Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Am I infected? fb, paypal

Started by vanillabean , Oct 20 2018 04:52 PM

  • This topic is locked This topic is locked

#1
vanillabean
Posted 20 October 2018 - 04:52 PM

vanillabean

    New Member

  • Member
  • Pip
  • 5 posts

Lately, maybe the last couple weeks, I've had facebook giving me a fake 'please log in to continue' message on both firefox and chrome. I never clicked it, I just closed the tab and opened another one. (lol..)

Another thing, yesterday I was completing a purchase with paypal. The little paypal popup window loaded, then Avast said it blocked a threat "HTML:Paypal-B [Phish.]"

The paypal window loaded normally, and I wondered if since Avast secured the threat that it was safe to continue, but I thought I'd better not. 

I ran scans with Avast and Malwarebytes which both detected nothing.

 

Here are my FRST logs:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018

Ran by Ronni (administrator) on KZO (20-10-2018 16:59:04)
Running from C:\Users\Ronni\Desktop
Loaded Profiles: Ronni (Available Profiles: Ronni & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3784512 2018-10-09] (Dropbox, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3206432 2018-08-08] (Valve Corporation)
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [369152 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [1449472 2018-09-10] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-03-31]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\Users\Ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Daily Routine.odt [2018-09-07] ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88487950-8a08-44c9-9fb4-6cedbfea0fcf}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1741139138-458572066-732062563-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://tumblr.com/
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-07] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-07] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-07] (Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: tyoycqmo.default
FF ProfilePath: C:\Users\Ronni\AppData\Roaming\Mozilla\Firefox\Profiles\tyoycqmo.default [2018-10-19]
FF Extension: (Avast Online Security) - C:\Users\Ronni\AppData\Roaming\Mozilla\Firefox\Profiles\tyoycqmo.default\Extensions\[email protected] [2018-10-10]
FF Extension: (Telemetry coverage) - C:\Users\Ronni\AppData\Roaming\Mozilla\Firefox\Profiles\tyoycqmo.default\features\{156c5d34-b285-44e5-b89a-451cff46bc99}\[email protected] [2018-10-10] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-12-07] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-12-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1741139138-458572066-732062563-1000: SkypePlugin -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1741139138-458572066-732062563-1000: SkypePlugin64 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi-x64.dll [2015-08-02] (Skype Technologies S.A.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR NewTab: Default ->  Active:"chrome-extension://jonikckfpolfcdcgdficelkfffkloemh/n.html"
CHR Profile: C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default [2018-10-20]
CHR Extension: (Slides) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-17]
CHR Extension: (Docs) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-17]
CHR Extension: (Google Drive) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Skype Calling) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Honey) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-08-25]
CHR Extension: (Adblock Plus) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-10]
CHR Extension: (Google Search) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-08]
CHR Extension: (Sheets) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-17]
CHR Extension: (Google Docs Offline) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Avast Online Security) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-03]
CHR Extension: (New XKit) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2018-06-17] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
CHR Extension: (Blank New Tab Page) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jonikckfpolfcdcgdficelkfffkloemh [2018-07-30]
CHR Extension: (TTSReader - Unlimited Text-To-Speech) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\melfcogdhodeocnkdiplgdpkllopbhan [2016-02-08]
CHR Extension: (Video Speed Controller) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2018-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-17]
CHR Extension: (Showgoers for Netflix) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcmaninppdeakmhaonacejmfcgeempfo [2017-03-04]
CHR Extension: (SpeakIt!) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2016-12-20]
CHR Extension: (Gmail) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-27] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-27] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-27] (AVAST Software)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2015-10-19] (BioWare)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-14] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-10-09] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3346856 2018-05-30] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353768 2018-06-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-20] (Microsoft Corporation)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127272 2009-07-15] (Wacom Technology, Corp.)
S2 wust; C:\OSRSS\wust.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-27] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-27] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-27] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-27] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-27] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-28] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-27] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-28] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-27] (AVAST Software)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260384 2018-10-10] (Malwarebytes)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-04-11] (MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc520364db29861\nvlddmkm.sys [17213832 2018-09-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-09-17] (NVIDIA Corporation)
R3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-30] (TP Microelectronic)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-20 16:59 - 2018-10-20 16:59 - 000022931 _____ C:\Users\Ronni\Desktop\FRST.txt
2018-10-20 16:58 - 2018-10-20 16:59 - 000000000 ____D C:\FRST
2018-10-20 16:47 - 2018-10-20 16:47 - 002414592 _____ (Farbar) C:\Users\Ronni\Desktop\FRST64.exe
2018-10-19 22:31 - 2018-10-19 22:31 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\Google
2018-10-19 01:46 - 2018-10-19 01:46 - 000001961 _____ C:\Users\Ronni\Desktop\TS Femininity.txt
2018-10-19 01:46 - 2018-10-19 01:46 - 000000216 _____ C:\Users\Ronni\Desktop\beyond the veil 5d.txt
2018-10-19 01:45 - 2018-10-19 01:45 - 000003750 _____ C:\Users\Ronni\Desktop\BPD trauma.txt
2018-10-16 22:18 - 2018-10-19 01:23 - 000058581 _____ C:\Users\Ronni\Desktop\delusion zoNe hxc god mode.aup
2018-10-16 22:18 - 2018-10-16 22:18 - 000000000 ____D C:\Users\Ronni\Desktop\delusion zoNe hxc god mode_data
2018-10-12 15:36 - 2018-10-12 15:36 - 000002021 _____ C:\Users\Ronni\Desktop\crown1.aup
2018-10-12 15:36 - 2018-10-12 15:36 - 000000000 ____D C:\Users\Ronni\Desktop\crown1_data
2018-10-11 14:14 - 2018-10-12 11:04 - 000007139 _____ C:\Users\Ronni\Desktop\crown.aup
2018-10-11 14:14 - 2018-10-11 14:14 - 000000000 ____D C:\Users\Ronni\Desktop\crown_data
2018-10-11 13:53 - 2018-10-11 13:53 - 000005421 _____ C:\Users\Ronni\Desktop\missing.aup
2018-10-11 13:53 - 2018-10-11 13:53 - 000000000 ____D C:\Users\Ronni\Desktop\missing_data
2018-10-10 17:42 - 2018-10-10 17:42 - 000260384 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-10 13:39 - 2018-10-10 13:39 - 000000163 _____ C:\Users\Ronni\Desktop\2playOnGuitar.txt
2018-10-10 04:54 - 2018-09-21 04:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 04:54 - 2018-09-20 22:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 04:54 - 2018-09-20 04:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 04:54 - 2018-09-20 03:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 04:54 - 2018-09-19 23:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 04:54 - 2018-09-19 23:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 04:54 - 2018-09-19 23:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 04:54 - 2018-09-19 23:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 04:54 - 2018-09-19 23:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 04:54 - 2018-09-19 23:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 04:54 - 2018-09-19 23:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 04:54 - 2018-09-19 23:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 04:54 - 2018-09-19 23:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 04:54 - 2018-09-19 22:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 04:54 - 2018-09-19 22:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 04:54 - 2018-09-19 22:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 04:54 - 2018-09-19 22:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 04:54 - 2018-09-19 22:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 04:54 - 2018-09-19 22:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 04:54 - 2018-09-19 22:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 04:54 - 2018-09-08 03:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 04:54 - 2018-09-08 02:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 04:54 - 2018-09-07 22:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 04:54 - 2018-09-07 22:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 04:54 - 2018-09-07 22:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 04:54 - 2018-09-07 22:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 04:54 - 2018-09-07 22:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 04:53 - 2018-09-21 04:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 04:53 - 2018-09-21 03:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 04:53 - 2018-09-21 03:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 04:53 - 2018-09-20 23:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 04:53 - 2018-09-20 23:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 04:53 - 2018-09-20 23:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 04:53 - 2018-09-20 23:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 04:53 - 2018-09-20 23:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 04:53 - 2018-09-20 23:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 04:53 - 2018-09-20 23:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 04:53 - 2018-09-20 23:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 04:53 - 2018-09-20 23:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 04:53 - 2018-09-20 23:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 04:53 - 2018-09-20 23:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 04:53 - 2018-09-20 22:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 04:53 - 2018-09-20 22:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 04:53 - 2018-09-20 22:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 04:53 - 2018-09-20 22:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 04:53 - 2018-09-20 22:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 04:53 - 2018-09-20 22:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 04:53 - 2018-09-20 22:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 04:53 - 2018-09-20 22:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 04:53 - 2018-09-20 22:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 04:53 - 2018-09-20 22:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 04:53 - 2018-09-20 22:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 04:53 - 2018-09-20 22:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 04:53 - 2018-09-20 22:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 04:53 - 2018-09-20 22:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 04:53 - 2018-09-20 22:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 04:53 - 2018-09-20 04:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 04:53 - 2018-09-20 04:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 04:53 - 2018-09-20 04:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 04:53 - 2018-09-20 04:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 04:53 - 2018-09-20 04:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 04:53 - 2018-09-20 04:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 04:53 - 2018-09-20 04:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 04:53 - 2018-09-20 04:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 04:53 - 2018-09-20 04:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 04:53 - 2018-09-20 04:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 04:53 - 2018-09-20 03:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 04:53 - 2018-09-20 03:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 04:53 - 2018-09-20 03:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 04:53 - 2018-09-20 03:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 04:53 - 2018-09-20 03:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 04:53 - 2018-09-20 03:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 04:53 - 2018-09-20 03:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 04:53 - 2018-09-20 01:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 04:53 - 2018-09-20 00:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 04:53 - 2018-09-19 23:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 04:53 - 2018-09-19 23:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 04:53 - 2018-09-19 23:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 04:53 - 2018-09-19 23:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 04:53 - 2018-09-19 23:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 04:53 - 2018-09-19 23:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 04:53 - 2018-09-19 23:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 04:53 - 2018-09-19 23:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 04:53 - 2018-09-19 23:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 04:53 - 2018-09-19 23:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 04:53 - 2018-09-19 23:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 04:53 - 2018-09-19 23:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 04:53 - 2018-09-19 23:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 04:53 - 2018-09-19 23:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 04:53 - 2018-09-19 23:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 04:53 - 2018-09-19 22:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 04:53 - 2018-09-19 22:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 04:53 - 2018-09-19 22:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 04:53 - 2018-09-19 22:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 04:53 - 2018-09-19 22:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 04:53 - 2018-09-19 22:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 04:53 - 2018-09-19 22:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 04:53 - 2018-09-19 22:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 04:53 - 2018-09-19 22:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 04:53 - 2018-09-19 22:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 04:53 - 2018-09-19 22:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 04:53 - 2018-09-19 22:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 04:53 - 2018-09-19 22:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 04:53 - 2018-09-19 22:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 04:53 - 2018-09-19 21:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 04:53 - 2018-09-19 20:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 04:53 - 2018-09-08 03:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 04:53 - 2018-09-08 03:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 04:53 - 2018-09-08 03:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 04:53 - 2018-09-08 03:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 04:53 - 2018-09-08 03:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 04:53 - 2018-09-08 02:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 04:53 - 2018-09-08 02:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 04:53 - 2018-09-08 02:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 04:53 - 2018-09-08 02:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 04:53 - 2018-09-08 02:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 04:53 - 2018-09-08 02:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 04:53 - 2018-09-08 02:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 04:53 - 2018-09-08 02:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 04:53 - 2018-09-08 02:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 04:53 - 2018-09-08 02:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 04:53 - 2018-09-08 02:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 04:53 - 2018-09-08 02:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 04:53 - 2018-09-08 02:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 04:53 - 2018-09-08 02:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 04:53 - 2018-09-08 02:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 04:53 - 2018-09-08 02:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 04:53 - 2018-09-08 02:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 04:53 - 2018-09-08 02:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 04:53 - 2018-09-08 02:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 04:53 - 2018-09-08 02:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 04:53 - 2018-09-08 02:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 04:53 - 2018-09-08 02:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 04:53 - 2018-09-08 01:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 04:53 - 2018-09-08 01:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 04:53 - 2018-09-08 01:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 04:53 - 2018-09-08 01:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 04:53 - 2018-09-08 01:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 04:53 - 2018-09-08 01:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 04:53 - 2018-09-08 01:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 04:53 - 2018-09-08 01:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 04:53 - 2018-09-07 23:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 04:53 - 2018-09-07 22:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 04:53 - 2018-09-07 22:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 04:53 - 2018-09-07 22:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 04:53 - 2018-09-07 22:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 04:53 - 2018-09-07 22:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 04:53 - 2018-09-07 22:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 04:53 - 2018-09-07 22:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 04:53 - 2018-09-07 22:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 04:53 - 2018-09-07 22:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 04:53 - 2018-09-07 22:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 04:53 - 2018-09-07 22:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 04:53 - 2018-09-07 22:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 04:53 - 2018-09-07 22:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 04:53 - 2018-09-07 22:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 04:53 - 2018-09-07 22:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 04:53 - 2018-09-07 22:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 04:53 - 2018-09-07 22:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 04:53 - 2018-09-07 22:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 04:53 - 2018-09-07 22:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 04:53 - 2018-09-07 22:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 04:53 - 2018-09-07 22:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 04:53 - 2018-09-07 22:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 04:53 - 2018-09-07 22:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 04:53 - 2018-09-07 22:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 04:53 - 2018-09-07 22:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 04:53 - 2018-09-07 22:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 04:53 - 2018-09-07 22:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-10 04:53 - 2018-09-07 22:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-09 14:29 - 2018-10-09 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-09 13:30 - 2018-10-09 13:30 - 000002243 _____ C:\Users\Ronni\Desktop\Unsupported.txt
2018-10-09 06:53 - 2018-10-09 06:53 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-10-09 06:53 - 2018-10-09 06:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-10-09 06:53 - 2018-10-09 06:53 - 000050232 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-10-09 06:53 - 2018-10-09 06:53 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-10-08 01:25 - 2018-10-08 01:25 - 000044957 _____ C:\Users\Ronni\Desktop\restarting.aup
2018-10-08 01:25 - 2018-10-08 01:25 - 000000000 ____D C:\Users\Ronni\Desktop\restarting_data
2018-10-03 18:35 - 2018-10-03 18:35 - 000000000 ____D C:\Users\Ronni\AppData\Local\mbamtray
2018-10-03 18:34 - 2018-10-03 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-03 18:34 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-03 18:32 - 2018-10-03 18:32 - 000000000 ____D C:\Users\Ronni\AppData\Local\mbam
2018-10-02 22:44 - 2018-10-03 18:34 - 000002934 _____ C:\Users\Ronni\Desktop\IR.txt
2018-10-01 17:22 - 2018-10-01 17:22 - 000047240 _____ C:\Users\Ronni\Desktop\lastwords pick n choose.aup
2018-10-01 17:22 - 2018-10-01 17:22 - 000000000 ____D C:\Users\Ronni\Desktop\lastwords pick n choose_data
2018-09-28 17:00 - 2018-09-28 17:00 - 000115050 _____ C:\Users\Ronni\Desktop\yes no yes no.aup
2018-09-28 16:59 - 2018-09-28 16:59 - 000000000 ____D C:\Users\Ronni\Desktop\yes no yes no_data
2018-09-26 18:26 - 2018-09-26 18:26 - 000138426 _____ C:\Users\Ronni\Downloads\Environment_Flow_Overview.pdf
2018-09-25 22:06 - 2018-10-20 14:23 - 000001684 _____ C:\Users\Ronni\Desktop\QUESTLOG.txt
2018-09-25 09:30 - 2018-09-25 09:30 - 000006678 _____ C:\Users\Ronni\Desktop\U DONTUNDERSTAND.aup
2018-09-25 09:30 - 2018-09-25 09:30 - 000000000 ____D C:\Users\Ronni\Desktop\U DONTUNDERSTAND_data
2018-09-25 09:23 - 2018-10-08 01:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-25 09:23 - 2018-10-08 01:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-25 09:23 - 2018-09-25 09:23 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-25 09:22 - 2018-09-25 09:22 - 000314376 _____ (Igor Pavlov) C:\Users\Ronni\Downloads\Firefox Installer.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-20 16:59 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-20 15:59 - 2015-04-09 14:35 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\Audacity
2018-10-20 15:54 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-20 14:27 - 2018-09-17 22:57 - 000001021 _____ C:\Users\Ronni\Desktop\Ronni's Room.txt
2018-10-20 14:15 - 2018-07-21 14:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-20 02:54 - 2018-04-16 22:26 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-10-19 22:20 - 2017-01-20 19:48 - 000000000 ____D C:\Users\Ronni\AppData\LocalLow\Mozilla
2018-10-19 20:57 - 2018-08-05 08:46 - 000003760 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-19 20:57 - 2018-07-21 14:33 - 000003538 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2018-10-19 20:57 - 2018-07-21 14:33 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-19 20:57 - 2018-07-21 14:33 - 000003428 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-10-19 20:57 - 2018-07-21 14:33 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-19 20:57 - 2018-07-21 14:33 - 000003282 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{080E1527-D8D7-467E-ADB8-67322095A234}
2018-10-19 20:57 - 2018-07-21 14:33 - 000003204 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-10-19 20:57 - 2018-07-21 14:33 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-19 20:57 - 2018-07-21 14:33 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741139138-458572066-732062563-1000
2018-10-19 20:57 - 2018-07-21 14:33 - 000002402 _____ C:\WINDOWS\System32\Tasks\XboxStatTask
2018-10-19 20:57 - 2018-07-21 14:33 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-10-19 20:57 - 2018-06-18 00:01 - 000000414 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2018-10-19 20:57 - 2017-02-14 03:05 - 000000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-10-19 20:57 - 2017-02-14 03:05 - 000000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-10-19 15:34 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-19 10:12 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-19 09:32 - 2018-06-28 22:42 - 000000000 ____D C:\Users\Ronni\AppData\Local\AVAST Software
2018-10-19 09:29 - 2016-09-23 11:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-19 09:29 - 2016-07-28 19:10 - 000000000 __SHD C:\Users\Ronni\IntelGraphicsProfiles
2018-10-19 09:29 - 2015-04-09 07:40 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\WTablet
2018-10-19 01:46 - 2016-09-23 11:51 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-18 23:24 - 2016-05-29 12:31 - 000000000 ____D C:\Users\Ronni\AppData\Local\CrashDumps
2018-10-18 21:11 - 2018-06-28 22:46 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-18 09:27 - 2018-07-21 14:33 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-16 21:32 - 2015-08-26 14:40 - 000000000 ____D C:\Users\Ronni\AppData\LocalLow\Adobe
2018-10-16 06:58 - 2018-06-18 13:08 - 000000000 ____D C:\ProgramData\Packages
2018-10-16 05:40 - 2018-07-21 14:10 - 000002396 _____ C:\Users\Ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-16 05:40 - 2016-07-28 19:14 - 000000000 ___RD C:\Users\Ronni\OneDrive
2018-10-12 12:33 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-10 22:30 - 2018-07-27 22:23 - 000855976 _____ C:\WINDOWS\system32\perfh00C.dat
2018-10-10 22:30 - 2018-07-27 22:23 - 000174470 _____ C:\WINDOWS\system32\perfc00C.dat
2018-10-10 22:30 - 2018-07-21 14:23 - 001990986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-10 22:30 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-10 17:44 - 2018-06-18 11:46 - 000000000 ___RD C:\Users\Ronni\3D Objects
2018-10-10 17:44 - 2016-04-27 01:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-10 17:43 - 2018-07-21 14:01 - 000321928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-10 17:42 - 2018-07-21 14:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-10 17:41 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-10 05:06 - 2016-07-30 00:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 05:04 - 2016-07-30 00:05 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-09 14:30 - 2017-02-14 03:05 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-10-08 22:32 - 2015-12-02 13:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-04 05:46 - 2018-07-21 14:10 - 000000000 ____D C:\Users\Ronni
2018-10-02 15:13 - 2018-04-11 18:41 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 15:13 - 2018-04-11 18:41 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-25 09:24 - 2015-04-07 02:41 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\Mozilla
 
==================== Files in the root of some directories =======
 
2015-09-09 23:35 - 2015-09-24 10:15 - 000000150 _____ () C:\Users\Ronni\AppData\Roaming\licecap.ini
2016-06-20 06:11 - 2016-06-20 06:11 - 000002181 _____ () C:\Users\Ronni\AppData\Local\recently-used.xbel
2018-07-02 00:17 - 2018-07-02 00:17 - 000007619 _____ () C:\Users\Ronni\AppData\Local\Resmon.ResmonCfg
2015-05-06 06:41 - 2015-05-06 06:41 - 000000000 _____ () C:\Users\Ronni\AppData\Local\{9B55C868-A811-4259-B666-425A66D9BAD2}
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-07-21 14:01
 
==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018

Ran by Ronni (20-10-2018 17:00:13)
Running from C:\Users\Ronni\Desktop
Windows 10 Home Version 1803 17134.345 (X64) (2018-07-21 19:33:47)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1741139138-458572066-732062563-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1741139138-458572066-732062563-503 - Limited - Disabled)
Guest (S-1-5-21-1741139138-458572066-732062563-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1741139138-458572066-732062563-1002 - Limited - Enabled)
Ronni (S-1-5-21-1741139138-458572066-732062563-1000 - Administrator - Enabled) => C:\Users\Ronni
WDAGUtilityAccount (S-1-5-21-1741139138-458572066-732062563-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.852.100 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version:  - Wacom Technology Corp.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Easy 5.6.5 (HKLM\...\DriverEasy_is1) (Version: 5.6.5 - Easeware)
Dropbox (HKLM-x32\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Fast Food Tycoon 2 (HKLM-x32\...\Fast Food Tycoon 2) (Version:  - )
FireAlpaca 1.4.1 (HKLM-x32\...\FireAlpaca_is1) (Version: 1.4.1 - firealpaca.com)
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 62.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 62.0.3 (x64 en-US)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.60.14 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenIV (HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\OpenIV) (Version: 3.0.1005 - .black/OpenIV Team)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.0 - Rockstar Games)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Skype Web Plugin (HKLM-x32\...\{F7C13D74-E0FD-4A76-896A-E8687769767D}) (Version: 7.5.0.127 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1741139138-458572066-732062563-1000_Classes\CLSID\{0825CC0E-34BD-4FE4-B78D-EF6582A94B6A}\InprocServer32 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1741139138-458572066-732062563-1000_Classes\CLSID\{8E00BFA9-1C7B-4E45-BF2F-0FAEA236E1CC}\localserver32 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1741139138-458572066-732062563-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\EdgeCalling.exe (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-27] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-27] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-27] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-06-18] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-05] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-27] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {03C26E38-4DA5-40B7-9BE3-B9428D9C28FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0400FD59-B551-45E5-9D3A-AACF9725850B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {05D2E832-571B-4C78-84BA-8DAB4400C565} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {07904F81-3ECD-4549-A7A2-B1CBAC5CFACB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {07E4E9D3-5FA9-47A7-BBB7-EFF7C5E09A89} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E63F4E0-3E2B-4DC9-BC1C-9D987CACE6C4} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2018-09-03] (Easeware)
Task: {210B5B84-2CE8-479D-9AC4-08B472DD1A78} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {21F15E8C-3E77-41A0-AD1E-E69FF8E79AC5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {26EEB5E1-9D8E-472C-9659-3FAD62AC08A0} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-28] (AVAST Software)
Task: {36857B29-A57D-4394-AF24-E1D62B7E90D1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {383D469B-CD2B-4727-8A0B-4A84E84B4EFA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-09-17] (AVAST Software)
Task: {3FF0661D-51B4-4397-9C82-1D82275C1C7B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {45CAA8B7-7CB3-42B4-B27C-4D69EFB48DDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {4826F2A2-A377-4BBD-AC4E-40C16C4D936E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-14] (Dropbox, Inc.)
Task: {4980D52A-EBF5-49EB-8374-736392387031} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {4F508E27-6D80-4FAB-95F0-49562DA468BB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5E514F19-CAC5-4245-8A6E-F102629A4039} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-27] (AVAST Software)
Task: {5ED2D5AA-616D-47ED-B04B-175E89924617} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {60EE9522-F0AC-4DBD-BF69-82F1189DD5E7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {672E94AA-BEE4-43B0-8FF0-B0E0CCC87266} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6A5F364A-4CF0-4DF6-ABCE-EBE061D0BC31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6B601591-2BE2-41A0-ABB0-2D9C9AE92576} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-14] (Dropbox, Inc.)
Task: {6E37FBBB-BAB1-4777-AF10-A1E283E02621} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-09-10] (Adobe Systems Incorporated)
Task: {76DF76F7-F1E7-4089-BBCE-4C44B25BEC0D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7841D080-5CB9-426B-9A40-98F44938393A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7848A121-49E8-414C-9647-679384AD8124} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {7CD4C9EC-9075-4CEC-8094-0C0233FC1798} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7EC3B3A2-5D86-4B86-95EB-D54DEB3F063F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {804BB59C-AA40-4AC1-8BC0-9B562051C826} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {87464A16-91A7-431B-B954-508F9559568E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {88D75001-CDB7-4764-B17E-104F3BCAC6E0} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8AF4C0C9-99FA-4544-99C5-EC0BA1F7A357} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
Task: {8B6E17F4-0907-4011-BCC4-84BC3727771B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8BA3DD46-A6CB-47DD-8741-AB141D494812} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {94F49082-3CAC-49B8-A504-DA6CDA199002} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {970721DC-45A9-4622-9B01-AEAACB61CD99} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9901F9B9-6260-47ED-92CF-C2B491D8352C} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {A3D10999-6105-4AF4-95A4-28B3E45ADC4C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A67FBF35-8F5F-48FC-9459-9DAABF59E53F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A686681C-D962-4C59-9A3A-A8ACE9402C11} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AAB7E564-7FE9-407D-89E2-E64AE35B1C55} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AAEDA0B8-3C6E-4E74-B881-354EA74CFEB3} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-28] (AVAST Software)
Task: {BC897ED4-FC38-4721-AA9E-C6D7C18A7C3C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD565382-80C4-4362-ABC5-BFF9BAD468B6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {BE3BF75B-6012-44F3-A157-47758737BB80} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BE626DD0-952E-4A76-A8EC-7EBCCEDF511D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF39DD84-369D-44F1-9A2B-CADEF2301089} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D134A80B-257A-491A-B507-6B4E24F904FA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D341ACA5-A343-4672-882C-4D2617333B33} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {DE0EC2FF-4F76-4AEE-A6D4-5F93BFC0E5B1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E0F6BF95-BA73-47ED-AD5C-8CD310B0E5F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E81ECAD7-B203-4636-A010-589F1CE61333} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F03BF10C-896C-401E-9085-37935B09501B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-10-03 18:34 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-05-12 04:49 - 2014-05-12 04:49 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-10-10 04:53 - 2018-09-19 22:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-16 06:57 - 2018-10-16 06:57 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-16 06:57 - 2018-10-16 06:57 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-16 06:57 - 2018-10-16 06:57 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.32.55.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-16 06:57 - 2018-10-16 06:58 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-25 19:14 - 2018-09-25 19:14 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-12 18:50 - 2018-09-12 18:50 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-12 18:50 - 2018-09-12 18:50 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-12 18:50 - 2018-09-12 18:50 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-06-18 00:02 - 2018-06-18 00:03 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-12 18:50 - 2018-09-12 18:50 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-09-18 20:06 - 2018-09-15 03:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-18 20:06 - 2018-09-15 03:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2015-04-13 18:19 - 2016-05-02 01:02 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2018-06-18 08:44 - 2018-06-18 08:44 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-27 09:54 - 2018-08-27 09:54 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2018-09-04 09:31 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1741139138-458572066-732062563-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ronni\Pictures\Picasa\Screen Captures\Fullscreen capture 10202016 53548 PM.bmp.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{2F1B5C86-2513-424C-9A84-123C413244DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{509117EE-3528-4919-855C-861E37733BB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{11516216-CF32-4E94-BB1D-6519BCA84008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{0296C5BB-8F79-4DE6-AA7E-0359409C0201}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{82C27039-F1F9-4156-8D7E-5069A1AFBF84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{2244774C-E07A-4254-BF53-3044D64DD1C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{F0B4F01A-A5FA-447B-B398-1B0E6F8FF8EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{8F484564-E258-4E5B-B519-278306E1823C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{7F93058F-1EC6-4283-B130-DC177A288C5C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{38BC5751-26A4-4E61-8ED9-1F2C97C5D67C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{1A82636D-BD3A-4110-95B6-57FAC722F5F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{69E2DFBA-23FA-45DF-A5CF-14B9310D548B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{3C3A304E-9594-4551-842A-4FCA08D55108}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A837EF5B-B415-4675-BEBA-3FFD242A8756}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E624374A-8823-415A-A741-39C540D00828}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6224C4D6-45E7-4FAD-B776-957362146C89}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{13099D20-B5FC-4ED0-A4E6-0C5F583EBFEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{53CE39DE-6B18-4B2F-886F-3DD4A133A1BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{92909CFB-BFF7-4760-97CF-64A87FA29535}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{D9E4D8AC-3A91-4E38-ABC8-0A484DF640E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [TCP Query User{FDA9DEDE-49F5-457A-82D4-6415EF1E1E20}C:\users\ronni\desktop\gaurodan.exe] => (Block) C:\users\ronni\desktop\gaurodan.exe
FirewallRules: [UDP Query User{90182EA3-731B-4064-B134-260D26C20D17}C:\users\ronni\desktop\gaurodan.exe] => (Block) C:\users\ronni\desktop\gaurodan.exe
FirewallRules: [TCP Query User{12FCC8C9-A361-48EC-ABC6-390F1A1B1EE5}C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe
FirewallRules: [UDP Query User{1299159B-24C8-43A0-96F0-936A34EDE55D}C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe
FirewallRules: [TCP Query User{EF4DC82A-A39B-4E40-A8AE-38207A42DF5A}C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe
FirewallRules: [UDP Query User{975FB142-9463-45E9-BC7D-87E2D6F70AF0}C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe
FirewallRules: [TCP Query User{16441C7B-9C79-4EF3-835F-7D2D31EE7A8A}C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe
FirewallRules: [UDP Query User{17E561B2-34EC-4144-AEEF-A2F735552663}C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe
FirewallRules: [{58B887E6-F53C-459B-A378-D0EEAEC0E644}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{77FE59A2-B633-4E1D-95AC-14E7A4337734}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3C0D462F-9AFD-4C1C-8E87-5B9ADCB02321}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C274BDB6-11E4-4331-8E88-2E7EEF8469E2}] => (Allow) LPort=2869
FirewallRules: [{310E61A6-34D4-4FF9-B2F5-19A11D477A66}] => (Allow) LPort=1900
FirewallRules: [{F6235AB5-3C04-4DFB-AA60-AD8DFC6B3A7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{C5C31392-4CDD-402D-A38D-19AE1B2D8161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{FF8AF3E8-C3EF-4BEF-869D-FF47AC91EAD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{C9DC26C1-0F98-49F8-9521-DBA335E04ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{13DB09ED-B0B5-47E1-BD62-5CFD952567BE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{338FED2E-798E-4671-9BE5-33D6B0714409}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{131C12FB-14F8-4295-8FB6-B88826A0E7C6}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{6D1E19E2-C7BA-4229-A879-40FB2D792B1D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{B31917D9-238F-4BD3-9184-9BBB761A88D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{AC6BB923-B214-4491-9BCD-8144B9E6B5EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [TCP Query User{907186C5-E9D5-4307-9E53-62EA2B4E955D}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{B40DB7E7-2FD4-412F-A64B-7F0EA808FA70}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{EF9EBBD7-4652-4BC4-B28C-56E9C296C454}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{7AE3FCB5-B871-4279-9F4A-1243348710FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{BE3A48A5-4149-43E8-9CD8-6875AD42214E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{ADA2B02B-922F-4847-A0F2-0639A6DD5AFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{61A0D89A-DF99-4EEE-A8B8-112B69115822}C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Block) C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [UDP Query User{E50F6E3D-DC84-442F-A2AB-9240784888A3}C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Block) C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [{2A59D3FB-6BE6-4874-AFA1-29FCB9100428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvilQuestInstall\EvilQuest.exe
FirewallRules: [{E8FC7338-E60D-41C3-B7ED-B7F8961089B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvilQuestInstall\EvilQuest.exe
FirewallRules: [{71F6EA73-275E-471B-BE0F-2FC1FB1A4559}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52982342-B29F-4648-A2A4-E03B4578814D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8BF873D4-0BEC-4910-B961-98E8C55A30CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43FBC6EA-5F20-4D4F-B930-2547BC448205}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{800799FC-A81E-44E0-B520-765537F20B24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{35104063-E3F8-4675-89C4-808E6CCA7927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{29955149-85D9-413F-B54F-BC3632A5ABE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{F1CC87D0-39FF-4F92-B361-018672E7D814}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{8DBC9FE4-4ABD-4C64-9C98-09B3785C5010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{1E471BCE-2A78-4919-B656-E56C171ABAAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{768FB400-DBC4-4961-9B57-740B5948B6D0}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{27ED688D-BCC2-4E90-B033-6D02280B99A9}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{9DE83602-1468-4726-8EBA-152D3FB518DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{94F1BB50-B581-4942-B74D-5DF1DFAE498C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{21D63D9E-10D7-4E11-A363-B31B52756C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{314898EC-B91B-4BF5-9750-38C132FE78D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{D9EFB42F-246C-49E7-B13D-BC6397D8062F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{88BBA4BC-41D7-45B1-B1CC-B401CB4B045B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EDFE8C8E-CAB6-4E6B-B038-E633A5C13E85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{40DB02C2-8A0A-4A2C-A9CD-9C08E2C00C01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{CF149A6D-EE28-4650-A724-5501EF96F75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Danganronpa Trigger Happy Havoc\Launcher.exe
FirewallRules: [{83FADA9A-8E83-46BF-A474-0B8A062E0747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Danganronpa Trigger Happy Havoc\Launcher.exe
FirewallRules: [{50719CE6-84E7-4024-A050-AD27AF0BEDBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{FD71E643-DAD7-4DFE-9C71-B8703EBFA9E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{DDC71545-B7D8-4BDA-AEA5-43F65093A1E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B1A0F058-3CF3-47DE-892B-1F349B4DDC9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{207B42A9-7E23-4A6E-BC99-A42F5D11CE1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E832818D-D0B6-43D4-8FC2-DC0A791B5B09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DC2EC2-E9D3-4406-9A28-557A4F07D5D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A6563220-F19E-43F8-AA55-F28FF3CBA31F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{E705B6CE-E70F-42CE-B1E6-529DD3390AFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{2F40FEB6-1BB2-4B29-BAA4-FB465BBC2DB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{E2363E84-C892-447D-8956-C800F014D705}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{DED99C42-95D4-4FAC-A4BB-E73898FB4423}] => (Allow) C:\Users\Ronni\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1CFD7974-7C37-4DD8-8917-270D26FF1353}] => (Allow) C:\Users\Ronni\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3E2E7161-DFFF-4543-B6B5-DC4150E59175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{D624893B-2050-4BDC-907F-7A4687A0A789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [TCP Query User{10E3CAF9-2BA3-4784-9766-39E45E0B7835}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2BCD894B-E854-4F99-8BD4-4168C743F5B1}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D1C7B7FD-BA45-4667-82A3-FD20356B53DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F1C6AEE4-6124-4E71-AE9E-3B6955513EAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B451B058-4BF3-48CF-A5DB-7CABFF4C2131}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1086AAED-7E1E-4D7E-B9CB-A1CE61BEA3F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{062B933F-1E85-4F1A-BF08-F7BE41E089B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{A3366873-9096-48EF-A4DC-065DA9839441}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{074DB985-4942-46DB-8B6A-150D35DF3CAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{F1C1334E-772F-450B-BEA8-D9B634C5D2E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9CE09F71-A0DE-4E65-A6E8-628466B77248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mini Ninjas\ninja.exe
FirewallRules: [{AF3BF0EC-3994-4F53-928B-ADBD998E2B04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mini Ninjas\ninja.exe
FirewallRules: [{5AE5E0C6-E362-4A00-BAC6-5F18BE06D034}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{57916A37-0414-47F3-A969-412EB1C08262}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{2C7761FB-F00C-45AA-B978-9C658695A94A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{DEF98F80-6A2C-4950-A366-6E8F8A09D628}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{227007B2-CAEE-4C24-B13C-D6E82C1E1708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{46671EAA-99AB-4FA2-97C9-9EEA5A2F251C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{F48C730B-DE4F-46AC-B3A5-DEAF91E757F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{0A7453E4-5E8B-47A2-87D1-8781296F8D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{80DA507D-61F7-4E12-929F-A85DA706856A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E8640B90-1DC0-46C7-BF7D-FF446811F776}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{1DD27192-9E35-4B9F-8C5E-5EE083D70DAB}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{CCD85DB5-DEBC-4ED4-8625-E0F410CE71EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{63ABFBA9-3E49-47C5-8D2E-DC54A2074E9D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{08005395-583B-4DB5-B11A-AFAC13182544}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{154E7DA2-E052-494D-8CED-611333C7622D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{1941C2D4-B79B-451F-98FD-E05C01E718FD}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
 
==================== Restore Points =========================
 
30-09-2018 11:12:22 Scheduled Checkpoint
10-10-2018 01:47:42 Scheduled Checkpoint
19-10-2018 09:50:17 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/20/2018 02:15:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40797641
 
Error: (10/20/2018 02:15:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40797641
 
Error: (10/20/2018 02:15:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2018 02:15:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40796219
 
Error: (10/20/2018 02:15:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40796219
 
Error: (10/20/2018 02:15:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/20/2018 02:15:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40794766
 
Error: (10/20/2018 02:15:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40794766
 
 
System errors:
=============
Error: (10/20/2018 03:36:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/20/2018 02:58:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/20/2018 02:23:34 PM) (Source: DCOM) (EventID: 10016) (User: Kzo)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Kzo\Ronni SID (S-1-5-21-1741139138-458572066-732062563-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/20/2018 02:17:32 PM) (Source: DCOM) (EventID: 10016) (User: Kzo)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Kzo\Ronni SID (S-1-5-21-1741139138-458572066-732062563-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/19/2018 10:49:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/19/2018 10:45:36 PM) (Source: DCOM) (EventID: 10016) (User: Kzo)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Kzo\Ronni SID (S-1-5-21-1741139138-458572066-732062563-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/19/2018 10:43:33 PM) (Source: DCOM) (EventID: 10016) (User: Kzo)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Kzo\Ronni SID (S-1-5-21-1741139138-458572066-732062563-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/19/2018 10:39:09 PM) (Source: DCOM) (EventID: 10016) (User: Kzo)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Kzo\Ronni SID (S-1-5-21-1741139138-458572066-732062563-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
 
Date: 2018-10-20 15:55:44.008
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-20 14:23:42.485
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-20 14:23:42.328
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-20 14:23:42.178
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-20 14:23:40.725
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-19 09:32:08.984
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-18 13:29:17.713
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-18 09:28:41.600
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4690 CPU @ 3.50GHz
Percentage of memory in use: 48%
Total physical RAM: 8053.29 MB
Available physical RAM: 4128.63 MB
Total Virtual: 16245.29 MB
Available Virtual: 10458.96 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.97 GB) (Free:486.82 GB) NTFS
 
\\?\Volume{d4c371cd-d871-11e4-982f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{24e7a045-0000-0000-0000-a0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 24E7A045)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements

#2
zep516
Posted 29 October 2018 - 06:05 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts

Do you still need help ?

ll be able to look at this tomorrow 10/30/2018

 

Thanks

Joe :)


  • 0

#3
vanillabean
Posted 29 October 2018 - 10:12 PM

vanillabean

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Yes, please. I'm not sure how concerned I should be or whether it's safe to use this computer.

Very much appreciated, Joe. :happy:


  • 0

#4
zep516
Posted 30 October 2018 - 05:55 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts

I'll get back to you around 3pm.

 

There should not be a major concern in using the PC. I believe the paypal notice is a false postive in any event Avast blocked it. There are a few things we can clean up in the log later today.

 

Thanks

Joe :)


  • 0

#5
zep516
Posted 30 October 2018 - 02:12 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello my friend vanillabean ----We have some old Java to remove and a fix with FRST just to remove some left over unwanted junk items found in the log. Nothing serious here...

Programs to remove :
Java 8 Update 66
Java 8 Update 66
Java 8 Update 91
Java 8 Update 91

Old versions of Java are in infection risk, in fact the entire java platform is an infection uninstall it all unless you know you absolutely need it

Download the enclosed => file.Attached File  fixlist.txt   2.46KB   152 downloads Save it in the location FRST64 is. Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the location FRST is, (Fixlog.txt). Please post it to your reply.

*******************************************************************************************
Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.
  • 0

#6
vanillabean
Posted 30 October 2018 - 09:56 PM

vanillabean

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018

Ran by Ronni (30-10-2018 22:16:14) Run:1
Running from C:\Users\Ronni\Desktop
Loaded Profiles: Ronni (Available Profiles: Ronni & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
CHR Extension: (New XKit) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2018-06-17] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
S2 wust; C:\OSRSS\wust.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
U3 idsvc; no ImagePath
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {03C26E38-4DA5-40B7-9BE3-B9428D9C28FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0400FD59-B551-45E5-9D3A-AACF9725850B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {05D2E832-571B-4C78-84BA-8DAB4400C565} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3FF0661D-51B4-4397-9C82-1D82275C1C7B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F508E27-6D80-4FAB-95F0-49562DA468BB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5ED2D5AA-616D-47ED-B04B-175E89924617} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6A5F364A-4CF0-4DF6-ABCE-EBE061D0BC31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {76DF76F7-F1E7-4089-BBCE-4C44B25BEC0D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7CD4C9EC-9075-4CEC-8094-0C0233FC1798} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {804BB59C-AA40-4AC1-8BC0-9B562051C826} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {87464A16-91A7-431B-B954-508F9559568E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {8B6E17F4-0907-4011-BCC4-84BC3727771B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DE0EC2FF-4F76-4AEE-A6D4-5F93BFC0E5B1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
Emptytemp:
 
 
 
 
*****************
 
Processes closed successfully.
Restore point was successfully created.
CHR Extension: (New XKit) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2018-06-17] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\wust => removed successfully
wust => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03C26E38-4DA5-40B7-9BE3-B9428D9C28FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03C26E38-4DA5-40B7-9BE3-B9428D9C28FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0400FD59-B551-45E5-9D3A-AACF9725850B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0400FD59-B551-45E5-9D3A-AACF9725850B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05D2E832-571B-4C78-84BA-8DAB4400C565}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05D2E832-571B-4C78-84BA-8DAB4400C565}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3FF0661D-51B4-4397-9C82-1D82275C1C7B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FF0661D-51B4-4397-9C82-1D82275C1C7B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F508E27-6D80-4FAB-95F0-49562DA468BB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F508E27-6D80-4FAB-95F0-49562DA468BB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5ED2D5AA-616D-47ED-B04B-175E89924617}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5ED2D5AA-616D-47ED-B04B-175E89924617}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A5F364A-4CF0-4DF6-ABCE-EBE061D0BC31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A5F364A-4CF0-4DF6-ABCE-EBE061D0BC31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76DF76F7-F1E7-4089-BBCE-4C44B25BEC0D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76DF76F7-F1E7-4089-BBCE-4C44B25BEC0D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CD4C9EC-9075-4CEC-8094-0C0233FC1798}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CD4C9EC-9075-4CEC-8094-0C0233FC1798}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{804BB59C-AA40-4AC1-8BC0-9B562051C826}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{804BB59C-AA40-4AC1-8BC0-9B562051C826}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87464A16-91A7-431B-B954-508F9559568E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87464A16-91A7-431B-B954-508F9559568E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B6E17F4-0907-4011-BCC4-84BC3727771B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B6E17F4-0907-4011-BCC4-84BC3727771B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE0EC2FF-4F76-4AEE-A6D4-5F93BFC0E5B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE0EC2FF-4F76-4AEE-A6D4-5F93BFC0E5B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 734815725 B
Java, Flash, Steam htmlcache => 574215913 B
Windows/system/drivers => 2768110 B
Edge => 9772493 B
Chrome => 547023678 B
Firefox => 393752630 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10874 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Ronni => 806543792 B
DefaultAppPool => 0 B
 
RecycleBin => 1810605065 B
EmptyTemp: => 4.6 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 22:19:22 ====
 
 
 
 
 
 
 
 
 
*******************************************************************************************
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Ronni (administrator) on KZO (30-10-2018 22:36:53)
Running from C:\Users\Ronni\Desktop
Loaded Profiles: Ronni (Available Profiles: Ronni & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-27] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3784512 2018-10-24] (Dropbox, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3208992 2018-10-12] (Valve Corporation)
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-10-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2015-03-31]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88487950-8a08-44c9-9fb4-6cedbfea0fcf}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1741139138-458572066-732062563-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://tumblr.com/
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-07] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-07] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-07] (Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: tyoycqmo.default
FF ProfilePath: C:\Users\Ronni\AppData\Roaming\Mozilla\Firefox\Profiles\tyoycqmo.default [2018-10-30]
FF Extension: (Avast Online Security) - C:\Users\Ronni\AppData\Roaming\Mozilla\Firefox\Profiles\tyoycqmo.default\Extensions\[email protected] [2018-06-28]
FF Extension: (Telemetry coverage) - C:\Users\Ronni\AppData\Roaming\Mozilla\Firefox\Profiles\tyoycqmo.default\features\{156c5d34-b285-44e5-b89a-451cff46bc99}\[email protected] [2018-10-10] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-12-07] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-12-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1741139138-458572066-732062563-1000: SkypePlugin -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi.dll [2015-08-02] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1741139138-458572066-732062563-1000: SkypePlugin64 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\npGatewayNpapi-x64.dll [2015-08-02] (Skype Technologies S.A.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR NewTab: Default ->  Active:"chrome-extension://jonikckfpolfcdcgdficelkfffkloemh/n.html"
CHR Profile: C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default [2018-10-30]
CHR Extension: (Slides) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-17]
CHR Extension: (Docs) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-17]
CHR Extension: (Google Drive) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Skype Calling) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Honey) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-10-27]
CHR Extension: (Adblock Plus) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-10]
CHR Extension: (Google Search) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-08]
CHR Extension: (Sheets) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-17]
CHR Extension: (Google Docs Offline) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Avast Online Security) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-03]
CHR Extension: (New XKit) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\inobiceghmpkaklcknpniboilbjmlald [2018-06-17] [UpdateUrl: hxxps://new-xkit.github.io/XKit/Extensions/dist/page/FirefoxUpdate.json] <==== ATTENTION
CHR Extension: (Blank New Tab Page) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jonikckfpolfcdcgdficelkfffkloemh [2018-07-30]
CHR Extension: (TTSReader - Unlimited Text-To-Speech) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\melfcogdhodeocnkdiplgdpkllopbhan [2016-02-08]
CHR Extension: (Video Speed Controller) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2018-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-17]
CHR Extension: (Showgoers for Netflix) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcmaninppdeakmhaonacejmfcgeempfo [2017-03-04]
CHR Extension: (Gmail) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Ronni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-27] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-27] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-28] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-27] (AVAST Software)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2015-10-19] (BioWare)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-14] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-10-24] (Dropbox, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3346856 2018-05-30] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353768 2018-06-18] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-20] (Microsoft Corporation)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127272 2009-07-15] (Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-27] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-27] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-27] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-27] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-27] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-28] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-27] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-27] (AVAST Software)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-07-20] (LogMeIn Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-10-30] (Malwarebytes)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-04-11] (MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_adc520364db29861\nvlddmkm.sys [17213832 2018-09-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-09-17] (NVIDIA Corporation)
S3 tpfilter; C:\WINDOWS\System32\drivers\tpfilter.sys [25928 2015-10-30] (TP Microelectronic)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-30 22:27 - 2018-10-30 22:27 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-30 22:16 - 2018-10-30 22:19 - 000010600 _____ C:\Users\Ronni\Desktop\Fixlog.txt
2018-10-30 21:07 - 2018-10-30 21:07 - 000000000 ____D C:\Users\Ronni\Desktop\FRST-OlderVersion
2018-10-30 20:49 - 2018-10-30 20:49 - 000001746 _____ C:\Users\Ronni\Desktop\DIGITAL.txt
2018-10-30 10:20 - 2018-10-30 10:28 - 000002490 _____ C:\Users\Ronni\Desktop\Reverse Kira.txt
2018-10-29 11:36 - 2018-10-29 11:36 - 000006391 _____ C:\Users\Ronni\Desktop\longing for mutual rship.aup
2018-10-29 11:36 - 2018-10-29 11:36 - 000000000 ____D C:\Users\Ronni\Desktop\longing for mutual rship_data
2018-10-27 18:58 - 2018-10-27 18:58 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-27 18:58 - 2018-10-27 18:58 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-26 22:03 - 2018-10-26 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-10-26 22:02 - 2018-10-26 22:02 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-10-26 22:02 - 2018-10-26 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-10-26 22:02 - 2018-10-26 22:02 - 000000000 ____D C:\Program Files\iPod
2018-10-26 22:01 - 2018-10-26 22:02 - 000000000 ____D C:\Program Files\iTunes
2018-10-26 21:55 - 2018-10-26 21:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-10-26 21:55 - 2018-10-26 21:55 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-10-26 21:52 - 2018-10-26 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-26 09:21 - 2018-10-27 07:27 - 000002183 _____ C:\Users\Ronni\Desktop\hacktxt.txt
2018-10-26 09:21 - 2018-10-26 09:21 - 000050983 _____ C:\Users\Ronni\Desktop\hack.aup
2018-10-26 09:21 - 2018-10-26 09:21 - 000000000 ____D C:\Users\Ronni\Desktop\hack_data
2018-10-24 06:53 - 2018-10-24 06:53 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-10-24 06:53 - 2018-10-24 06:53 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-10-24 06:53 - 2018-10-24 06:53 - 000047768 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-10-24 06:53 - 2018-10-24 06:53 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-10-20 17:00 - 2018-10-20 17:00 - 000062215 _____ C:\Users\Ronni\Desktop\Addition.txt
2018-10-20 16:59 - 2018-10-30 22:37 - 000021811 _____ C:\Users\Ronni\Desktop\FRST.txt
2018-10-20 16:58 - 2018-10-30 22:36 - 000000000 ____D C:\FRST
2018-10-20 16:47 - 2018-10-30 21:07 - 002414592 _____ (Farbar) C:\Users\Ronni\Desktop\FRST64.exe
2018-10-19 22:31 - 2018-10-19 22:31 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\Google
2018-10-19 01:46 - 2018-10-19 01:46 - 000001961 _____ C:\Users\Ronni\Desktop\TS Femininity.txt
2018-10-19 01:46 - 2018-10-19 01:46 - 000000216 _____ C:\Users\Ronni\Desktop\beyond the veil 5d.txt
2018-10-19 01:45 - 2018-10-19 01:45 - 000003750 _____ C:\Users\Ronni\Desktop\BPD trauma.txt
2018-10-16 22:18 - 2018-10-19 01:23 - 000058581 _____ C:\Users\Ronni\Desktop\delusion zoNe hxc god mode.aup
2018-10-16 22:18 - 2018-10-16 22:18 - 000000000 ____D C:\Users\Ronni\Desktop\delusion zoNe hxc god mode_data
2018-10-12 15:36 - 2018-10-12 15:36 - 000002021 _____ C:\Users\Ronni\Desktop\crown1.aup
2018-10-12 15:36 - 2018-10-12 15:36 - 000000000 ____D C:\Users\Ronni\Desktop\crown1_data
2018-10-11 14:14 - 2018-10-12 11:04 - 000007139 _____ C:\Users\Ronni\Desktop\crown.aup
2018-10-11 14:14 - 2018-10-11 14:14 - 000000000 ____D C:\Users\Ronni\Desktop\crown_data
2018-10-11 13:53 - 2018-10-11 13:53 - 000005421 _____ C:\Users\Ronni\Desktop\missing.aup
2018-10-11 13:53 - 2018-10-11 13:53 - 000000000 ____D C:\Users\Ronni\Desktop\missing_data
2018-10-10 13:39 - 2018-10-26 09:22 - 000000190 _____ C:\Users\Ronni\Desktop\2playOnGuitar.txt
2018-10-10 04:54 - 2018-09-21 04:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 04:54 - 2018-09-20 22:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 04:54 - 2018-09-20 04:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 04:54 - 2018-09-20 03:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 04:54 - 2018-09-19 23:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 04:54 - 2018-09-19 23:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 04:54 - 2018-09-19 23:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 04:54 - 2018-09-19 23:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 04:54 - 2018-09-19 23:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 04:54 - 2018-09-19 23:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 04:54 - 2018-09-19 23:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 04:54 - 2018-09-19 23:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 04:54 - 2018-09-19 23:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 04:54 - 2018-09-19 22:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 04:54 - 2018-09-19 22:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 04:54 - 2018-09-19 22:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 04:54 - 2018-09-19 22:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 04:54 - 2018-09-19 22:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 04:54 - 2018-09-19 22:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 04:54 - 2018-09-19 22:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 04:54 - 2018-09-08 03:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 04:54 - 2018-09-08 02:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 04:54 - 2018-09-07 22:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 04:54 - 2018-09-07 22:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 04:54 - 2018-09-07 22:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 04:54 - 2018-09-07 22:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 04:54 - 2018-09-07 22:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 04:53 - 2018-09-21 04:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 04:53 - 2018-09-21 03:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 04:53 - 2018-09-21 03:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 04:53 - 2018-09-20 23:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 04:53 - 2018-09-20 23:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 04:53 - 2018-09-20 23:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 04:53 - 2018-09-20 23:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 04:53 - 2018-09-20 23:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 04:53 - 2018-09-20 23:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 04:53 - 2018-09-20 23:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 04:53 - 2018-09-20 23:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 04:53 - 2018-09-20 23:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 04:53 - 2018-09-20 23:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 04:53 - 2018-09-20 23:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 04:53 - 2018-09-20 23:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 04:53 - 2018-09-20 23:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 04:53 - 2018-09-20 22:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 04:53 - 2018-09-20 22:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 04:53 - 2018-09-20 22:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 04:53 - 2018-09-20 22:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 04:53 - 2018-09-20 22:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 04:53 - 2018-09-20 22:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 04:53 - 2018-09-20 22:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 04:53 - 2018-09-20 22:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 04:53 - 2018-09-20 22:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 04:53 - 2018-09-20 22:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 04:53 - 2018-09-20 22:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 04:53 - 2018-09-20 22:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 04:53 - 2018-09-20 22:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 04:53 - 2018-09-20 22:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 04:53 - 2018-09-20 22:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 04:53 - 2018-09-20 22:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 04:53 - 2018-09-20 22:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 04:53 - 2018-09-20 04:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 04:53 - 2018-09-20 04:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 04:53 - 2018-09-20 04:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 04:53 - 2018-09-20 04:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 04:53 - 2018-09-20 04:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 04:53 - 2018-09-20 04:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 04:53 - 2018-09-20 04:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 04:53 - 2018-09-20 04:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 04:53 - 2018-09-20 04:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 04:53 - 2018-09-20 04:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 04:53 - 2018-09-20 03:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 04:53 - 2018-09-20 03:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 04:53 - 2018-09-20 03:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 04:53 - 2018-09-20 03:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 04:53 - 2018-09-20 03:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 04:53 - 2018-09-20 03:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 04:53 - 2018-09-20 03:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 04:53 - 2018-09-20 01:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 04:53 - 2018-09-20 00:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 04:53 - 2018-09-19 23:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 04:53 - 2018-09-19 23:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 04:53 - 2018-09-19 23:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 04:53 - 2018-09-19 23:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 04:53 - 2018-09-19 23:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 04:53 - 2018-09-19 23:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 04:53 - 2018-09-19 23:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 04:53 - 2018-09-19 23:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 04:53 - 2018-09-19 23:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 04:53 - 2018-09-19 23:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 04:53 - 2018-09-19 23:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 04:53 - 2018-09-19 23:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 04:53 - 2018-09-19 23:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 04:53 - 2018-09-19 23:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 04:53 - 2018-09-19 23:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 04:53 - 2018-09-19 23:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 04:53 - 2018-09-19 23:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 04:53 - 2018-09-19 23:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 04:53 - 2018-09-19 23:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 04:53 - 2018-09-19 22:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 04:53 - 2018-09-19 22:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 04:53 - 2018-09-19 22:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 04:53 - 2018-09-19 22:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 04:53 - 2018-09-19 22:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 04:53 - 2018-09-19 22:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 04:53 - 2018-09-19 22:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 04:53 - 2018-09-19 22:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 04:53 - 2018-09-19 22:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 04:53 - 2018-09-19 22:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 04:53 - 2018-09-19 22:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 04:53 - 2018-09-19 22:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 04:53 - 2018-09-19 22:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 04:53 - 2018-09-19 22:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 04:53 - 2018-09-19 21:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 04:53 - 2018-09-19 20:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 04:53 - 2018-09-08 03:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 04:53 - 2018-09-08 03:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 04:53 - 2018-09-08 03:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 04:53 - 2018-09-08 03:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 04:53 - 2018-09-08 03:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 04:53 - 2018-09-08 03:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 04:53 - 2018-09-08 02:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 04:53 - 2018-09-08 02:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 04:53 - 2018-09-08 02:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 04:53 - 2018-09-08 02:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 04:53 - 2018-09-08 02:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 04:53 - 2018-09-08 02:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 04:53 - 2018-09-08 02:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 04:53 - 2018-09-08 02:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 04:53 - 2018-09-08 02:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 04:53 - 2018-09-08 02:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 04:53 - 2018-09-08 02:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 04:53 - 2018-09-08 02:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 04:53 - 2018-09-08 02:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 04:53 - 2018-09-08 02:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 04:53 - 2018-09-08 02:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 04:53 - 2018-09-08 02:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 04:53 - 2018-09-08 02:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 04:53 - 2018-09-08 02:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 04:53 - 2018-09-08 02:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 04:53 - 2018-09-08 02:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 04:53 - 2018-09-08 02:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 04:53 - 2018-09-08 02:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 04:53 - 2018-09-08 02:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 04:53 - 2018-09-08 02:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 04:53 - 2018-09-08 02:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 04:53 - 2018-09-08 01:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 04:53 - 2018-09-08 01:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 04:53 - 2018-09-08 01:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 04:53 - 2018-09-08 01:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 04:53 - 2018-09-08 01:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 04:53 - 2018-09-08 01:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 04:53 - 2018-09-08 01:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 04:53 - 2018-09-08 01:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 04:53 - 2018-09-08 01:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 04:53 - 2018-09-07 23:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 04:53 - 2018-09-07 22:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 04:53 - 2018-09-07 22:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 04:53 - 2018-09-07 22:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 04:53 - 2018-09-07 22:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 04:53 - 2018-09-07 22:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 04:53 - 2018-09-07 22:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 04:53 - 2018-09-07 22:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 04:53 - 2018-09-07 22:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 04:53 - 2018-09-07 22:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 04:53 - 2018-09-07 22:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 04:53 - 2018-09-07 22:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 04:53 - 2018-09-07 22:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 04:53 - 2018-09-07 22:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 04:53 - 2018-09-07 22:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 04:53 - 2018-09-07 22:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 04:53 - 2018-09-07 22:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 04:53 - 2018-09-07 22:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 04:53 - 2018-09-07 22:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 04:53 - 2018-09-07 22:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 04:53 - 2018-09-07 22:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 04:53 - 2018-09-07 22:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 04:53 - 2018-09-07 22:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 04:53 - 2018-09-07 22:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 04:53 - 2018-09-07 22:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 04:53 - 2018-09-07 22:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 04:53 - 2018-09-07 22:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 04:53 - 2018-09-07 22:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 04:53 - 2018-09-07 22:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 04:53 - 2018-09-07 22:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 04:53 - 2018-09-07 22:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 04:53 - 2018-09-07 22:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 04:53 - 2018-09-07 22:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 04:53 - 2018-09-07 22:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-10 04:53 - 2018-09-07 22:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-09 13:30 - 2018-10-09 13:30 - 000002243 _____ C:\Users\Ronni\Desktop\Unsupported.txt
2018-10-08 01:25 - 2018-10-08 01:25 - 000044957 _____ C:\Users\Ronni\Desktop\restarting.aup
2018-10-08 01:25 - 2018-10-08 01:25 - 000000000 ____D C:\Users\Ronni\Desktop\restarting_data
2018-10-03 18:35 - 2018-10-03 18:35 - 000000000 ____D C:\Users\Ronni\AppData\Local\mbamtray
2018-10-03 18:34 - 2018-10-29 17:22 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-03 18:34 - 2018-10-03 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-03 18:32 - 2018-10-03 18:32 - 000000000 ____D C:\Users\Ronni\AppData\Local\mbam
2018-10-02 22:44 - 2018-10-03 18:34 - 000002934 _____ C:\Users\Ronni\Desktop\IR.txt
2018-10-01 17:22 - 2018-10-01 17:22 - 000047240 _____ C:\Users\Ronni\Desktop\lastwords pick n choose.aup
2018-10-01 17:22 - 2018-10-01 17:22 - 000000000 ____D C:\Users\Ronni\Desktop\lastwords pick n choose_data
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-10-30 22:38 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-30 22:38 - 2015-04-09 14:35 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\Audacity
2018-10-30 22:29 - 2018-07-21 14:10 - 000000000 ____D C:\Users\Ronni\AppData\Local\LogMeIn Hamachi
2018-10-30 22:27 - 2016-09-23 11:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-30 22:27 - 2016-07-28 19:10 - 000000000 __SHD C:\Users\Ronni\IntelGraphicsProfiles
2018-10-30 22:26 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-30 22:26 - 2016-09-23 11:51 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-30 22:26 - 2015-04-09 07:40 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\WTablet
2018-10-30 22:25 - 2018-07-21 14:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-30 22:20 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-30 22:11 - 2015-04-04 06:37 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\Skype
2018-10-30 21:57 - 2018-07-21 14:33 - 000004140 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{080E1527-D8D7-467E-ADB8-67322095A234}
2018-10-30 21:13 - 2015-04-07 01:45 - 000000000 ____D C:\Program Files\Java
2018-10-30 21:13 - 2015-04-07 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-30 21:12 - 2015-04-07 01:44 - 000000000 ____D C:\Program Files (x86)\Java
2018-10-30 20:52 - 2015-04-04 22:30 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-30 20:27 - 2018-07-21 14:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-30 16:57 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-30 16:36 - 2015-04-04 06:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-30 16:36 - 2015-04-04 06:36 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-30 15:00 - 2018-07-21 14:33 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-30 04:00 - 2015-07-12 09:35 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\GTAV Enhanced Native Trainer
2018-10-30 02:27 - 2018-07-21 14:37 - 000000000 ____D C:\Users\Ronni\AppData\Local\D3DSCache
2018-10-30 01:37 - 2018-07-09 01:04 - 000000000 ____D C:\Users\Ronni\Desktop\modz
2018-10-30 01:23 - 2015-04-14 05:48 - 000000000 ____D C:\Program Files\Rockstar Games
2018-10-30 01:23 - 2015-04-14 05:48 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-10-28 18:05 - 2016-11-15 02:45 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\discord
2018-10-27 19:07 - 2018-06-28 22:42 - 000000000 ____D C:\Users\Ronni\AppData\Local\AVAST Software
2018-10-27 19:05 - 2018-07-21 14:10 - 000000000 ____D C:\Users\Ronni
2018-10-27 18:58 - 2018-07-27 22:23 - 000855976 _____ C:\WINDOWS\system32\perfh00C.dat
2018-10-27 18:58 - 2018-07-27 22:23 - 000174470 _____ C:\WINDOWS\system32\perfc00C.dat
2018-10-27 18:58 - 2018-07-21 14:23 - 001990986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-27 18:58 - 2018-06-18 08:45 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-27 18:58 - 2018-06-18 08:45 - 000185240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-27 18:58 - 2018-06-18 06:36 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-27 18:58 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-27 18:58 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-27 18:54 - 2018-06-18 00:01 - 000000414 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2018-10-27 18:54 - 2017-02-14 03:05 - 000000914 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-10-27 18:54 - 2017-02-14 03:05 - 000000910 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-10-26 23:26 - 2018-08-05 08:46 - 000003760 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-26 23:26 - 2018-07-21 14:33 - 000003538 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan
2018-10-26 23:26 - 2018-07-21 14:33 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-26 23:26 - 2018-07-21 14:33 - 000003428 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-10-26 23:26 - 2018-07-21 14:33 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-26 23:26 - 2018-07-21 14:33 - 000003204 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-10-26 23:26 - 2018-07-21 14:33 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-26 23:26 - 2018-07-21 14:33 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1741139138-458572066-732062563-1000
2018-10-26 23:26 - 2018-07-21 14:33 - 000002402 _____ C:\WINDOWS\System32\Tasks\XboxStatTask
2018-10-26 23:26 - 2018-07-21 14:33 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-10-26 23:25 - 2016-05-29 12:31 - 000000000 ____D C:\Users\Ronni\AppData\Local\CrashDumps
2018-10-26 22:03 - 2015-04-07 01:51 - 000000000 ____D C:\Users\Ronni\AppData\Roaming\Apple Computer
2018-10-26 22:03 - 2015-04-07 01:51 - 000000000 ____D C:\Users\Ronni\AppData\Local\Apple Computer
2018-10-26 22:03 - 2015-04-07 01:50 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-10-26 21:55 - 2015-04-07 01:50 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-10-26 21:54 - 2017-02-14 03:05 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-10-26 08:49 - 2018-06-28 22:46 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-24 00:30 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-22 23:01 - 2015-12-02 13:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-21 14:45 - 2018-07-25 15:42 - 000000000 ____D C:\Users\Ronni\AppData\Local\PlaceholderTileLogoFolder
2018-10-20 14:27 - 2018-09-17 22:57 - 000001021 _____ C:\Users\Ronni\Desktop\Ronni's Room.txt
2018-10-20 14:23 - 2018-09-25 22:06 - 000001684 _____ C:\Users\Ronni\Desktop\QUESTLOG.txt
2018-10-20 02:54 - 2018-04-16 22:26 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-10-19 22:20 - 2017-01-20 19:48 - 000000000 ____D C:\Users\Ronni\AppData\LocalLow\Mozilla
2018-10-16 21:32 - 2015-08-26 14:40 - 000000000 ____D C:\Users\Ronni\AppData\LocalLow\Adobe
2018-10-16 06:58 - 2018-06-18 13:08 - 000000000 ____D C:\ProgramData\Packages
2018-10-16 05:40 - 2018-07-21 14:10 - 000002396 _____ C:\Users\Ronni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-16 05:40 - 2016-07-28 19:14 - 000000000 ___RD C:\Users\Ronni\OneDrive
2018-10-12 12:33 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-10 17:44 - 2018-06-18 11:46 - 000000000 ___RD C:\Users\Ronni\3D Objects
2018-10-10 17:44 - 2016-04-27 01:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-10 17:43 - 2018-07-21 14:01 - 000321928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-10 17:40 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-10 05:06 - 2016-07-30 00:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 05:04 - 2016-07-30 00:05 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-08 01:28 - 2018-09-25 09:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-10-08 01:28 - 2018-09-25 09:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-02 15:13 - 2018-04-11 18:41 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 15:13 - 2018-04-11 18:41 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2015-09-09 23:35 - 2015-09-24 10:15 - 000000150 _____ () C:\Users\Ronni\AppData\Roaming\licecap.ini
2016-06-20 06:11 - 2016-06-20 06:11 - 000002181 _____ () C:\Users\Ronni\AppData\Local\recently-used.xbel
2018-07-02 00:17 - 2018-07-02 00:17 - 000007619 _____ () C:\Users\Ronni\AppData\Local\Resmon.ResmonCfg
2015-05-06 06:41 - 2015-05-06 06:41 - 000000000 _____ () C:\Users\Ronni\AppData\Local\{9B55C868-A811-4259-B666-425A66D9BAD2}
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-07-21 14:01
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
 
*******************************************************************************************
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Ronni (30-10-2018 22:39:03)
Running from C:\Users\Ronni\Desktop
Windows 10 Home Version 1803 17134.345 (X64) (2018-07-21 19:33:47)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1741139138-458572066-732062563-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1741139138-458572066-732062563-503 - Limited - Disabled)
Guest (S-1-5-21-1741139138-458572066-732062563-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1741139138-458572066-732062563-1002 - Limited - Enabled)
Ronni (S-1-5-21-1741139138-458572066-732062563-1000 - Administrator - Enabled) => C:\Users\Ronni
WDAGUtilityAccount (S-1-5-21-1741139138-458572066-732062563-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version:  - Wacom Technology Corp.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Driver Easy 5.6.5 (HKLM\...\DriverEasy_is1) (Version: 5.6.5 - Easeware)
Dropbox (HKLM-x32\...\Dropbox) (Version: 60.4.107 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Fast Food Tycoon 2 (HKLM-x32\...\Fast Food Tycoon 2) (Version:  - )
FireAlpaca 1.4.1 (HKLM-x32\...\FireAlpaca_is1) (Version: 1.4.1 - firealpaca.com)
GIGABYTE OC_GURU II (HKLM-x32\...\{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
iCloud (HKLM\...\{29C6B346-C29C-40CE-89EB-DF7C149E0EB9}) (Version: 7.7.0.27 - Apple Inc.)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
iTunes (HKLM\...\{645877C4-2AB6-46B6-BD32-B251B0666F63}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 62.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 62.0.3 (x64 en-US)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.60.14 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OpenIV (HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\OpenIV) (Version: 3.0.1005 - .black/OpenIV Team)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Skype Web Plugin (HKLM-x32\...\{F7C13D74-E0FD-4A76-896A-E8687769767D}) (Version: 7.5.0.127 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1741139138-458572066-732062563-1000_Classes\CLSID\{0825CC0E-34BD-4FE4-B78D-EF6582A94B6A}\InprocServer32 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1741139138-458572066-732062563-1000_Classes\CLSID\{8E00BFA9-1C7B-4E45-BF2F-0FAEA236E1CC}\localserver32 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1741139138-458572066-732062563-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Ronni\AppData\Local\SkypePlugin\7.5.0.127\EdgeCalling.exe (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-10-01] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-10-24] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-06-18] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-05] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-27] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} =>  -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07904F81-3ECD-4549-A7A2-B1CBAC5CFACB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {07E4E9D3-5FA9-47A7-BBB7-EFF7C5E09A89} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E63F4E0-3E2B-4DC9-BC1C-9D987CACE6C4} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2018-09-03] (Easeware)
Task: {21F15E8C-3E77-41A0-AD1E-E69FF8E79AC5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {26EEB5E1-9D8E-472C-9659-3FAD62AC08A0} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-28] (AVAST Software)
Task: {36857B29-A57D-4394-AF24-E1D62B7E90D1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {383D469B-CD2B-4727-8A0B-4A84E84B4EFA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-10-30] (AVAST Software)
Task: {45CAA8B7-7CB3-42B4-B27C-4D69EFB48DDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {4826F2A2-A377-4BBD-AC4E-40C16C4D936E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-14] (Dropbox, Inc.)
Task: {4980D52A-EBF5-49EB-8374-736392387031} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-04] (Google Inc.)
Task: {60EE9522-F0AC-4DBD-BF69-82F1189DD5E7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {672E94AA-BEE4-43B0-8FF0-B0E0CCC87266} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {6B601591-2BE2-41A0-ABB0-2D9C9AE92576} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-14] (Dropbox, Inc.)
Task: {6E37FBBB-BAB1-4777-AF10-A1E283E02621} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_pepper.exe [2018-09-10] (Adobe Systems Incorporated)
Task: {7841D080-5CB9-426B-9A40-98F44938393A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7848A121-49E8-414C-9647-679384AD8124} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {7EC3B3A2-5D86-4B86-95EB-D54DEB3F063F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {88D75001-CDB7-4764-B17E-104F3BCAC6E0} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8AF4C0C9-99FA-4544-99C5-EC0BA1F7A357} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
Task: {8BA3DD46-A6CB-47DD-8741-AB141D494812} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {94F49082-3CAC-49B8-A504-DA6CDA199002} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {970721DC-45A9-4622-9B01-AEAACB61CD99} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9901F9B9-6260-47ED-92CF-C2B491D8352C} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {9DB78D59-98E2-47B2-8537-F09408231960} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {A3D10999-6105-4AF4-95A4-28B3E45ADC4C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A67FBF35-8F5F-48FC-9459-9DAABF59E53F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A686681C-D962-4C59-9A3A-A8ACE9402C11} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AAB7E564-7FE9-407D-89E2-E64AE35B1C55} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AAEDA0B8-3C6E-4E74-B881-354EA74CFEB3} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-28] (AVAST Software)
Task: {BC897ED4-FC38-4721-AA9E-C6D7C18A7C3C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD565382-80C4-4362-ABC5-BFF9BAD468B6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {BE3BF75B-6012-44F3-A157-47758737BB80} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BE626DD0-952E-4A76-A8EC-7EBCCEDF511D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF39DD84-369D-44F1-9A2B-CADEF2301089} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C51A4EB1-36BC-4E02-B26D-D87DE1568B6C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-27] (AVAST Software)
Task: {D134A80B-257A-491A-B507-6B4E24F904FA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D341ACA5-A343-4672-882C-4D2617333B33} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {E0F6BF95-BA73-47ED-AD5C-8CD310B0E5F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E81ECAD7-B203-4636-A010-589F1CE61333} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F03BF10C-896C-401E-9085-37935B09501B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-03 18:34 - 2018-10-29 17:22 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-10-10 04:53 - 2018-09-19 22:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-22 21:06 - 2018-10-22 21:06 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-16 06:57 - 2018-10-16 06:57 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-22 21:06 - 2018-10-22 21:06 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-06-28 23:10 - 2018-06-28 23:10 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-10-22 21:06 - 2018-10-22 21:06 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-22 21:06 - 2018-10-22 21:06 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-22 21:06 - 2018-10-22 21:06 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-06-18 00:02 - 2018-06-18 00:03 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-22 21:06 - 2018-10-22 21:06 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-10-30 16:36 - 2018-10-23 16:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-30 16:36 - 2018-10-23 16:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2015-04-13 18:19 - 2016-05-02 01:02 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2018-06-18 08:44 - 2018-06-18 08:44 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-27 18:58 - 2018-10-27 18:58 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2018-09-04 09:31 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1741139138-458572066-732062563-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ronni\Desktop\GratitudeGardenForRonni2018.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\StartupApproved\StartupFolder: => "Daily Routine.odt"
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1741139138-458572066-732062563-1000\...\StartupApproved\Run: => "iCloudServices"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{2F1B5C86-2513-424C-9A84-123C413244DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{509117EE-3528-4919-855C-861E37733BB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{11516216-CF32-4E94-BB1D-6519BCA84008}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{0296C5BB-8F79-4DE6-AA7E-0359409C0201}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{82C27039-F1F9-4156-8D7E-5069A1AFBF84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{2244774C-E07A-4254-BF53-3044D64DD1C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{F0B4F01A-A5FA-447B-B398-1B0E6F8FF8EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{8F484564-E258-4E5B-B519-278306E1823C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{7F93058F-1EC6-4283-B130-DC177A288C5C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{38BC5751-26A4-4E61-8ED9-1F2C97C5D67C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{1A82636D-BD3A-4110-95B6-57FAC722F5F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{69E2DFBA-23FA-45DF-A5CF-14B9310D548B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{3C3A304E-9594-4551-842A-4FCA08D55108}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A837EF5B-B415-4675-BEBA-3FFD242A8756}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E624374A-8823-415A-A741-39C540D00828}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6224C4D6-45E7-4FAD-B776-957362146C89}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{13099D20-B5FC-4ED0-A4E6-0C5F583EBFEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{53CE39DE-6B18-4B2F-886F-3DD4A133A1BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{92909CFB-BFF7-4760-97CF-64A87FA29535}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{D9E4D8AC-3A91-4E38-ABC8-0A484DF640E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Psychonauts\Psychonauts.exe
FirewallRules: [TCP Query User{FDA9DEDE-49F5-457A-82D4-6415EF1E1E20}C:\users\ronni\desktop\gaurodan.exe] => (Block) C:\users\ronni\desktop\gaurodan.exe
FirewallRules: [UDP Query User{90182EA3-731B-4064-B134-260D26C20D17}C:\users\ronni\desktop\gaurodan.exe] => (Block) C:\users\ronni\desktop\gaurodan.exe
FirewallRules: [TCP Query User{12FCC8C9-A361-48EC-ABC6-390F1A1B1EE5}C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe
FirewallRules: [UDP Query User{1299159B-24C8-43A0-96F0-936A34EDE55D}C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zoeacd.tmp\gaurodan.exe
FirewallRules: [TCP Query User{EF4DC82A-A39B-4E40-A8AE-38207A42DF5A}C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe
FirewallRules: [UDP Query User{975FB142-9463-45E9-BC7D-87E2D6F70AF0}C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo87e7.tmp\gaurodan.exe
FirewallRules: [TCP Query User{16441C7B-9C79-4EF3-835F-7D2D31EE7A8A}C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe
FirewallRules: [UDP Query User{17E561B2-34EC-4144-AEEF-A2F735552663}C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe] => (Allow) C:\users\ronni\appdata\local\temp\7zo14da.tmp\gaurodan.exe
FirewallRules: [{58B887E6-F53C-459B-A378-D0EEAEC0E644}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{77FE59A2-B633-4E1D-95AC-14E7A4337734}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3C0D462F-9AFD-4C1C-8E87-5B9ADCB02321}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C274BDB6-11E4-4331-8E88-2E7EEF8469E2}] => (Allow) LPort=2869
FirewallRules: [{310E61A6-34D4-4FF9-B2F5-19A11D477A66}] => (Allow) LPort=1900
FirewallRules: [{F6235AB5-3C04-4DFB-AA60-AD8DFC6B3A7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{C5C31392-4CDD-402D-A38D-19AE1B2D8161}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{FF8AF3E8-C3EF-4BEF-869D-FF47AC91EAD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{C9DC26C1-0F98-49F8-9521-DBA335E04ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{13DB09ED-B0B5-47E1-BD62-5CFD952567BE}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{338FED2E-798E-4671-9BE5-33D6B0714409}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{131C12FB-14F8-4295-8FB6-B88826A0E7C6}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{6D1E19E2-C7BA-4229-A879-40FB2D792B1D}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{B31917D9-238F-4BD3-9184-9BBB761A88D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [{AC6BB923-B214-4491-9BCD-8144B9E6B5EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\NMService.exe
FirewallRules: [TCP Query User{907186C5-E9D5-4307-9E53-62EA2B4E955D}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{B40DB7E7-2FD4-412F-A64B-7F0EA808FA70}C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{EF9EBBD7-4652-4BC4-B28C-56E9C296C454}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{7AE3FCB5-B871-4279-9F4A-1243348710FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{BE3A48A5-4149-43E8-9CD8-6875AD42214E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{ADA2B02B-922F-4847-A0F2-0639A6DD5AFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{61A0D89A-DF99-4EEE-A8B8-112B69115822}C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Block) C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [UDP Query User{E50F6E3D-DC84-442F-A2AB-9240784888A3}C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe] => (Block) C:\users\ronni\appdata\local\skypeplugin\7.5.0.127\pluginhost.exe
FirewallRules: [{2A59D3FB-6BE6-4874-AFA1-29FCB9100428}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvilQuestInstall\EvilQuest.exe
FirewallRules: [{E8FC7338-E60D-41C3-B7ED-B7F8961089B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvilQuestInstall\EvilQuest.exe
FirewallRules: [{71F6EA73-275E-471B-BE0F-2FC1FB1A4559}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52982342-B29F-4648-A2A4-E03B4578814D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8BF873D4-0BEC-4910-B961-98E8C55A30CE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43FBC6EA-5F20-4D4F-B930-2547BC448205}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{800799FC-A81E-44E0-B520-765537F20B24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{35104063-E3F8-4675-89C4-808E6CCA7927}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{29955149-85D9-413F-B54F-BC3632A5ABE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{F1CC87D0-39FF-4F92-B361-018672E7D814}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{8DBC9FE4-4ABD-4C64-9C98-09B3785C5010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{1E471BCE-2A78-4919-B656-E56C171ABAAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{768FB400-DBC4-4961-9B57-740B5948B6D0}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{27ED688D-BCC2-4E90-B033-6D02280B99A9}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{9DE83602-1468-4726-8EBA-152D3FB518DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{94F1BB50-B581-4942-B74D-5DF1DFAE498C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{21D63D9E-10D7-4E11-A363-B31B52756C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{314898EC-B91B-4BF5-9750-38C132FE78D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{D9EFB42F-246C-49E7-B13D-BC6397D8062F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{88BBA4BC-41D7-45B1-B1CC-B401CB4B045B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EDFE8C8E-CAB6-4E6B-B038-E633A5C13E85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{40DB02C2-8A0A-4A2C-A9CD-9C08E2C00C01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe
FirewallRules: [{CF149A6D-EE28-4650-A724-5501EF96F75A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Danganronpa Trigger Happy Havoc\Launcher.exe
FirewallRules: [{83FADA9A-8E83-46BF-A474-0B8A062E0747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Danganronpa Trigger Happy Havoc\Launcher.exe
FirewallRules: [{50719CE6-84E7-4024-A050-AD27AF0BEDBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{FD71E643-DAD7-4DFE-9C71-B8703EBFA9E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{DDC71545-B7D8-4BDA-AEA5-43F65093A1E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B1A0F058-3CF3-47DE-892B-1F349B4DDC9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{207B42A9-7E23-4A6E-BC99-A42F5D11CE1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E832818D-D0B6-43D4-8FC2-DC0A791B5B09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90DC2EC2-E9D3-4406-9A28-557A4F07D5D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A6563220-F19E-43F8-AA55-F28FF3CBA31F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{E705B6CE-E70F-42CE-B1E6-529DD3390AFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{2F40FEB6-1BB2-4B29-BAA4-FB465BBC2DB9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{E2363E84-C892-447D-8956-C800F014D705}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{DED99C42-95D4-4FAC-A4BB-E73898FB4423}] => (Allow) C:\Users\Ronni\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1CFD7974-7C37-4DD8-8917-270D26FF1353}] => (Allow) C:\Users\Ronni\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3E2E7161-DFFF-4543-B6B5-DC4150E59175}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [{D624893B-2050-4BDC-907F-7A4687A0A789}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tabletop Simulator\Tabletop Simulator.exe
FirewallRules: [TCP Query User{10E3CAF9-2BA3-4784-9766-39E45E0B7835}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{2BCD894B-E854-4F99-8BD4-4168C743F5B1}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D1C7B7FD-BA45-4667-82A3-FD20356B53DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F1C6AEE4-6124-4E71-AE9E-3B6955513EAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1086AAED-7E1E-4D7E-B9CB-A1CE61BEA3F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{062B933F-1E85-4F1A-BF08-F7BE41E089B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\nxsteam.exe
FirewallRules: [{A3366873-9096-48EF-A4DC-065DA9839441}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{074DB985-4942-46DB-8B6A-150D35DF3CAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassins Creed\AssassinsCreed_Game.exe
FirewallRules: [{F1C1334E-772F-450B-BEA8-D9B634C5D2E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9CE09F71-A0DE-4E65-A6E8-628466B77248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mini Ninjas\ninja.exe
FirewallRules: [{AF3BF0EC-3994-4F53-928B-ADBD998E2B04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mini Ninjas\ninja.exe
FirewallRules: [{1DD27192-9E35-4B9F-8C5E-5EE083D70DAB}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{63ABFBA9-3E49-47C5-8D2E-DC54A2074E9D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{08005395-583B-4DB5-B11A-AFAC13182544}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4A80D345-9BA2-46A7-8210-14E36973E194}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{97382EA9-77C2-4215-941C-BDCA3E1BB53D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{892BAF3E-C415-43B6-B38D-12133B8377C7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E7988BAC-A1A4-49F9-8585-675FA78C44E6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{80DA507D-61F7-4E12-929F-A85DA706856A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E8640B90-1DC0-46C7-BF7D-FF446811F776}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{945EE437-4AF3-4F95-9A11-87590E93AB56}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{5FC16A71-4985-462E-86A6-3FDE64EC9579}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{44554F71-6C22-46F9-A37B-9196AD778A01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{B638FAB3-BD94-416F-A9E7-36B86111E743}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{A12478BC-E08C-42FC-A3B6-C022EED63EA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{4A35008F-5260-4A35-9FC5-422D186BB953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{9FA3F253-FCC7-48C2-9452-AC97F06CF119}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{09AE461F-D03F-4C97-B952-ABB317960977}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{01F7E421-F78E-423D-BB14-9A9C26736341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{AF6A649E-7EA0-4B6C-9ECF-367BBEC7E3D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{83A835E3-761B-42DE-81C0-8C9486C1043A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/30/2018 10:30:29 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Kzo)
Description: httphttp-2147467263
 
Error: (10/30/2018 10:26:45 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
 
Error: (10/30/2018 10:26:45 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
 
Error: (10/30/2018 10:26:45 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
 
Error: (10/30/2018 10:26:45 PM) (Source: TabletServicePen) (EventID: 0) (User: )
Description: Unhandled error opening USB device
 
Error: (10/30/2018 10:17:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (10/29/2018 04:33:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1531
 
Error: (10/29/2018 04:33:27 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1531
 
 
System errors:
=============
Error: (10/30/2018 10:32:27 PM) (Source: DCOM) (EventID: 10016) (User: Kzo)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Kzo\Ronni SID (S-1-5-21-1741139138-458572066-732062563-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/30/2018 10:32:18 PM) (Source: DCOM) (EventID: 10016) (User: Kzo)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user Kzo\Ronni SID (S-1-5-21-1741139138-458572066-732062563-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/30/2018 10:26:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The FontCache3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/30/2018 10:26:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect.
 
Error: (10/30/2018 10:25:43 PM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.
 
Error: (10/30/2018 10:25:30 PM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.
 
Error: (10/30/2018 10:25:22 PM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
 
Error: (10/30/2018 10:16:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
An instance of the service is already running.
 
 
CodeIntegrity:
===================================
 
Date: 2018-10-30 22:28:26.493
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-30 22:28:13.660
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-30 22:28:13.414
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-30 22:19:49.425
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-30 04:04:09.834
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-29 16:02:35.252
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-29 08:01:42.906
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-10-28 18:04:28.602
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4690 CPU @ 3.50GHz
Percentage of memory in use: 35%
Total physical RAM: 8053.29 MB
Available physical RAM: 5222.6 MB
Total Virtual: 16245.29 MB
Available Virtual: 13009.89 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.97 GB) (Free:496.82 GB) NTFS
 
\\?\Volume{d4c371cd-d871-11e4-982f-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{24e7a045-0000-0000-0000-a0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 24E7A045)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
 
==================== End of Addition.txt ============================

  • 0

#7
zep516
Posted 31 October 2018 - 01:03 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello.

If there are no other issues are work is done here and the last set of logs are fine.

Thanks
Joe :)
  • 0

#8
vanillabean
Posted 01 November 2018 - 02:00 AM

vanillabean

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts

Really? Awesome, thanks!


  • 0

#9
zep516
Posted 02 November 2018 - 05:12 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,090 posts
Hello,
Any tools we downloaded can now be deleted as well as any log files, right click and delete them.

I see no signs of malware on your computer, and feel satisfied that our work here is done.


You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

Thanks
Joe :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP