Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer acting up I have no idea, malware or just getting old [Solved


  • This topic is locked This topic is locked

#1
ShowMe

ShowMe

    Member

  • Member
  • PipPipPip
  • 126 posts

So after the computer is on for a while any programs I try to open will just stall. True of browser, Task manager, Excel, etc. Can't even shut it down, so I press on/off button and restart and it works for a time. Is this the right place to post. ?If not, please direct me to the correct forum

thanks

 


  • 0

Advertisements


#2
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 477 posts
Welcome to the Geeks to Go Malware Removal forum.
I'm iMacg3 and will be helping you.

Please keep the following information in mind before we begin:
  • Do not run any fixes or tools on your system unless I request that you do so.
  • Please read all instructions carefully, and complete them in the order listed.
  • If your computer seems to start working normally, please don't abandon the topic. Just because your computer doesn't seem to have a problem doesn't mean that it isn't infected.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
  • If you have questions about anything, please ask.
--------------------


Download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right-click FRST/FRST64 and select Run as administrator. (Windows XP users double-click on the file).
  • When the tool opens, click Yes to the disclaimer.
  • Press the Scan button.
  • When finished, two log files will pop up - FRST.txt and Addition.txt.
  • Copy and paste the contents of FRST.txt and Addition.txt into your next reply.
Note - FRST.txt and Addition.txt are saved to the same location as FRST/FRST64.
  • 0

#3
ShowMe

ShowMe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

THANKS FOR THE QUICK REPLY - LET'S HOPE ALL WILL BE WELL.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by MARTIN (administrator) on DESKTOP-EP1KUU1 (21-01-2019 18:48:28)
Running from C:\Users\MARTIN\Desktop
Loaded Profiles: MARTIN (Available Profiles: MARTIN)
Platform: Windows 10 Home Version 1809 17763.253 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LITEON) C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skdh8821.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Lenovo) C:\Users\MARTIN\AppData\Local\Apps\2.0\RKAGOBGV.B5M\3818PGCP.4XK\lsb...tion_2d7b41b05b24775e_0001.0006_589ac911618caaca\LSB.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(LITE-ON TECHNOLOGY CORP.) C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Nova Development\Photo Explosion\Project Studio\ReminderApp.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
() C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe
(Mozilla Corporation) C:\Program Files (x86)\mozilla firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\mozilla firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\mozilla firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\mozilla firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\mozilla firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2209056 2015-12-30] (LITE-ON TECHNOLOGY CORP.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-12-14] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-09-30] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ReminderApp_EEAC3053-7055-4143-B8A0-306758055099] => C:\Program Files (x86)\Nova Development\Photo Explosion\Project Studio\ReminderApp.exe [145872 2012-08-10] ()
HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\...\Run: [Google Update] => C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe [605992 2018-12-19] (Google Inc.)
HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\...\Run: [Google Photos Backup] => C:\Users\MARTIN\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3791704 2018-06-01] (Google, Inc)
HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\...\Run: [HP Officejet Pro 6830 (NET)] => C:\Program Files\HP\HP Officejet Pro 6830\Bin\ScanToPCActivationApp.exe [3493952 2014-07-18] (Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-18] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{30570f0c-7097-49c2-b327-df9e2c606137}: [DhcpNameServer] 209.18.47.62 209.18.47.61

Internet Explorer:
==================
HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-12] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-12] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-12] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

FireFox:
========
FF DefaultProfile: pmjqlxbe.default
FF ProfilePath: C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\pmjqlxbe.default [2019-01-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2833005023-3025341104-2381440696-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-2833005023-3025341104-2381440696-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Slides) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-17]
CHR Extension: (YouTube) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-17]
CHR Extension: (Sheets) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\MARTIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [360736 2018-07-16] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71040 2018-11-16] (Lenovo Group Ltd.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2015-12-10] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-11] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [379896 2015-07-03] (McAfee, Inc.)
S2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S3 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [142624 2015-12-30] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-26] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-26] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-15] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-26] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-26] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-26] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-26] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-10] (Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2018-12-10] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-20] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-20] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-21] (Malwarebytes)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [109728 2015-06-29] (McAfee, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-18] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-21 18:48 - 2019-01-21 18:48 - 000018541 _____ C:\Users\MARTIN\Desktop\FRST.txt
2019-01-21 18:48 - 2019-01-21 18:48 - 000000000 ____D C:\FRST
2019-01-21 18:45 - 2019-01-21 18:45 - 002428416 _____ (Farbar) C:\Users\MARTIN\Desktop\FRST64.exe
2019-01-20 17:33 - 2019-01-20 15:01 - 000000000 ____D C:\Windows.old
2019-01-20 17:25 - 2019-01-20 17:34 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-01-20 17:25 - 2019-01-20 17:25 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-01-20 17:24 - 2019-01-20 17:24 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-01-20 17:23 - 2019-01-20 17:23 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 007724776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 005113008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-01-20 17:23 - 2019-01-20 17:23 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-01-20 17:23 - 2019-01-20 17:23 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-01-20 17:23 - 2019-01-20 17:23 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-01-20 17:23 - 2019-01-20 17:23 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 001282432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 001259000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-20 17:23 - 2019-01-20 17:23 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-01-20 17:23 - 2019-01-20 17:23 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2019-01-20 17:22 - 2019-01-20 17:23 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 009677352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 006544800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 005585056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 005565440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 004765184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 004300800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003730352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002927104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002883584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002777432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002149352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001696216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-20 17:22 - 2019-01-20 17:22 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001672056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001466872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 001341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-20 17:22 - 2019-01-20 17:22 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-01-20 17:22 - 2019-01-20 17:22 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001177632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-01-20 17:22 - 2019-01-20 17:22 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001058848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000650040 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000193016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000130088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000091640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2019-01-20 17:22 - 2019-01-20 17:22 - 000047112 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-01-20 17:22 - 2019-01-20 17:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-01-20 17:22 - 2019-01-20 17:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-01-20 17:19 - 2019-01-20 17:19 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-01-20 17:19 - 2019-01-20 17:19 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-01-20 17:19 - 2019-01-20 17:19 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-20 17:19 - 2019-01-20 17:19 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-01-20 17:19 - 2019-01-20 17:19 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-01-20 17:19 - 2019-01-20 17:19 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-01-20 17:19 - 2019-01-20 17:19 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-01-20 17:19 - 2019-01-20 17:19 - 000000000 ____D C:\Program Files\MSBuild
2019-01-20 17:19 - 2019-01-20 17:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-01-20 17:19 - 2019-01-20 17:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-01-20 17:18 - 2019-01-20 17:18 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-01-20 17:18 - 2019-01-20 17:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-01-20 17:18 - 2019-01-20 17:18 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-01-20 17:18 - 2019-01-20 17:18 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-01-20 17:17 - 2019-01-20 17:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-01-20 17:17 - 2019-01-20 17:18 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-01-20 17:17 - 2019-01-20 17:17 - 008628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0019.dll
2019-01-20 16:37 - 2019-01-20 16:37 - 000001117 _____ C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Across Lite.lnk
2019-01-20 16:37 - 2019-01-20 16:37 - 000000000 ____D C:\Program Files (x86)\Litsoft
2019-01-20 15:04 - 2019-01-20 15:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-01-20 15:01 - 2019-01-20 15:01 - 000000020 ___SH C:\Users\MARTIN\ntuser.ini
2019-01-20 14:59 - 2019-01-21 16:21 - 000003264 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMARTIN
2019-01-20 14:59 - 2019-01-20 15:00 - 000003752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-20 14:59 - 2019-01-20 15:00 - 000003622 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001UA
2019-01-20 14:59 - 2019-01-20 15:00 - 000003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001UA1d257d7cd579424
2019-01-20 14:59 - 2019-01-20 15:00 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-01-20 14:59 - 2019-01-20 15:00 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-20 14:59 - 2019-01-20 15:00 - 000003288 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001Core1d257d7cd46e516
2019-01-20 14:59 - 2019-01-20 15:00 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-01-20 14:59 - 2019-01-20 15:00 - 000002706 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet Pro 6830
2019-01-20 14:59 - 2019-01-20 14:59 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-01-20 14:59 - 2019-01-20 14:59 - 000003354 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001Core
2019-01-20 14:59 - 2019-01-20 14:59 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-20 14:59 - 2019-01-20 14:59 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2833005023-3025341104-2381440696-1001
2019-01-20 14:59 - 2019-01-20 14:59 - 000002440 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2019-01-20 14:59 - 2019-01-20 14:59 - 000002336 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_LENOVO_MICPKEY
2019-01-20 14:59 - 2019-01-20 14:59 - 000002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2019-01-20 14:59 - 2019-01-20 14:59 - 000002212 _____ C:\WINDOWS\System32\Tasks\PDVDServ12 Task
2019-01-20 14:59 - 2019-01-20 14:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-20 14:59 - 2019-01-20 14:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-01-20 14:59 - 2019-01-20 14:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2019-01-20 14:59 - 2019-01-20 14:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2019-01-20 14:58 - 2019-01-20 14:59 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-01-20 14:58 - 2019-01-20 14:59 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-01-20 14:48 - 2019-01-20 14:51 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-20 14:47 - 2019-01-21 16:54 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-20 14:47 - 2019-01-20 14:47 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-20 14:47 - 2019-01-20 14:47 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-20 14:47 - 2019-01-20 14:47 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-20 14:41 - 2019-01-20 14:41 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-01-20 14:39 - 2019-01-20 15:01 - 000000000 ____D C:\Users\MARTIN
2019-01-20 14:39 - 2018-09-15 02:29 - 000001105 _____ C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-20 14:38 - 2019-01-20 14:38 - 000000000 ____D C:\ProgramData\USOShared
2019-01-20 14:38 - 2018-07-16 22:47 - 000102184 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-01-20 14:38 - 2018-07-16 22:47 - 000098080 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-01-20 14:37 - 2018-09-15 02:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-01-20 14:35 - 2019-01-21 17:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-20 14:35 - 2019-01-20 14:44 - 000616016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-18 17:19 - 2019-01-20 15:01 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-18 10:37 - 2019-01-20 17:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-01-12 16:58 - 2019-01-18 10:37 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-01-12 16:58 - 2019-01-18 10:37 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-01-12 16:58 - 2019-01-18 10:37 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-01-12 16:58 - 2019-01-18 10:37 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-01-12 16:58 - 2019-01-18 10:37 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-01-12 16:58 - 2019-01-18 10:37 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-01-12 16:58 - 2019-01-18 10:37 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-01-11 12:42 - 2019-01-11 12:42 - 000140535 _____ C:\Users\MARTIN\Desktop\ALTERNATE PARK 2019.pdf
2019-01-09 15:43 - 2019-01-09 15:43 - 001007476 _____ C:\Users\MARTIN\Documents\Scan0001.pdf
2019-01-09 15:41 - 2019-01-09 15:41 - 001007476 _____ C:\Users\MARTIN\Documents\Scan.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-21 18:44 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-21 17:59 - 2016-11-17 16:03 - 000000000 ____D C:\Users\MARTIN\AppData\LocalLow\Mozilla
2019-01-21 17:02 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-21 16:21 - 2016-11-21 16:51 - 000000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMARTIN.job
2019-01-21 09:31 - 2017-01-09 09:11 - 000011528 _____ C:\Users\MARTIN\Desktop\BLOOD SUGAR 2017.xlsx
2019-01-21 04:07 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\appcompat
2019-01-20 17:34 - 2018-09-26 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Registration
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-20 17:34 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-01-20 17:34 - 2018-09-15 02:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-01-20 17:34 - 2018-06-05 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoTransferApp
2019-01-20 17:34 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-01-20 17:34 - 2017-06-02 21:24 - 000000000 ____D C:\Program Files\Intel
2019-01-20 17:34 - 2017-05-21 19:23 - 000000000 ____D C:\Program Files\UNP
2019-01-20 17:34 - 2017-01-13 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Explosion 5
2019-01-20 17:34 - 2016-12-29 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2019-01-20 17:34 - 2016-11-20 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-01-20 17:34 - 2016-11-20 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-01-20 17:34 - 2016-11-19 03:31 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2019-01-20 17:34 - 2016-11-17 17:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
2019-01-20 17:34 - 2016-11-17 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Shredder
2019-01-20 17:34 - 2016-11-17 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-20 17:34 - 2016-11-17 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-01-20 17:34 - 2016-06-06 16:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-01-20 17:34 - 2016-06-06 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-20 17:30 - 2018-09-15 02:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-01-20 17:30 - 2018-09-15 01:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-01-20 17:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-01-20 17:27 - 2018-04-20 15:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2019-01-20 17:26 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Resources
2019-01-20 17:26 - 2018-01-30 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-01-20 17:26 - 2017-06-02 21:23 - 000000000 ____D C:\Program Files\Realtek
2019-01-20 17:26 - 2016-11-19 03:31 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-01-20 17:23 - 2018-09-15 04:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-20 17:23 - 2018-09-15 04:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-20 17:23 - 2018-09-15 02:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-01-20 17:23 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-20 17:23 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-01-20 17:23 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-01-20 17:23 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-01-20 17:23 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-01-20 17:23 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-01-20 17:18 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-01-20 17:17 - 2018-09-15 04:10 - 000000000 ____D C:\WINDOWS\OCR
2019-01-20 17:07 - 2018-09-15 02:36 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-20 17:07 - 2018-09-15 02:36 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-20 17:07 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-20 16:39 - 2016-11-20 12:24 - 000000000 ____D C:\Users\MARTIN\Documents\Across Crosswords
2019-01-20 16:11 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-20 15:22 - 2018-12-04 15:40 - 000000000 ____D C:\Users\MARTIN\AppData\Local\PlaceholderTileLogoFolder
2019-01-20 15:20 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-20 15:18 - 2018-07-10 14:50 - 000000000 ____D C:\ProgramData\Packages
2019-01-20 15:18 - 2017-10-27 17:13 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Packages
2019-01-20 15:02 - 2016-11-20 19:24 - 000000000 ____D C:\Users\MARTIN\AppData\Local\ConnectedDevicesPlatform
2019-01-20 15:01 - 2017-10-27 17:40 - 000000000 ___RD C:\Users\MARTIN\3D Objects
2019-01-20 15:01 - 2017-06-02 21:24 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-20 15:01 - 2016-11-17 14:18 - 000000000 __SHD C:\Users\MARTIN\IntelGraphicsProfiles
2019-01-20 15:01 - 2015-11-03 14:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-20 14:52 - 2018-09-15 02:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-01-20 14:48 - 2016-11-17 16:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-20 14:48 - 2016-11-17 16:24 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-20 14:43 - 2018-09-15 01:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-20 14:42 - 2016-12-03 15:04 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-01-20 14:42 - 2016-11-20 14:55 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2019-01-20 14:38 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-01-20 14:38 - 2017-06-02 21:24 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2019-01-20 14:38 - 2017-06-02 21:24 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-01-20 14:37 - 2017-06-02 21:24 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-01-20 14:37 - 2017-06-02 21:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-01-19 16:10 - 2017-01-08 11:36 - 000011275 _____ C:\Users\MARTIN\Desktop\2019 FINANSKIES.xlsx
2019-01-18 19:42 - 2017-07-21 10:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-18 19:42 - 2017-04-24 16:08 - 000000000 ____D C:\Program Files (x86)\mozilla firefox
2019-01-18 17:10 - 2018-11-16 18:27 - 000000000 ____D C:\Program Files\rempl
2019-01-18 10:36 - 2016-06-06 16:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-01-14 15:33 - 2016-12-12 15:03 - 000000000 ____D C:\Users\MARTIN\Documents\PDF FILES
2019-01-12 16:42 - 2016-11-19 14:03 - 000000000 ____D C:\Users\MARTIN\Documents\RECIPES
2019-01-10 11:13 - 2017-07-21 10:44 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-09 15:35 - 2016-12-30 19:30 - 000002092 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2019-01-09 12:46 - 2016-11-18 14:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 12:44 - 2016-11-18 14:20 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2018-06-23 18:28 - 2018-06-23 18:28 - 000000850 _____ () C:\Users\MARTIN\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by MARTIN (21-01-2019 18:49:12)
Running from C:\Users\MARTIN\Desktop
Windows 10 Home Version 1809 17763.253 (X64) (2019-01-20 20:01:00)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2833005023-3025341104-2381440696-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2833005023-3025341104-2381440696-503 - Limited - Disabled)
Guest (S-1-5-21-2833005023-3025341104-2381440696-501 - Limited - Disabled)
MARTIN (S-1-5-21-2833005023-3025341104-2381440696-1001 - Administrator - Enabled) => C:\Users\MARTIN
WDAGUtilityAccount (S-1-5-21-2833005023-3025341104-2381440696-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Across Lite (HKLM-x32\...\{5F5C7350-9731-420F-97CC-8CAFEE7DA7A3}) (Version: 2.4.2451.1 - Literate Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.0916 - Lenovo)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 11.0.159.5 - ESET, spol. s r.o.)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version:  - Pow Tools)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Officejet Pro 6830 Basic Device Software (HKLM\...\{98040AB6-D667-409C-81E7-DB65836B3EE0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Officejet Pro 6830 Help (HKLM-x32\...\{28693307-6F99-4B5D-9FA3-4D9132DDA716}) (Version: 34.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.10.49.21 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\...\dda9ca0b023f4c56) (Version: 1.6.4.0 - Lenovo)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.19 - Lenovo)
Lenovo Solution Center (HKLM\...\{52753916-613B-4455-8022-A146CC17B1F6}) (Version: 3.2.002.00 - Lenovo)
LibreOffice 5.2.3.3 (HKLM-x32\...\{30605C95-A3A0-4A08-AD58-9AE7ABA47B70}) (Version: 5.2.3.3 - The Document Foundation)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 64.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0.2 (x64 en-US)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Photo Explosion 5 (HKLM-x32\...\{EA218B33-C803-43EF-B4E0-B344D4553DA6}) (Version: 5.0.2.4 - Nova Development)
Photo Transfer App (HKLM-x32\...\com.erclab.air.phototransferapp) (Version: 2.8.2 - UNKNOWN)
Product Improvement Study for HP Officejet Pro 6830 (HKLM\...\{96ABEAD3-67AE-4BF7-8A16-F745352049B3}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.128 - Qualcomm Atheros)
Qualcomm Atheros QCA9377 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.043 - Qualcomm Atheros)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
Russian Phonetic Student - WinRus.com (HKLM\...\{7AE27077-F326-46AA-9CB2-DF595D56C8FA}) (Version: 1.0.3.40 - Paul Gorodyansky)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2833005023-3025341104-2381440696-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\MARTIN\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-12] (Lenovo)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers3: [DeleteFiles] -> {736AF091-C361-49B4-A928-87C586130D33} => C:\Program Files\File Shredder\fsshell.dll [2012-04-01] ()
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-12] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {000E0E32-2AB0-4E65-9A37-76667EBCE4A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {12285381-BCF8-43F5-85FC-14647DF96DB3} - System32\Tasks\HPCeeScheduleForMARTIN => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {125B72DF-C745-498A-9435-A833DEE8EBE7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001Core => C:\Users\MARTIN\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-20] (Google Inc.)
Task: {1C09162E-229B-419C-AB2B-21F27D4E16E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {1F041CB9-1294-405C-934F-B9E59A94D191} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-20] (CyberLink Corp.)
Task: {23E9059D-3282-404D-9C74-2D6716DE6C11} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {2B6C6598-0F7B-4C43-B00A-6F48065B477C} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2015-07-21] (McAfee, Inc.)
Task: {2CC33CB9-A282-4835-B883-8C283509EBEF} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-12] ()
Task: {4DD823F5-FCD4-45A6-8F09-67ED1A42BF4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {4E0B27A0-CEA3-4EEA-AFC6-5A384918DF9E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {51379336-E664-4C96-AEAD-3AE8D4268FC7} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2833005023-3025341104-2381440696-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {6248DD26-020E-45B3-A949-B4296D55FCA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-01-02] (HP Inc.)
Task: {667A8D02-9BC1-4C7C-97C4-20F88C3A3AA3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {74DEF1A5-526F-4BAD-8024-3C489732A81B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\70188ac2-b64c-4fb9-b5d6-d063fec366e5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {779DF5C8-2803-443D-B134-EF871E995527} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-20] ()
Task: {77FE4523-037E-462A-BB11-E6DFB9B0D380} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo)
Task: {79C51D0E-5F04-49DA-AC73-51C10E09006E} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-12] ()
Task: {7A0B50B0-72DE-496A-8645-2AC4CE61171A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {7DA20A13-9CD6-4687-8819-DA6152B0D53E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6b9d8be3-c356-45e2-8e96-a9e914fcc4c4 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {7FA6A4B4-7D6B-4CED-9D84-9D3A0E8993B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001UA => C:\Users\MARTIN\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-20] (Google Inc.)
Task: {87EC76BA-212B-4E11-AA6F-E68DE25B6F13} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {8884C694-E09F-408A-8EC9-C2A641E47529} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-18] (Microsoft Corporation)
Task: {8910E7B6-5CC8-4610-B51B-7E09201A1132} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [2014-07-18] (Hewlett-Packard Development Company, LP)
Task: {8E58DCAA-DEED-48D9-ABA5-85C9901441F1} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {9124E924-C3A4-4A55-9D17-0A4700822580} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {91481851-8384-466F-A75C-8635B9C8FA46} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-18] (Microsoft Corporation)
Task: {988CDFD4-680A-4D28-8A95-7146BA232551} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-30] (Realtek Semiconductor)
Task: {9A597516-1207-4E53-A8E6-233EFE2A1187} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {9B87B9A9-492D-4CA8-A865-4E83DA8964EE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-18] (Microsoft Corporation)
Task: {9ECEEF8C-8C07-424D-AD28-CE87D70E713D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
Task: {A56791BA-EBF6-40BA-9C27-9427D7BDDD88} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo)
Task: {A5936A75-59D2-4AFE-A4DA-3D75F74CF548} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {A6536BE8-DE3C-4852-9789-F37697FED61B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001Core1d257d7cd46e516 => C:\Users\MARTIN\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-20] (Google Inc.)
Task: {A749C3CF-C1FA-48AC-9754-DEF02B12323F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH48P590JM => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-11-09] (HP Inc.)
Task: {AC721E00-FA82-4997-B631-DC238874A608} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c81a29fb-d054-46bc-92f7-7f6fb2692822 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {ACCEB154-ED08-47DC-8FBB-571E56D70685} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {B17213D2-51AE-46C4-B39B-EDE8F94A8BE7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-18] (Microsoft Corporation)
Task: {B5F1694C-5935-45B2-BDEF-C95358253D1C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-17] (Google Inc.)
Task: {C8E018C7-602C-4E3E-9D08-DC077B2168F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-17] (Google Inc.)
Task: {CDDC6ED4-98FE-4535-B677-05C690F4F1AC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {D1D59D78-27B7-4C35-AE78-F318166B6B26} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {D7BE2B96-6A50-4DEE-AFB4-E10CE7738099} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {E36D8E5F-A82D-45A5-83F7-E49D06A42CCA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001UA1d257d7cd579424 => C:\Users\MARTIN\AppData\Local\Google\Update\GoogleUpdate.exe [2016-11-20] (Google Inc.)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E5936B01-926F-4EC1-8982-B74DC8254309} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-18] (Microsoft Corporation)
Task: {E5B0ABD4-75CF-461C-B199-57C871E68AED} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b7b8395e-5581-458f-a578-4379e93b1115 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {E5E6D6DC-FBD9-4AAF-BC3A-F4B9B181B68F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {ED4BB7B9-FD0A-4DD8-A529-C0376E52CDAE} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {F096E90C-376C-40F2-8F56-537303BC5AAE} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-09-30] (Realtek Semiconductor)
Task: {F0A4EC0D-FA56-41DC-A230-3ACB3DAA91FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-12-24] (HP Inc.)
Task: {FB7BC800-B5F9-4321-A771-4BED80928153} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {FC3ED437-B763-4DEA-90D6-66060648FC92} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001Core.job => C:\Users\MARTIN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2833005023-3025341104-2381440696-1001UA.job => C:\Users\MARTIN\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMARTIN.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-09-26 09:47 - 2018-12-10 19:30 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-26 09:47 - 2018-12-10 19:30 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-12-30 10:59 - 2015-12-30 10:59 - 000142624 _____ () C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
2018-09-15 02:28 - 2018-09-15 02:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2018-09-15 02:28 - 2018-09-15 02:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-01-20 17:22 - 2019-01-20 17:22 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-11-17 16:33 - 2012-04-01 00:06 - 002689536 _____ () C:\Program Files\File Shredder\fsshell.dll
2018-09-15 02:28 - 2018-09-15 02:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 00:06 - 2018-10-04 00:06 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-12 17:55 - 2018-12-12 17:55 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-12 17:55 - 2018-12-12 17:56 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-12 17:55 - 2018-12-12 17:55 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-12 17:55 - 2018-12-12 17:56 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-12 17:55 - 2018-12-12 17:56 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-10 14:49 - 2018-07-10 14:49 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-12-12 17:55 - 2018-12-12 17:56 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-11 03:43 - 2018-12-11 03:43 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-11 03:43 - 2018-12-11 03:43 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 08:12 - 2017-12-01 08:13 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 20:31 - 2018-11-28 20:31 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-11 03:43 - 2018-12-11 03:43 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-11 03:43 - 2018-12-11 03:43 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-16 14:20 - 2019-01-16 14:23 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-16 14:20 - 2019-01-16 14:23 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 09:48 - 2017-10-05 09:48 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-16 14:20 - 2019-01-16 14:23 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-16 20:19 - 2018-11-16 20:20 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-16 20:19 - 2018-11-16 20:20 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-16 15:24 - 2018-08-16 15:24 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-16 15:24 - 2018-08-16 15:24 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-03-29 22:08 - 2018-03-29 22:08 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-16 14:20 - 2019-01-16 14:23 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-16 20:19 - 2018-11-16 20:20 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-16 14:20 - 2019-01-16 14:20 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 01:01 - 2018-08-31 01:01 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-28 03:13 - 2018-07-28 03:14 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-16 14:20 - 2019-01-16 14:23 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\SKU.dll
2012-08-10 11:08 - 2012-08-10 11:08 - 000145872 _____ () C:\Program Files (x86)\Nova Development\Photo Explosion\Project Studio\ReminderApp.exe
2016-06-06 16:48 - 2015-07-12 19:20 - 000808352 _____ () C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe
2016-10-20 01:28 - 2016-10-20 01:28 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2009-12-04 18:59 - 2009-12-04 18:59 - 000619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 19:04 - 2009-12-04 19:04 - 000013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 02:24 - 2015-10-30 02:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2833005023-3025341104-2381440696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MARTIN\Pictures\IMG_2223.JPG
DNS Servers: 209.18.47.62 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{86A19899-0DB0-4D4C-A3DD-FFEB2232EA07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{9DD31755-1545-42F9-AFFB-1B6FBF03375D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{AD1B3DD6-D2C7-464A-92E2-A89B5CE6ED7A}] => (Allow) C:\Program Files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{B2AD43B6-E0B8-4B35-952C-955246B33A11}] => (Allow) C:\Program Files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{E04A2495-5CC6-425E-A763-9035783BDB7E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{442C5B02-3534-4F52-8BFD-E549193BB2D2}] => (Allow) LPort=5357
FirewallRules: [{85F603FA-2E21-49BA-AC92-165D7DDBEFFF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{D924891F-4DA1-40AA-9FA1-E2D78D007103}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{90F8535B-30A9-4C67-A03C-95E870DFBBE1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{F88C4A87-59DC-4485-B30A-41A6DB7519D6}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe (Hewlett-Packard Development Company, LP)
FirewallRules: [{4AD7ADBE-CAAD-4966-BC7D-0AA586FCA028}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{38D200BC-8287-49DD-9CF4-3788201A3EED}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{D7EBA6C4-6BD2-439E-98E9-7D642FC5DACE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
FirewallRules: [{C4ABFCD6-B0C3-4AD6-895C-712DD528322B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe (Hewlett-Packard)
FirewallRules: [{0E48BA42-0B1E-4012-8C9F-A3A25946466F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe (Hewlett-Packard)
FirewallRules: [{7EF9232E-5AA4-4D3B-8EE7-602F45004F25}] => (Allow) C:\Users\MARTIN\AppData\Local\Temp\7zS44BB\HPDiagnosticCoreUI.exe No File
FirewallRules: [{EEB80DB2-7DA9-4603-8F3A-E9406872450C}] => (Allow) C:\Users\MARTIN\AppData\Local\Temp\7zS44BB\HPDiagnosticCoreUI.exe No File
FirewallRules: [{6B81FE53-B572-48CF-A4B6-5D940FFE09C8}] => (Allow) C:\Users\MARTIN\AppData\Local\Temp\7zS3B0B\HPDiagnosticCoreUI.exe No File
FirewallRules: [{808F3CA2-43CA-4126-A42E-750492CAACDC}] => (Allow) C:\Users\MARTIN\AppData\Local\Temp\7zS3B0B\HPDiagnosticCoreUI.exe No File

==================== Restore Points =========================

20-01-2019 16:24:08 Removed Across Lite

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2019 05:29:34 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/20/2019 05:29:34 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/20/2019 02:59:54 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (01/20/2019 02:59:54 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (01/20/2019 02:48:02 PM) (Source: PerfNet) (EventID: 2002) (User: )
Description: Unable to open the Redirector service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (01/20/2019 02:48:02 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A

System errors:
=============
Error: (01/21/2019 06:37:01 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/21/2019 06:37:00 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/21/2019 06:23:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/21/2019 06:23:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/21/2019 04:08:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/21/2019 04:08:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/21/2019 01:52:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/21/2019 01:15:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EP1KUU1)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-EP1KUU1\MARTIN SID (S-1-5-21-2833005023-3025341104-2381440696-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

CodeIntegrity:
===================================

Date: 2019-01-20 15:02:49.119
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-20 15:02:49.114
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-20 15:02:49.084
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-20 15:02:49.079
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-20 15:02:49.069
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-20 15:02:49.063
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-20 15:02:49.052
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-20 15:02:49.047
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i5-4460S CPU @ 2.90GHz
Percentage of memory in use: 33%
Total physical RAM: 16293.27 MB
Available physical RAM: 10848.78 MB
Total Virtual: 19237.27 MB
Available Virtual: 13858.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1831.17 GB) (Free:1754.82 GB) NTFS

\\?\Volume{e89a39d4-5cb9-4afc-9f9f-503c996f4cd8}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{0507a9dd-2716-43e3-ac75-224f698afd27}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:14.96 GB) NTFS
\\?\Volume{31410ca1-d6b2-4262-a2a6-ba5a0614cefb}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 054B27D2)

Partition: GPT.

==================== End of Addition.txt ============================


  • 0

#4
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 477 posts
Hi,

Your logs are clean of malware.

I see some remnants of McAfee Antivirus on your computer.
Please download the McAfee removal tool from the below link and save it to your Desktop.

http://us.mcafee.com...s/mcpr/mcpr.asp

Right-click on MCPR.exe and click Run as Administrator.
Follow the on-screen prompts to remove the remnants of McAfee. Reboot your computer once the uninstaller is complete.

Let me know if the problem persists.

Thanks.
  • 0

#5
ShowMe

ShowMe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts

Thank you for taking the time to review my case. I am relieved that there was no sign of malware. I removed Mcafee remnants. The problem I was having has not returned, meanwhile I backed up important files, just in case it is the computer.


  • 0

#6
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 477 posts

Sounds great.  :thumbsup:  I'll leave this topic open for a few days in case you experience any problems.


  • 0

#7
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 477 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP