACY)
Platform: Windows 10 Pro Version 1803 17134.165 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Thunderbolt Software\ConditionalAppStarter.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTek COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3886821244-992500499-3182294369-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2018-06-29] (Adobe Systems Incorporated)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{581b3859-df36-42a3-adf5-94ef954973d8}: [DhcpNameServer] 172.24.252.41 172.24.252.42
Tcpip\..\Interfaces\{e7f20f06-8b4d-4f76-a663-50a50cd6d6a2}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3886821244-992500499-3182294369-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3886821244-992500499-3182294369-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-03] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-03] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-03] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-02-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-02-03] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-16] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-16] (Microsoft Corporation)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-02-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-06-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-04-29] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-31] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-31] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems)
 
Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\TRACY\AppData\Local\Google\Chrome\User Data\Default [2018-07-21]
CHR Extension: (Adobe Acrobat) - C:\Users\TRACY\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-29]
CHR Extension: (Fair AdBlocker) - C:\Users\TRACY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2018-04-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TRACY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\TRACY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S3 ArmouryLiveUpdate; C:\Users\Public\Documents\ArmouryLiveUpdate.exe [1187272 2018-01-07] ()
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [127864 2017-07-29] (ASUSTek Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-07-13] (Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [1701480 2017-07-07] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-03-11] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [197264 2017-09-26] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [65904 2018-05-29] (Robert McNeel & Associates)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-04] ()
S3 ROGGamingCenterService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [37848 2017-08-18] (ASUSTeK COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-11] ()
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2150120 2017-03-17] (Intel Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-27] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-27] (Microsoft Corporation)
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [18264 2017-05-12] (Intel® Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-04] (Intel® Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (Apple Inc.)
S3 AsusNumpadKbd; C:\WINDOWS\System32\drivers\AsusDigiFilter.sys [116728 2017-08-01] (ASUSTek COMPUTER INC.)
S3 AsusNumpadPTP; C:\WINDOWS\System32\drivers\AsusDigiFilter.sys [116728 2017-08-01] (ASUSTek COMPUTER INC.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69560 2017-07-07] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382392 2017-07-07] (Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31112 2017-05-03] (ASUS)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [128008 2017-03-11] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37912 2017-04-18] (Intel Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2016-09-19] (Windows ® Win 7 DDK provider)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [7745552 2017-08-12] (Intel Corporation)
S3 nhi; C:\WINDOWS\System32\drivers\tbt81x.sys [129608 2017-04-20] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_08e61ffcdc4d3abf\nvlddmkm.sys [16936560 2017-11-20] (NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_08e61ffcdc4d3abf\nvpciflt.sys [47024 2017-11-20] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-06-21] (NVIDIA Corporation)
S3 pelmouse; C:\WINDOWS\System32\drivers\pelmouse.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\System32\drivers\pelusblf.sys [33048 2016-07-11] ()
S3 pelvendr; C:\WINDOWS\System32\drivers\pelvendr.sys [15032 2016-07-11] (TPMX Electronics Ltd.)
S3 phidmice; C:\WINDOWS\System32\drivers\phidmice.sys [33048 2016-07-11] ()
S3 pmouself; C:\WINDOWS\System32\drivers\pmouself.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
S3 pvendrlf; C:\WINDOWS\System32\drivers\pvendrlf.sys [15032 2016-07-11] (TPMX Electronics Ltd.)
S3 ROGKB; C:\WINDOWS\System32\drivers\ROGKB.sys [31800 2018-01-08] ()
S3 ROGMS; C:\WINDOWS\system32\DRIVERS\ROGMS.sys [31800 2018-01-07] ()
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-12] (Microsoft Corporation)
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-27] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-27] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-27] (Microsoft Corporation)
S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54168 2017-04-18] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-21 18:55 - 2018-07-21 18:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-07-21 18:54 - 2017-07-07 09:30 - 001804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2018-07-21 18:52 - 2018-07-21 18:54 - 000000000 ____D C:\ProgramData\WinFlash
2018-07-21 18:43 - 2018-07-21 18:43 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-07-21 00:44 - 2018-07-21 22:18 - 000000000 ____D C:\Users\TRACY\Desktop\geekstogo
2018-07-21 00:39 - 2018-07-21 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2018-07-21 00:39 - 2018-07-21 00:39 - 000000000 ____D C:\Program Files\LatencyMon
2018-07-21 00:39 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2018-07-21 00:38 - 2018-07-21 00:39 - 002476504 _____ (Resplendence Software Projects Sp. ) C:\Users\TRACY\Downloads\LatencyMon.exe
2018-07-21 00:34 - 2018-07-21 00:34 - 006889184 _____ (Piriform Ltd) C:\Users\TRACY\Downloads\spsetup132.exe
2018-07-21 00:34 - 2018-07-21 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-21 00:34 - 2018-07-21 00:34 - 000000000 ____D C:\Program Files\Speccy
2018-07-21 00:32 - 2018-07-21 00:32 - 000015716 _____ C:\junk.txt
2018-07-21 00:27 - 2018-07-21 00:27 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-07-21 00:22 - 2018-07-21 00:25 - 000028081 _____ C:\VEW.txt
2018-07-20 10:43 - 2018-07-20 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-20 10:43 - 2018-07-20 10:43 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-07-20 09:11 - 2018-07-21 22:20 - 000000000 ____D C:\FRST
2018-07-19 09:12 - 2018-07-19 09:12 - 009888690 _____ C:\Users\TRACY\Documents\CAG Design Management_ Workshop 2 Pre-briefing_20180717.pdf
2018-07-19 09:12 - 2018-07-19 09:12 - 000453837 _____ C:\Users\TRACY\Documents\MBC Workshop #2 Agenda_20180717.pdf
2018-07-16 09:14 - 2018-07-16 09:26 - 000000000 ____D C:\WINDOWS\Minidump
2018-07-11 11:18 - 2018-07-06 22:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-11 11:18 - 2018-07-06 22:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-11 11:18 - 2018-07-06 22:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-11 11:18 - 2018-07-06 22:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-11 11:18 - 2018-07-06 22:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-11 11:18 - 2018-07-06 22:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-11 11:18 - 2018-07-06 22:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-11 11:18 - 2018-07-06 22:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-11 11:18 - 2018-07-06 22:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-11 11:18 - 2018-07-06 22:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-11 11:18 - 2018-07-06 22:15 - 002266520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-07-11 11:18 - 2018-07-06 22:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-11 11:18 - 2018-07-06 21:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-11 11:18 - 2018-07-06 21:53 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2018-07-11 11:18 - 2018-07-06 21:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-11 11:18 - 2018-07-06 21:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-11 11:18 - 2018-07-06 21:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-11 11:18 - 2018-07-06 21:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-11 11:18 - 2018-07-06 21:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-11 11:18 - 2018-07-06 21:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-11 11:18 - 2018-07-06 21:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-11 11:18 - 2018-07-06 21:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-11 11:18 - 2018-07-06 21:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-11 11:18 - 2018-07-06 21:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-11 11:18 - 2018-07-06 21:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-11 11:18 - 2018-07-06 21:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-11 11:18 - 2018-07-06 20:12 - 001539000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-07-11 11:18 - 2018-07-06 20:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-11 11:18 - 2018-07-06 19:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-11 11:18 - 2018-07-06 19:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-11 11:18 - 2018-07-06 19:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-11 11:18 - 2018-07-06 19:53 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2018-07-11 11:18 - 2018-07-06 19:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-11 11:18 - 2018-07-06 19:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-11 11:18 - 2018-07-06 19:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-11 11:18 - 2018-07-06 19:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-11 11:18 - 2018-07-06 19:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-11 11:18 - 2018-07-06 19:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-11 11:18 - 2018-07-06 19:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-11 11:18 - 2018-07-06 19:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-11 11:18 - 2018-07-06 19:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-11 11:18 - 2018-07-06 15:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-11 11:18 - 2018-07-06 15:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-11 11:18 - 2018-07-06 15:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-11 11:18 - 2018-07-06 15:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-11 11:18 - 2018-07-06 15:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-11 11:18 - 2018-07-06 15:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-11 11:18 - 2018-07-06 15:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-11 11:18 - 2018-07-06 15:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-11 11:18 - 2018-07-06 15:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-11 11:18 - 2018-07-06 15:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-11 11:18 - 2018-07-06 15:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-11 11:18 - 2018-07-06 15:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-11 11:18 - 2018-07-06 15:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-11 11:18 - 2018-07-06 15:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-11 11:18 - 2018-07-06 15:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-11 11:18 - 2018-07-06 15:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-11 11:18 - 2018-07-06 15:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-11 11:18 - 2018-07-06 15:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-11 11:18 - 2018-07-06 15:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-11 11:18 - 2018-07-06 15:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-11 11:18 - 2018-07-06 15:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-11 11:18 - 2018-07-06 15:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-11 11:18 - 2018-07-06 15:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-11 11:18 - 2018-07-06 15:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-11 11:18 - 2018-07-06 15:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-11 11:18 - 2018-07-06 15:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-11 11:18 - 2018-07-06 15:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-11 11:18 - 2018-07-06 15:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-11 11:18 - 2018-07-06 15:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-11 11:18 - 2018-07-06 15:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-11 11:18 - 2018-07-06 15:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-11 11:18 - 2018-07-06 15:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-11 11:18 - 2018-07-06 15:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-11 11:18 - 2018-07-06 15:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-11 11:18 - 2018-07-06 15:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-11 11:18 - 2018-07-06 15:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-11 11:18 - 2018-07-06 15:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-11 11:18 - 2018-07-06 15:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-11 11:18 - 2018-07-06 15:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-11 11:18 - 2018-07-06 15:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-11 11:18 - 2018-07-06 15:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-11 11:18 - 2018-07-06 15:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-11 11:18 - 2018-07-06 15:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-11 11:18 - 2018-07-06 15:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-11 11:18 - 2018-07-06 15:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-11 11:18 - 2018-07-06 15:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-11 11:18 - 2018-07-06 15:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-11 11:18 - 2018-07-06 14:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-11 11:18 - 2018-07-06 14:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-11 11:18 - 2018-07-06 14:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-11 11:18 - 2018-07-06 14:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-07-11 11:18 - 2018-07-06 14:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-11 11:18 - 2018-07-06 14:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-11 11:18 - 2018-07-06 14:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-11 11:18 - 2018-07-06 14:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-11 11:18 - 2018-07-06 14:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-11 11:18 - 2018-07-06 14:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-11 11:18 - 2018-07-06 14:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-11 11:18 - 2018-07-06 14:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-11 11:18 - 2018-07-06 13:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-11 11:18 - 2018-06-29 12:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-11 11:18 - 2018-06-16 01:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-11 11:18 - 2018-06-16 01:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-11 11:18 - 2018-06-16 01:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-11 11:18 - 2018-06-16 01:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-11 11:18 - 2018-06-16 01:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-11 11:18 - 2018-06-16 01:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-11 11:18 - 2018-06-16 01:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-11 11:18 - 2018-06-16 01:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-11 11:18 - 2018-06-16 01:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-11 11:18 - 2018-06-16 01:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-11 11:18 - 2018-06-16 01:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-11 11:18 - 2018-06-16 01:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-11 11:18 - 2018-06-16 01:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-11 11:18 - 2018-06-16 01:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-11 11:18 - 2018-06-16 01:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-11 11:18 - 2018-06-16 01:32 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2018-07-11 11:18 - 2018-06-16 01:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2018-07-11 11:18 - 2018-06-16 01:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-11 11:18 - 2018-06-16 01:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-11 11:18 - 2018-06-16 01:31 - 002193920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2018-07-11 11:18 - 2018-06-16 01:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-11 11:18 - 2018-06-16 01:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-11 11:18 - 2018-06-16 01:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-11 11:18 - 2018-06-16 01:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-11 11:18 - 2018-06-16 01:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-11 11:18 - 2018-06-16 01:30 - 001186816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2018-07-11 11:18 - 2018-06-16 01:30 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2018-07-11 11:18 - 2018-06-16 01:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-11 11:18 - 2018-06-16 01:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-11 11:18 - 2018-06-16 01:30 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-07-11 11:18 - 2018-06-16 01:30 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-07-11 11:18 - 2018-06-16 01:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-11 11:18 - 2018-06-16 01:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-11 11:18 - 2018-06-16 01:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-11 11:18 - 2018-06-16 01:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-11 11:18 - 2018-06-16 01:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-11 11:18 - 2018-06-16 01:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-11 11:18 - 2018-06-16 01:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-11 11:18 - 2018-06-16 01:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-11 11:18 - 2018-06-16 01:03 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2018-07-11 11:18 - 2018-06-16 01:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2018-07-11 11:18 - 2018-06-15 23:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-11 11:18 - 2018-06-15 23:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-11 11:18 - 2018-06-15 23:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-11 11:18 - 2018-06-15 23:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-11 11:18 - 2018-06-15 23:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-11 11:18 - 2018-06-15 23:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-11 11:18 - 2018-06-15 23:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-11 11:18 - 2018-06-15 23:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-11 11:18 - 2018-06-15 23:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-11 11:18 - 2018-06-15 23:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-11 11:18 - 2018-06-15 23:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-11 11:18 - 2018-06-15 23:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-11 11:18 - 2018-06-15 23:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-11 11:18 - 2018-06-15 21:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-11 11:18 - 2018-06-15 15:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-11 11:18 - 2018-06-15 15:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-11 11:18 - 2018-06-15 15:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-11 11:18 - 2018-06-15 13:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-11 11:18 - 2018-06-15 13:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-11 11:18 - 2018-06-15 13:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-11 11:18 - 2018-06-15 13:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-11 11:18 - 2018-06-15 13:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-11 11:18 - 2018-06-15 13:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-11 11:18 - 2018-06-15 13:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-11 11:18 - 2018-06-15 13:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-11 11:18 - 2018-06-15 13:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-11 11:18 - 2018-06-15 13:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-11 11:18 - 2018-06-15 13:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-11 11:18 - 2018-06-15 13:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-11 11:18 - 2018-06-15 13:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-11 11:18 - 2018-06-15 13:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-11 11:18 - 2018-06-15 13:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-11 11:18 - 2018-06-15 13:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-11 11:18 - 2018-06-15 13:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-11 11:18 - 2018-06-15 13:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-11 11:18 - 2018-06-15 13:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-11 11:18 - 2018-06-15 13:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-11 11:18 - 2018-06-15 13:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-11 11:18 - 2018-06-15 13:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-11 11:18 - 2018-06-15 13:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-11 11:18 - 2018-06-15 13:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-11 11:18 - 2018-06-15 13:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-11 11:18 - 2018-06-15 13:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-11 11:18 - 2018-06-15 13:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-11 11:18 - 2018-06-15 13:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-11 11:18 - 2018-06-15 13:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-11 11:18 - 2018-06-15 13:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-11 11:18 - 2018-06-15 13:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-11 11:18 - 2018-06-15 13:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-11 11:18 - 2018-06-15 13:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-11 11:18 - 2018-06-15 13:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-11 11:18 - 2018-06-15 13:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-11 11:18 - 2018-06-15 13:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-11 11:18 - 2018-06-15 13:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-11 11:18 - 2018-06-15 13:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-11 11:18 - 2018-06-15 13:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-11 11:18 - 2018-06-15 13:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-11 11:18 - 2018-06-15 13:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-11 11:18 - 2018-06-15 13:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-11 11:18 - 2018-06-15 13:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-11 11:18 - 2018-06-15 13:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-11 11:18 - 2018-06-15 13:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-11 11:18 - 2018-06-15 13:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-11 11:18 - 2018-06-15 12:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-11 11:18 - 2018-06-15 12:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-11 11:18 - 2018-06-15 12:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-11 11:18 - 2018-06-15 12:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-11 11:18 - 2018-06-15 12:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-11 11:18 - 2018-06-15 12:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-11 11:18 - 2018-06-15 12:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-11 11:18 - 2018-06-15 12:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-11 11:18 - 2018-06-15 12:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-11 11:18 - 2018-06-15 12:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-11 11:18 - 2018-06-15 12:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-11 11:18 - 2018-06-15 12:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-11 11:18 - 2018-06-15 12:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 11:18 - 2018-06-15 12:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-11 11:18 - 2018-06-15 12:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-11 11:18 - 2018-06-15 12:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-11 11:18 - 2018-06-15 12:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-11 11:18 - 2018-06-15 12:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-11 11:18 - 2018-06-15 12:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-11 11:18 - 2018-06-15 12:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-11 11:18 - 2018-06-15 12:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-11 11:18 - 2018-06-15 12:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-11 11:18 - 2018-06-15 12:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-11 11:18 - 2018-06-15 12:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-11 11:18 - 2018-06-15 12:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-11 11:18 - 2018-06-15 12:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-11 11:18 - 2018-06-15 12:42 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-07-11 11:18 - 2018-06-15 12:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-11 11:18 - 2018-06-15 12:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-11 11:18 - 2018-06-15 12:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-11 11:18 - 2018-06-15 12:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-11 11:18 - 2018-06-15 12:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-11 11:18 - 2018-06-15 12:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-11 11:18 - 2018-06-15 12:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-11 11:18 - 2018-06-15 12:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-11 11:18 - 2018-06-15 12:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-11 11:18 - 2018-06-15 12:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-11 11:18 - 2018-06-15 12:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-11 11:18 - 2018-06-15 12:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-11 11:18 - 2018-06-15 12:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-11 11:18 - 2018-06-15 12:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-11 11:18 - 2018-06-15 12:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-11 11:18 - 2018-06-15 12:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-11 11:18 - 2018-06-15 12:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-11 11:18 - 2018-06-15 12:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-11 11:18 - 2018-06-15 12:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-11 11:18 - 2018-06-15 12:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-11 11:18 - 2018-06-15 12:37 - 001069056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-07-11 11:18 - 2018-06-15 12:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-11 11:18 - 2018-06-15 12:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-11 11:18 - 2018-06-01 13:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-10 12:09 - 2018-07-10 12:09 - 065388456 _____ (Trimble, Inc.) C:\Users\TRACY\Downloads\SketchUpViewer-en.exe
2018-07-10 12:09 - 2018-07-10 12:09 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp Viewer.lnk
2018-07-10 12:08 - 2018-07-10 12:09 - 000000000 ____D C:\Program Files\SketchUp
2018-07-10 12:08 - 2018-07-10 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2018
2018-07-10 12:05 - 2018-07-10 12:05 - 171189408 _____ (Trimble, Inc.) C:\Users\TRACY\Downloads\SketchUpPro-en.exe
2018-07-06 09:06 - 2018-07-06 09:06 - 000000000 ____D C:\Users\TRACY\AppData\Local\SolidDocuments
2018-07-03 22:38 - 2018-07-03 22:38 - 000001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-07-01 10:05 - 2018-07-01 10:05 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom CC.lnk
2018-07-01 10:03 - 2018-07-01 10:03 - 000001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-21 22:20 - 2018-04-29 09:00 - 000000182 _____ C:\Users\TRACY\AppData\Roaming\sp_data.sys
2018-07-21 22:19 - 2018-05-30 08:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-21 22:19 - 2018-04-29 14:42 - 000000000 ___RD C:\Users\TRACY\Creative Cloud Files
2018-07-21 22:19 - 2018-04-29 07:08 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-21 22:19 - 2018-04-28 18:20 - 000000000 ____D C:\Users\TRACY\AppData\Local\Adobe
2018-07-21 22:19 - 2018-04-12 07:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-21 22:19 - 2018-04-12 05:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-21 19:00 - 2018-05-30 08:42 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-21 19:00 - 2018-04-12 07:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-21 18:48 - 2018-01-11 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-07-21 18:48 - 2017-05-17 03:49 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-07-21 18:43 - 2018-05-30 08:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUSTek Computer Inc
2018-07-21 18:43 - 2018-01-11 13:23 - 000000000 ____D C:\Program Files (x86)\ASUSTek COMPUTER INC
2018-07-21 09:41 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-21 00:23 - 2018-06-14 08:35 - 000000000 ____D C:\ProgramData\Packages
2018-07-21 00:23 - 2018-04-12 07:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-21 00:07 - 2018-04-12 07:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-21 00:03 - 2018-01-11 13:18 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-21 00:01 - 2018-04-29 09:00 - 000000000 ____D C:\Users\TRACY\AppData\Local\Packages
2018-07-20 16:16 - 2018-04-29 23:33 - 000000033 _____ C:\Users\TRACY\AppData\Roaming\AdobeWLCMCache.dat
2018-07-20 14:49 - 2018-05-30 08:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-20 10:43 - 2018-04-28 18:27 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-07-20 10:43 - 2018-04-12 07:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-07-20 10:43 - 2018-01-11 13:30 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-20 10:43 - 2018-01-11 13:30 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-20 10:43 - 2018-01-11 13:30 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-20 10:43 - 2018-01-11 13:30 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-20 10:43 - 2018-01-11 13:30 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-20 10:43 - 2018-01-11 13:30 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-20 10:43 - 2018-01-11 13:30 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-20 10:43 - 2018-01-11 13:30 - 000000000 ____D C:\Program Files\Microsoft Office
2018-07-19 10:20 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-19 10:18 - 2018-04-29 14:53 - 000000000 ____D C:\Users\TRACY\AppData\Roaming\vlc
2018-07-18 20:21 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-17 09:50 - 2018-04-28 18:22 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-16 21:02 - 2018-05-30 08:36 - 000000000 ____D C:\Users\TRACY
2018-07-13 08:36 - 2018-04-29 15:04 - 000000000 ____D C:\Users\TRACY\Documents\TRACY
2018-07-12 09:09 - 2018-05-30 08:34 - 003700168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-12 09:09 - 2018-04-29 09:00 - 000000000 ___RD C:\Users\TRACY\3D Objects
2018-07-12 09:09 - 2018-01-11 13:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-11 21:00 - 2018-04-12 17:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-11 21:00 - 2018-04-12 07:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-11 21:00 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-11 21:00 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-11 21:00 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-11 21:00 - 2018-04-12 07:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-11 12:05 - 2018-05-30 08:38 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-07-11 12:05 - 2018-04-29 15:44 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2018-07-11 12:05 - 2018-04-29 15:44 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2018-07-11 11:21 - 2018-05-21 09:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 11:20 - 2018-05-21 09:29 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-10 12:10 - 2018-05-15 15:03 - 000000000 ____D C:\Users\TRACY\AppData\Roaming\SketchUp
2018-07-10 12:10 - 2018-05-15 15:03 - 000000000 ____D C:\Users\TRACY\AppData\Local\SketchUp
2018-07-10 08:51 - 2018-05-30 08:38 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3886821244-992500499-3182294369-1001
2018-07-10 08:51 - 2018-05-30 08:36 - 000002365 _____ C:\Users\TRACY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-10 08:51 - 2018-04-29 09:02 - 000000000 ___RD C:\Users\TRACY\OneDrive
2018-07-03 22:38 - 2018-04-28 18:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-07-02 21:04 - 2018-05-30 09:29 - 000000000 ___HD C:\adobeTemp
2018-07-01 10:05 - 2018-04-29 14:43 - 000000000 ____D C:\Program Files\Adobe
2018-07-01 10:03 - 2018-04-29 14:53 - 000000000 ____D C:\Users\TRACY\Documents\Adobe
2018-07-01 10:03 - 2018-04-29 14:43 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-07-01 10:03 - 2018-04-29 09:00 - 000000000 ____D C:\Users\TRACY\AppData\Roaming\Adobe
2018-07-01 10:03 - 2018-04-28 18:22 - 000000000 ____D C:\ProgramData\Adobe
2018-06-29 09:13 - 2018-04-12 07:41 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-29 09:13 - 2018-04-12 07:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-27 18:20 - 2018-04-28 18:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-26 09:07 - 2018-04-29 09:07 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
 
==================== Files in the root of some directories =======
 
2018-04-29 23:33 - 2018-07-20 16:16 - 000000033 _____ () C:\Users\TRACY\AppData\Roaming\AdobeWLCMCache.dat
2018-04-29 09:00 - 2018-07-21 22:20 - 000000182 _____ () C:\Users\TRACY\AppData\Roaming\sp_data.sys
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-30 08:34
 
==================== End of FRST.txt ============================

  • 0

#18
Tracychow

Tracychow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Addition.txt

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018

Ran by TRACY (21-07-2018 22:20:33)
Running from C:\Users\TRACY\Desktop\geekstogo
Windows 10 Pro Version 1803 17134.165 (X64) (2018-05-30 00:39:05)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3886821244-992500499-3182294369-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3886821244-992500499-3182294369-503 - Limited - Disabled)
Guest (S-1-5-21-3886821244-992500499-3182294369-501 - Limited - Disabled)
TRACY (S-1-5-21-3886821244-992500499-3182294369-1001 - Administrator - Enabled) => C:\Users\TRACY
WDAGUtilityAccount (S-1-5-21-3886821244-992500499-3182294369-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_1) (Version: 13.1 - Adobe Systems Incorporated)
Adobe Lightroom CC (HKLM-x32\...\LRCC_1_4) (Version: 1.4 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_5) (Version: 19.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.7 - ASUSTeK COMPUTER INC.)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0057 - ASUSTeK COMPUTER INC.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.)
Epic Games Launcher (HKLM-x32\...\{553CD836-D438-469B-B268-700638DFF184}) (Version: 1.1.151.0 - Epic Games, Inc.)
GameFirst IV (HKLM-x32\...\{370651DD-8ABF-4807-9533-0869FDF79BFA}) (Version: 1.5.31 - ASUSTeK COMPUTER INC.) Hidden
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.31) (Version: 1.5.31 - ASUSTeK COMPUTER INC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{7B11A2EA-168E-442A-809E-5F8908A7504F}) (Version: 19.50.1 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{891cd734-9057-45dc-a9c8-2d9a2ad9372c}) (Version: 19.80.0 - Intel Corporation)
LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3886821244-992500499-3182294369-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.16 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.16 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8219 - Realtek Semiconductor Corp.)
Rhino 6 (HKLM\...\{C7E0FF70-5904-4864-BCFB-512577063667}) (Version: 6.5.18149.14421 - Robert McNeel & Associates) Hidden
Rhino 6 (HKLM-x32\...\{5905d620-05cd-400e-bd37-3bee88c264ba}) (Version: 6.5.18149.14421 - Robert McNeel & Associates)
Rhino Installer Engine (HKLM\...\{BC513E08-5D11-49E1-9B0C-DFF9CDDA35DF}) (Version: 6.5.18149.14421 - Robert McNeel & Associates) Hidden
Rhinoceros 6 Language Pack Installer (en-US) (HKLM\...\{D3204D05-19FB-4A31-8774-50553DE925C7}) (Version: 6.5.18149.14421 - Robert McNeel & Associates) Hidden
ROG GameVisual (HKLM-x32\...\{CCE68413-4A57-4F5F-8A0D-273AD1523764}) (Version: 1.02.0001 - ASUS)
ROG Gaming Center (HKLM\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.1.4 - ASUSTeK COMPUTER INC.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
SketchUp Viewer (HKLM\...\{4264353D-8E1D-4F54-83DD-D49EB9F7AFD4}) (Version: 18.0.16975 - Trimble, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Thunderbolt™ Software (HKLM-x32\...\{87A31923-8F18-4943-8093-17DBEE0101B7}) (Version: 16.3.61.275 - Intel Corporation)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.5 - ASUSTeK COMPUTER INC.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
XSplit Gamecaster (HKLM-x32\...\{A39B5969-9683-49F9-AA69-F40EF0D91441}) (Version: 3.0.1705.3123 - SplitmediaLabs)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3886821244-992500499-3182294369-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-034D3B811574}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3886821244-992500499-3182294369-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-31] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {036EF1ED-5E4D-4F3B-9D32-EA1469D48534} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {0A1B414E-3EA6-4C26-B1D9-4C7ECB5365DC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-20] (Microsoft Corporation)
Task: {166AAD10-73DE-4F2E-BF82-4794EA66B7C3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => ConditionalAppStarter.exe
Task: {1D7319D5-0E94-4247-A538-298554E4CDEB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {1ED8A9B6-64DD-4FE0-B92B-A5358581B165} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-07-20] (Microsoft Corporation)
Task: {2F1D0C48-03F7-456F-878D-5EE8CB024697} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-04-29] (Google Inc.)
Task: {3048D352-3DDC-4C12-A0A7-21927716A1B5} - System32\Tasks\SS2Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe
Task: {32214AC6-5CB5-4E5E-A67E-478754B8F7A1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-20] (Microsoft Corporation)
Task: {377A604F-3671-4DEC-96D9-E86B712FE836} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {39A02F28-7FB9-43E9-8AE1-BF5C4870AF21} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {47255E2A-B906-4B5E-8A8B-8C2D1D1C4DA1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {5154270D-BCC2-4889-BCA7-930641159EC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {53C8B2BE-D700-49A2-B687-3CE64C88E7BB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-11-15] (ASUSTek Computer Inc.)
Task: {544EDEAC-CADA-4492-BB6C-2019FA5BB0A3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {56B593C3-4344-4ABB-B0E8-B1E0699878D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6689C739-B374-473E-BC67-9A60D1F2C6CB} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2017-07-29] (ASUSTek Computer Inc.)
Task: {67583B1C-D524-4FB2-ABF4-1A522E54BD14} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel® Corporation)
Task: {6A341C7E-318A-4CA2-978A-23C82E1F079C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-11-10] (ASUSTek COMPUTER INC.)
Task: {70E8523D-1436-4D0E-9BBC-3FD9B7C18A06} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2017-07-27] ()
Task: {7197F8F7-994A-46CB-A773-4641E4D87826} - System32\Tasks\SS2Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe
Task: {7C5F2D58-3454-4A96-8F0D-B390A63995CF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {81585C1A-C1CD-43BD-826C-B0A7F7AAA5A9} - System32\Tasks\ROG GameVisual => C:\Program Files (x86)\ASUS\ROG GameVisual\ACMON.exe [2017-07-21] (ASUS)
Task: {8226981F-2981-438A-BC0D-F3DC83CF5E1C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {87232A42-421C-48F3-BDDD-BD2E4DF7EAC0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-20] (Microsoft Corporation)
Task: {878D4FD9-656F-402A-AD51-CC31EE0EA3E6} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [2017-08-18] (ASUSTek Computer Inc.)
Task: {8A3A7A8F-8CE1-4486-A866-529221C7C8D4} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {8D5971B2-207A-4942-B133-A79FE2C78D51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {9719FC5E-3BBA-435F-99CD-5FAA63B01032} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
Task: {97EA44CD-E7B7-4D27-A772-C9A70C429387} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-04-29] (Google Inc.)
Task: {987E31AA-78B4-4599-9CE1-E3AD9A901E00} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-466VVQU-TRACY => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {992FF43E-ED07-4C55-A20C-A6F5A2DCAAC3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-20] (Microsoft Corporation)
Task: {9C4AE71D-A7A9-4FDB-A48E-6A41572C1EC8} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {B2943B9B-1089-45B4-868E-35040A604FE4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-20] (Microsoft Corporation)
Task: {B3FCBF58-8A48-4228-BFA5-4BC4A716650F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {BB7CBF18-D782-43C3-8E6D-6722C4EB3AD5} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2017-07-29] (ASUSTek Computer Inc.)
Task: {BD59CDDA-A545-41DB-851A-67CC500F7CE3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-07-27] (Realtek Semiconductor)
Task: {C422C4F4-3C3A-4758-8622-D8BB13067319} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-07-27] (Realtek Semiconductor)
Task: {D35964DF-E147-4931-9E99-7C0111A520CF} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-466VVQU-TRACY => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {E90918CF-F680-4D42-9936-D2962C6F487B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {EFFE78E8-F9B5-4D33-89E6-301B32656F7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
Task: {F30643E5-B95F-4714-AF98-5740DC9B8CEF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {FC49ECB3-846C-4176-9ED3-F40DB44BCEE1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {FE1D6A22-8E5E-4CC5-A088-BE7255597F3D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {FEF07D61-96B9-436A-A0B9-A3A993F84A36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-27] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-12 07:34 - 2018-04-12 07:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 07:34 - 2018-04-12 07:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 07:34 - 2018-04-12 07:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-11 11:18 - 2018-07-06 14:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-26 09:07 - 2018-06-23 03:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-26 09:07 - 2018-06-23 03:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-07-16 08:38 - 2018-07-16 08:38 - 000062464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-07-16 08:38 - 2018-07-16 08:38 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-08 16:34 - 2018-06-08 16:34 - 035475912 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-06-07 14:35 - 2018-06-07 14:35 - 081764304 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2018-06-07 14:35 - 2018-06-07 14:35 - 002257360 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libglesv2.dll
2018-06-07 14:35 - 2018-06-07 14:35 - 000110544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\swiftshader\libegl.dll
2018-04-12 21:33 - 2018-04-12 21:33 - 000142376 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000271400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000141864 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ref\build\Release\binding.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000150568 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-04-12 21:33 - 2018-04-12 21:33 - 000097832 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-04-12 21:33 - 2018-04-12 21:33 - 000110120 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\node_modules\idle-gc\build\Release\idle-gc.node
2018-06-28 10:46 - 2018-06-28 10:46 - 000125976 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-06-28 10:46 - 2018-06-28 10:46 - 000124952 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ref\build\Release\binding.node
2018-06-28 10:46 - 2018-06-28 10:46 - 000133144 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-06-28 10:46 - 2018-06-28 10:46 - 000222232 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-06-28 10:46 - 2018-06-28 10:46 - 000099864 _____ () C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2018-06-28 10:46 - 2018-06-28 10:46 - 000106520 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\bufferutil\build\Release\bufferutil.node
2018-06-28 10:46 - 2018-06-28 10:46 - 000094232 _____ () \\?\C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-07-21 07:38 - 2017-07-21 07:38 - 000038400 _____ () C:\Program Files (x86)\ASUS\ROG GameVisual\DetectDisplayDC.dll
2017-06-08 03:26 - 2017-06-08 03:26 - 000125440 _____ () C:\Program Files (x86)\ASUS\ROG GameVisual\CCTAdjust.dll
2017-06-08 03:26 - 2017-06-08 03:26 - 000029184 _____ () C:\Program Files (x86)\ASUS\ROG GameVisual\VideoEnhance.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3886821244-992500499-3182294369-1001\...\sharepoint.com -> hxxps://changiairport-files.sharepoint.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-19 05:03 - 2017-03-19 05:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3886821244-992500499-3182294369-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{DF59AAD0-5418-47CD-945A-4FBE5F4F6560}C:\program files\epic games\ue_4.19\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.19\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [TCP Query User{4AA6C332-FBF5-4CDE-A421-01A07DA75FF9}C:\program files\epic games\ue_4.19\engine\binaries\dotnet\swarmagent.exe] => (Allow) C:\program files\epic games\ue_4.19\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{1FAFF261-3F3C-4953-8E98-E1EA577036CB}C:\program files\epic games\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.19\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{BC989DA6-E8A9-421F-BF26-1C600419963A}C:\program files\epic games\ue_4.19\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\ue_4.19\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{58911B1C-2EF5-4CBF-BA36-B678A61DA82F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{3D7049A0-4F26-4AE4-A83F-02FF67A8C03F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{8D23DD9A-2F45-4D45-A5D1-E2972ADCD9C3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{4ED5A877-278B-482D-9249-9B068CFD1995}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{0F7126D8-1B6C-49EB-8ACF-8A39212CD7A9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2CFE722C-AC21-4087-837D-4D97B238ED53}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8EC79BE1-CDD7-4F0D-81BE-D647A5C1CDF6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9655B520-532A-41DA-B1A3-16F555DD26C9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{48E5FCC4-02BC-4017-9EFD-B541E6ABC402}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{29ECCAC5-ED91-4030-A5DD-CA2ACBC177D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{57672B5E-3D13-4C27-BF38-B607A277D730}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB37B7E0-8AFF-4058-9C40-F08A7D2C2805}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4704BE75-3E6F-44F6-A973-E02EA44CCA51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E3F6A10C-0456-4209-845A-2A2DD972E2EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EFE757E9-C692-4D33-95F0-35063A032D27}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4E63893D-1488-416F-8D3E-A94322B9559E}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe
FirewallRules: [{DD32DD15-D5C4-42AB-B8DA-76848B79D014}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe
FirewallRules: [{4C75A998-8DB7-4C75-9228-D511FD38FE8F}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe
FirewallRules: [{7ED131B9-3144-4393-8991-61C0C7C19994}] => (Allow) C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.cam.exe
FirewallRules: [{4A741D2E-E7FF-4390-BD3F-028970F2DA2C}] => (Allow) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe
FirewallRules: [{7DFDA653-E96B-4F94-8427-310C4EFE5CF1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
10-07-2018 12:07:58 Installed SketchUp 2018
20-07-2018 16:28:02 Scheduled Checkpoint
21-07-2018 18:43:32 Removed ASUS PTP Driver
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (07/21/2018 10:19:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-466VVQU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-466VVQU\TRACY SID (S-1-5-21-3886821244-992500499-3182294369-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/21/2018 10:19:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/21/2018 10:19:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 15%
Total physical RAM: 24534.3 MB
Available physical RAM: 20805.77 MB
Total Virtual: 28118.3 MB
Available Virtual: 23135.03 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:475.89 GB) (Free:34.66 GB) NTFS
 
\\?\Volume{6483c542-f249-4721-a4ed-326b9c9e7058}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.33 GB) NTFS
\\?\Volume{168b8a59-9ad4-4f8b-882d-e982e685f1c3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.23 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: FCD53DAE)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,170 posts
  • MVP

Latency Mon is blaming Chrome now and when I look at Speccy I see a lot of Chrome connections some using quite a bit of memory.  Are you surfing or something while speccy and Latency monitor were running or did you have a bunch of tabs open in Chrome.

 

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (9164)
                    Local 192.168.1.112:49991    ESTABLISHED Remote 149.154.167.120:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49992    ESTABLISHED Remote 74.125.200.94:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49993    ESTABLISHED Remote 74.125.200.95:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49995    ESTABLISHED Remote 172.217.27.34:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49997    ESTABLISHED Remote 149.154.167.120:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49998    ESTABLISHED Remote 149.154.171.22:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49999    ESTABLISHED Remote 149.154.171.22:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50000    ESTABLISHED Remote 149.154.171.22:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50001    ESTABLISHED Remote 149.154.171.22:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50004    ESTABLISHED Remote 74.125.200.102:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50005    ESTABLISHED Remote 74.125.200.94:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50007    ESTABLISHED Remote 149.154.167.24:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50008    ESTABLISHED Remote 74.125.24.189:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50009    ESTABLISHED Remote 149.154.171.22:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50014    ESTABLISHED Remote 74.125.200.94:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49927    ESTABLISHED Remote 74.125.200.84:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49930    ESTABLISHED Remote 74.125.200.94:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49931    ESTABLISHED Remote 74.125.200.99:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49932    ESTABLISHED Remote 74.125.200.188:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49938    ESTABLISHED Remote 74.125.200.139:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49941    ESTABLISHED Remote 172.217.166.142:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49944    ESTABLISHED Remote 169.60.79.103:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49956    ESTABLISHED Remote 74.125.24.189:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49958    ESTABLISHED Remote 74.125.200.113:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49978    ESTABLISHED Remote 172.217.27.34:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:49979    ESTABLISHED Remote 172.217.194.95:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50121    ESTABLISHED Remote 104.28.28.94:80 (Querying... ) (HTTP)
                    Local 192.168.1.112:50122    CLOSE-WAIT Remote 52.41.184.235:80 (Querying... ) (HTTP)
                    Local 192.168.1.112:49989    ESTABLISHED Remote 74.125.200.113:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50127    ESTABLISHED Remote 157.240.7.38:443 (Querying... ) (HTTPS)
                    Local 192.168.1.112:50128    ESTABLISHED Remote 104.28.28.94:80 (Querying... ) (HTTP)
                    Local 192.168.1.112:50129    ESTABLISHED Remote 104.28.28.94:80 (Querying... ) (HTTP)
                    Local 192.168.1.112:50130    ESTABLISHED Remote 104.28.28.94:80 (Querying... ) (HTTP)

 

 

Go on to Chrome and click on the three dots in the upper right then on Settings then on Advanced (at the bottom of the page)  then scroll down to where it says System.  You should see

Continue running background apps when Google Chrome is closed

Make sure that is not enabled (blue).  Then close Chrome and rerun Latency Monitor.

 

Speccy says your PC is now reporting battery state correctly.  I wonder if that had any effect on your charging problem?  I'm going to have to delete your speccy log as you left in the serial number.
 


  • 0

#20
Tracychow

Tracychow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Latency Monitor:

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:01:00  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        DESKTOP-466VVQU
OS version:                                           Windows 10 , 10.0, build: 17134 (x64)
Hardware:                                             GX501VIK, ASUSTeK COMPUTER INC.
CPU:                                                  GenuineIntel Intel® Core™ i7-7700HQ CPU @ 2.80GHz
Logical processors:                                   8
Processor groups:                                     1
RAM:                                                  24534 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2808 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   417.914454
Average measured interrupt to process latency (µs):   5.264269
 
Highest measured interrupt to DPC latency (µs):       381.082552
Average measured interrupt to DPC latency (µs):       1.851755
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              101.823006
Driver with highest ISR routine execution time:       HDAudBus.sys - High Definition Audio Bus Driver, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.000472
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.000918
 
ISR count (execution time <250 µs):                   1161
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              910.703348
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.050866
Driver with highest DPC total execution time:         nvlddmkm.sys - NVIDIA Windows Kernel Mode Driver, Version 388.16 , NVIDIA Corporation
 
Total time spent in DPCs (%)                          0.112602
 
DPC count (execution time <250 µs):                   169680
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                57
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 msmpeng.exe
 
Total number of hard pagefaults                       12
Hard pagefault count of hardest hit process:          8
Number of processes hit:                              4
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       3.838184
CPU 0 ISR highest execution time (µs):                101.823006
CPU 0 ISR total execution time (s):                   0.004408
CPU 0 ISR count:                                      1161
CPU 0 DPC highest execution time (µs):                910.703348
CPU 0 DPC total execution time (s):                   0.533893
CPU 0 DPC count:                                      168398
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       3.75140
CPU 1 ISR highest execution time (µs):                0.0
CPU 1 ISR total execution time (s):                   0.0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                23.290954
CPU 1 DPC total execution time (s):                   0.000267
CPU 1 DPC count:                                      88
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       3.045423
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                171.730769
CPU 2 DPC total execution time (s):                   0.003580
CPU 2 DPC count:                                      663
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       4.285642
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                20.430912
CPU 3 DPC total execution time (s):                   0.000041
CPU 3 DPC count:                                      15
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       2.633779
CPU 4 ISR highest execution time (µs):                0.0
CPU 4 ISR total execution time (s):                   0.0
CPU 4 ISR count:                                      0
CPU 4 DPC highest execution time (µs):                60.451923
CPU 4 DPC total execution time (s):                   0.000876
CPU 4 DPC count:                                      195
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       2.803112
CPU 5 ISR highest execution time (µs):                0.0
CPU 5 ISR total execution time (s):                   0.0
CPU 5 ISR count:                                      0
CPU 5 DPC highest execution time (µs):                16.284544
CPU 5 DPC total execution time (s):                   0.000244
CPU 5 DPC count:                                      67
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       1.833573
CPU 6 ISR highest execution time (µs):                0.0
CPU 6 ISR total execution time (s):                   0.0
CPU 6 ISR count:                                      0
CPU 6 DPC highest execution time (µs):                69.637108
CPU 6 DPC total execution time (s):                   0.001716
CPU 6 DPC count:                                      305
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       5.135166
CPU 7 ISR highest execution time (µs):                0.0
CPU 7 ISR total execution time (s):                   0.0
CPU 7 ISR count:                                      0
CPU 7 DPC highest execution time (µs):                6.445157
CPU 7 DPC total execution time (s):                   0.000016
CPU 7 DPC count:                                      6
_________________________________________________________________________________________________________

  • 0

#21
Tracychow

Tracychow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

As for the battery issue, it seems to be charging now, but I know there's still a problem whenever the battery pop-up looks like this, where the only option is to choose screen brightness:

2qjas9i.jpg

 

Whereas in the past it used to look like this, with the slider functionality:

fjdks9.png


  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,170 posts
  • MVP

Now it doesn't like MSE.

 

Process with highest pagefault count:                 msmpeng.exe
 
Total number of hard pagefaults                       12
Hard pagefault count of hardest hit process:          8
Number of processes hit:                              4
 
It's hard to understand why it is having page faults.  You have 24GB of RAM which is 4 times what my PC has &  it has 0 page faults.  (I use the free Avast so that may be part of it.)  Run Process Explorer again but this time click on the Working Bytes column header once or twice until the biggest numbers are at the top.  Wait 1 minute before saving the log.  Let's see what is using up the memory.
 
As far as the battery is concerned there's probably not much more we can do.  It's charging now which it didn't do before.  You might try suspending USBChargerPlus.exe or uninstalling 
 
ASUS USB Charger Plus.   Lets it utilize laptop battery power for external applications even while the laptop is powered off.  Just right click on it and Suspend.  I expect it's one of the Startup items if you want to run Task Manager and disable it permanently.  Or there might be a newer version of the program.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP