Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

How to remove zooqle.me from Chrome [Closed]

Started by jlk69 , Apr 26 2019 05:13 AM

  • This topic is locked This topic is locked

#1
jlk69
Posted 26 April 2019 - 05:13 AM

jlk69

    Member

  • Member
  • PipPip
  • 97 posts

I want to remove zooqle.me from the Chrome browser. I get pop up advertising windows from zooqle.me. How can I safely remove this program? Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.04.2019

Ran by Jon Kunkel (26-04-2019 04:03:25)
Running from C:\Users\Jon Kunkel\Desktop
Windows 10 Pro Version 1809 17763.437 (X64) (2019-03-09 15:31:16)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1455080203-1993767787-3070024092-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1455080203-1993767787-3070024092-503 - Limited - Disabled)
Guest (S-1-5-21-1455080203-1993767787-3070024092-501 - Limited - Enabled)
Jon Kunkel (S-1-5-21-1455080203-1993767787-3070024092-1002 - Administrator - Enabled) => C:\Users\Jon Kunkel
WDAGUtilityAccount (S-1-5-21-1455080203-1993767787-3070024092-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DYD Youtube Source (remove only) (HKLM-x32\...\3DYD Youtube Source) (Version:  - )
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A3 Super II Config Software (HKLM-x32\...\{A6D9F65D-D236-48E9-9BD2-5B43BE733957}) (Version: 1.0.0 - HobbyEagle)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
ACDSee 10 Photo Manager (HKLM-x32\...\{F8B98EB6-FC06-45BF-87D4-9784E0408611}) (Version: 10.0.219 - ACD Systems International)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
ApoDispatch Install Configurator (HKLM\...\{B127ECA5-392A-4493-BF1F-6BBC3BCB5D6D}) (Version: 2.5.2701 - Nahimic) Hidden
APOInstallerMSISetup (HKLM\...\{6D8108E5-FBDD-4547-9C04-B052336E4046}) (Version: 1.0.19 - Nahimic) Hidden
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{A6A8AE0B-30CC-4641-8BE4-8A70E44A2448}) (Version: 1.0.1901 - Nahimic) Hidden
AudioLaunchpad Install Configurator (HKLM\...\{AE1EF633-4935-4D52-ACA9-290CD25E3669}) (Version: 2.5.2701 - Nahimic) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.4.3089 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 73.0.762.88 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.155.333 - AVG Technologies) Hidden
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version:  - )
Bulk Image Downloader v4.91.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version:  - Antibody Software)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
CheckDevices Install Configurator (HKLM\...\{8D6E0925-B1F4-434F-AE85-EAE69D08CE0A}) (Version: 2.5.2701 - Nahimic) Hidden
CPUID CPU-Z MSI 1.82.2 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.82.2 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0811 - Disc Soft Ltd)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version:  - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version:  - )
EndpointMonitoring Install MSISetup (HKLM\...\{F1F90F23-6FFC-481E-B72A-B2D51C6DA257}) (Version: 1.0.1901 - Nahimic) Hidden
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
Firmware Update Utility (HKLM-x32\...\{6B7DDA37-1215-4D6B-919D-8F373D09A36E}) (Version: 1.0.0 - HobbyEagle)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
John's Background Switcher 5.2 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 5.2 - johnsadventures.com)
LauncherSetup Install (HKLM\...\{321FD73D-DE84-4305-8D39-FDF9809E8C07}) (Version: 2.5.2701 - Nahimic) Hidden
LAV Filters 0.69 (HKLM-x32\...\lavfilters_is1) (Version: 0.69 - Hendrik Leppkes)
Machete 4.1 (HKLM-x32\...\{87304796-1E8E-4A42-9918-967D3AFAD7F2}) (Version: 4.1.22 - MacheteSoft)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version:  - )
Microsoft OneDrive (HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MSI APP Manager (HKLM-x32\...\{00F47104-12BA-4E58-A7E6-F456C1BA338E}}_is1) (Version: 1.0.0.27 - MSI)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.0.60 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.61 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.50 - MSI)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 2.0.0.50 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.31 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.32 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.22 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.41 - MSI)
Nahimic 2+ Audio Driver (HKLM\...\{5730B02A-C7CD-4AA2-A153-E7B3B43730D6}) (Version: 2.5.2701 - Nahimic) Hidden
Nahimic 2+ Audio Driver (HKLM-x32\...\{7acff911-8114-44bf-8400-0d29c4c3841c}) (Version: 2.5.27 - Nahimic)
Nahimic VR (HKLM-x32\...\{3d84610f-4cfb-4165-aa15-bb859bd0f0e3}) (Version: 1.0.19 - Nahimic)
NineEarsSettings Install Configurator (HKLM\...\{A909659E-FC98-4D8F-AC40-8C5344C86F7A}) (Version: 1.0.1901 - Nahimic) Hidden
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.10.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenTX Companion 2.2 (HKLM-x32\...\OpenTX Companion 2.2) (Version:  - OpenTX)
ProductDaemon Install Setup (HKLM\...\{32D62D40-F8F6-408E-8F8C-6A6593E3ACE9}) (Version: 1.0.1901 - Nahimic) Hidden
ProductDaemonSetup Install (HKLM\...\{8B4E59C4-412D-4136-B3D9-05CEA4FC6433}) (Version: 2.5.2701 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{5B67F5E0-64C0-4D32-9DAB-E3B6AA67AB52}) (Version: 2.5.2701 - Nahimic) Hidden
R/C Data Recorder (Release Version 10.69) (HKLM-x32\...\{0A9DB4BC-AAAA-49AD-9877-0C78710BAA9D}) (Version: 10.69.00 - Eagle Tree Systems, LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{5AD15F26-ABD5-4A4B-ACB1-81D3E348F198}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
SonicMapper Install Configurator (HKLM\...\{5D35E670-209E-4E9F-8226-F9693E275E8E}) (Version: 2.5.2701 - Nahimic) Hidden
SSAudioDaemon Install MSISetup (HKLM\...\{F77EA0C2-B0EB-47C7-990D-EACA981D75E8}) (Version: 1.0.19 - Nahimic) Hidden
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
UIInstallUpgrade (HKLM\...\{12E7AD3D-5F2D-4D79-8618-C97DF2DD8896}) (Version: 2.5.2701 - Nahimic) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 11.1.0 - Inmatrix LTD)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-04-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-04-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [ZPShellExt] -> {ABE00001-0123-ABED-1248-0248ADFA1909} => C:\Program Files (x86)\Zoom Player\zpshlext64.dll [2008-08-05] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-12-06 23:28 - 2016-06-14 17:35 - 000187392 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2010-11-18 22:08 - 2010-11-18 22:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-09-22 17:57 - 2017-09-22 17:57 - 000979456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2018-12-26 07:23 - 2018-12-03 15:00 - 003694080 _____ (Micro-Star INT'L CO., LTD.) [File not signed] C:\Program Files (x86)\MSI\APP Manager\AppManager.exe
2018-12-06 23:28 - 2016-06-14 17:35 - 000163328 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2018-12-06 23:29 - 2017-08-02 15:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2018-12-06 23:29 - 2016-10-03 14:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll
2018-12-06 23:29 - 2016-04-20 15:12 - 000772608 _____ () [File not signed] C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\Lib\USB_DLL.dll
2018-12-06 23:28 - 2015-06-23 17:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2018-12-26 07:23 - 2005-07-18 14:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\APP Manager\unrar.dll
2019-01-02 08:18 - 2005-07-18 14:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2019-04-24 17:31 - 2019-04-24 17:31 - 000159232 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.820cb8f8#\0180adc8cadea8f70a71bf1446a594d6\Intuit.Spc.Esd.Client.Common.ni.dll
2019-04-24 17:31 - 2019-04-24 17:31 - 001108480 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.Esd.Core\ca9b622c7900ab9934396e053cc67edd\Intuit.Spc.Esd.Core.ni.dll
2019-04-24 17:31 - 2019-04-24 17:31 - 001093120 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.8e5e058c#\43d869255a8ef30d3826750f9eb4bc9c\Intuit.Spc.Esd.WinClient.Api.Net.ni.dll
2019-04-24 17:31 - 2019-04-24 17:31 - 000218112 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.618c5f21#\9a527a01443dd7e5f7f48e0d88a4911d\Intuit.Spc.Esd.Client.DataAccess.ni.dll
2019-04-24 17:31 - 2019-04-24 17:31 - 000437760 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.09f690bd#\4867b56e11976294f1a2a46bb9a434a2\Intuit.Spc.Esd.Client.BusinessLogic.ni.dll
2019-04-24 17:31 - 2019-04-24 17:31 - 000681984 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.e37652b5#\846e4ad8cb4625821e726f6f231fd60f\Intuit.Spc.Map.Reporter.ni.dll
2019-04-24 17:31 - 2019-04-24 17:31 - 001078784 _____ (Intuit) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.fecc593b#\4e5978fe874dce53260173cefc4656b8\Intuit.Spc.Map.WindowsFirewallUtilities.ni.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 06:46 - 2018-12-07 08:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jon Kunkel\AppData\Roaming\johnsadventures.com\Background Switcher\ActiveBackground.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc32"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc64"
HKLM\...\StartupApproved\Run32: => "X_Boost"
HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\...\StartupApproved\Run: => "Device Detector"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{2CAC0B9C-12A0-4942-9689-30B33EABD631}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{C30B087B-5168-4653-87BF-56A14B571A0F}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [{FD3433F0-FC9F-47C7-B425-91B732AB0577}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{ABBCD917-C7B1-4EB9-99E7-9FB2313D2D93}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{0F32908B-BF81-4CA3-BFD4-C5FD12415C70}F:\program files\qbittorrent\qbittorrent.exe] => (Allow) F:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{7151D7D0-8966-492C-AD29-40D7985A1E63}F:\program files\qbittorrent\qbittorrent.exe] => (Allow) F:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{009D78D2-F7D7-4A89-A2B6-AB0DFA6CC4CF}F:\program files\qbittorrent\qbittorrent.exe] => (Allow) F:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{46541CE1-5FB0-4592-AFA5-DC3406AE53BE}F:\program files\qbittorrent\qbittorrent.exe] => (Allow) F:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{278220B1-0F34-4775-B623-4CCA01C54E79}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{80E1692E-495B-415E-A131-91FEA2CA6C2E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{B9AB5C23-BC93-4189-9E62-440539A83637}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{6F992915-0CCA-4787-8856-69B701F1C3D2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{8801C4C3-F866-4711-B7A0-A50385CC17AE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{9BA7BE35-BD59-4DD2-940F-8C5401155476}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{5173E53D-EA8D-4BB6-8E9F-3BDA7B7C6D54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{497FB16F-E7C6-4F03-878F-2D1073B48270}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F733B964-17AE-4318-BF99-0770CD70B073}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65004230-8FB6-4281-94F3-79443E1C6DF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AA96D66-2CE8-4575-B84B-2756BACE7914}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22B18D07-87CA-477F-9778-EDC0FF79B687}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{474DE7B4-0386-41A0-9AED-8339D7FA9791}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C813F1BC-C6B9-496A-B1AA-D512F3DB82FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{09D110BE-9DD7-416E-B025-52DD50E1C12D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{B2F43F8A-8882-41DD-9BC3-CF7D826972E1}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{E427DBBC-9469-424C-8803-E5EA5412CDFE}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, Inc. -> AVG Technologies)
FirewallRules: [{18B6E6F2-EF10-4723-92B3-81D4D1C1C6ED}] => (Allow) LPort=26820
FirewallRules: [{36548FFF-B933-45CC-A77E-723F497C7CCE}] => (Allow) LPort=26822
 
==================== Restore Points =========================
 
07-04-2019 22:36:07 Installed TurboTax 2018 wrapper
14-04-2019 08:27:16 SPTD setup V2.13
18-04-2019 21:07:36 Windows Modules Installer
21-04-2019 13:13:33 Installed IL-2 Sturmovik: Forgotten Battles
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/26/2019 03:58:44 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (04/25/2019 04:17:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (04/25/2019 06:59:42 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (04/24/2019 05:30:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (04/24/2019 05:30:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (04/24/2019 05:26:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (04/24/2019 05:26:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (04/24/2019 04:51:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
 
 
System errors:
=============
Error: (04/26/2019 03:58:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-BD7MLPJ)
Description: DCOM got error "2" attempting to start the service AVGSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
{CA348B59-06AD-4482-AD87-966302908F0F}
 
Error: (04/26/2019 03:58:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Secure Browser Elevation Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (04/26/2019 12:34:47 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-BD7MLPJ)
Description: DCOM got error "2" attempting to start the service AVGSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
{CA348B59-06AD-4482-AD87-966302908F0F}
 
Error: (04/26/2019 12:34:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Secure Browser Elevation Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (04/26/2019 12:06:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WpnUserService_3216c service terminated unexpectedly.  It has done this 19 time(s).
 
Error: (04/25/2019 11:34:48 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-BD7MLPJ)
Description: DCOM got error "2" attempting to start the service AVGSecureBrowserElevationService with arguments "Unavailable" in order to run the server:
{CA348B59-06AD-4482-AD87-966302908F0F}
 
Error: (04/25/2019 11:34:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Secure Browser Elevation Service service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (04/25/2019 11:14:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WpnUserService_3216c service terminated unexpectedly.  It has done this 18 time(s).
 
 
CodeIntegrity:
===================================
 
Date: 2019-04-24 17:30:53.677
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume1\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-04-24 17:30:53.674
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume1\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Microsoft signing level requirements.
 
Date: 2019-04-24 17:30:53.671
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
 
Date: 2019-04-24 17:30:53.666
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
 
Date: 2019-04-24 17:26:14.505
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-24 17:26:14.503
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-24 17:26:14.498
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-04-24 17:26:14.496
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. A.40 06/28/2018
Motherboard: Micro-Star International Co., Ltd. X470 GAMING PLUS (MS-7B79)
Processor: AMD Ryzen 5 2600 Six-Core Processor 
Percentage of memory in use: 57%
Total physical RAM: 8140.28 MB
Available physical RAM: 3486.49 MB
Total Virtual: 16844.28 MB
Available Virtual: 7225.98 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.3 GB) (Free:275.23 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:103.41 GB) (Free:1.56 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Hard Drive) (Fixed) (Total:298.09 GB) (Free:0.22 GB) NTFS
Drive g: () (Fixed) (Total:931.41 GB) (Free:775.65 GB) NTFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:2.82 GB) NTFS
Drive j: (Hard Drive) (Fixed) (Total:298.08 GB) (Free:0.3 GB) NTFS
 
\\?\Volume{7e916ec2-0000-0000-0000-805374000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7E916EFA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=103.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.4 GB) - (Type=0F Extended)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 31943194)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 28000000)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 5 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 0BB5AF8D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2019
Ran by Jon Kunkel (administrator) on DESKTOP-BD7MLPJ (Micro-Star International Co., Ltd. MS-7B79) (26-04-2019 04:02:38)
Running from C:\Users\Jon Kunkel\Desktop
Loaded Profiles: Jon Kunkel (Available Profiles: Jon Kunkel)
Platform: Windows 10 Pro Version 1809 17763.437 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.731.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
(A-Volute -> ) C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(A-Volute -> Nahimic) C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
(Conners Systems Ltd -> johnsadventures.com) C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.402_none_7e502ee34cd6a6f5\TiWorker.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NahimicMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) [File not signed] C:\Program Files (x86)\MSI\APP Manager\AppManager.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify AB -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0\Spotify.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NahimicVRSvc32] => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990256 2018-02-05] (A-Volute -> A-Volute)
HKLM\...\Run: [NahimicVRSvc64] => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142320 2018-02-05] (A-Volute -> A-Volute)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268680 2018-02-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734256 2018-02-05] (A-Volute -> Nahimic)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835768 2018-02-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4261024 2018-02-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [APP Manager] => C:\Program Files (x86)\MSI\APP Manager\AppManager.exe [3694080 2018-12-03] (Micro-Star INT'L CO., LTD.) [File not signed]
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26253496 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\...\Run: [BackgroundSwitcher] => C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe [121960 2019-03-19] (Conners Systems Ltd -> johnsadventures.com)
HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [735336 2019-04-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\...\RunOnce: [Application Restart #1] => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-1455080203-1993767787-3070024092-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [570880 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-09-29] () [File not signed]
HKLM\...\Drivers32-x32: [VIDC.ACDV] => ACDV.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\73.0.762.88\Installer\chrmstp.exe [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07DAE626-F14A-4151-83C9-48EE5B6837ED} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {1305F9B0-7818-4CA3-90DC-8F639595EBE5} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1956064 2019-04-11] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {147B602A-6812-4873-95E1-46E1569EE586} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142320 2018-02-05] (A-Volute -> A-Volute)
Task: {170121CB-527E-4C3E-BA05-EB901704BF93} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [37536 2017-09-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {253CF5EF-0633-4FE5-8F77-24C7E0059BCB} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [38560 2017-09-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {2DD75D15-EF66-4C72-8126-252CFF5647B8} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-04-24] (AVG Netherlands B.V. -> AVG Technologies)
Task: {2EF6F3F7-9E0A-486F-A0EF-776608B8BF00} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3C5D16F8-FE0A-490B-AA39-BC72FE3DB52C} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3352760 2017-11-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {47F08D7E-C12C-40B4-825F-CB89F4543E79} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990256 2018-02-05] (A-Volute -> A-Volute)
Task: {4DC48C0D-90C8-4BC0-89F6-9AD770863A03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-12-06] (Google Inc -> Google Inc.)
Task: {53F7EE91-DCD2-4C82-A4B7-DF384F7908D8} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [4412464 2018-02-05] (A-Volute -> )
Task: {6470D398-0A9D-45E9-B958-753EF5CD1F65} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [734256 2018-02-05] (A-Volute -> Nahimic)
Task: {65BFE7BA-82BA-4784-90DE-3A3C15F49C97} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe [31904 2018-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {67DF97D5-EF08-4429-9146-BE38EBD4EEF2} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [520752 2018-02-05] (A-Volute -> )
Task: {79AFCF81-026A-495D-98BD-F9F991B54B80} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1956064 2019-04-11] (AVG Technologies USA, Inc. -> AVG Technologies)
Task: {871D0EDB-EF22-43D5-AEA1-0804CF03A2B8} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [578232 2018-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {9A389168-C9AC-4F68-8240-A5A0518E6F8B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-12-06] (Google Inc -> Google Inc.)
Task: {A1E85478-E0FF-4FA2-A4B4-D7AFED71607E} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2970544 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {B1AD1134-B2A9-44C9-917B-5A7C6616E9ED} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-04-24] (AVG Netherlands B.V. -> AVG Technologies)
Task: {E564EC03-FD8C-45F4-988A-246513A6B8A7} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-14] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {EEF51F1E-B77A-4DFB-95FB-62B91DC56C59} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\MSILEDKeeper_Host.job => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{a7259de3-ab96-4d49-89c2-f872a8e2b35f}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
Internet Explorer:
==================
 
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
 
Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default [2019-04-26]
CHR Extension: (Slides) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-07]
CHR Extension: (Docs) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-07]
CHR Extension: (Google Drive) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-07]
CHR Extension: (YouTube) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-07]
CHR Extension: (Video Downloader professional) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2019-04-13]
CHR Extension: (Sheets) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-09]
CHR Extension: (Helicopter) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdkgjjinnjgibkfljddmbkeomennhel [2018-12-07]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-03-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-07]
CHR Extension: (Gmail) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\Jon Kunkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2017-10-13] (Advanced Micro Devices, Inc. -> AMD)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-04-24] (AVG Netherlands B.V. -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [362536 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6709272 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-04-24] (AVG Netherlands B.V. -> AVG Technologies)
S3 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110048 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-04-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [48824 2017-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2021048 2017-11-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343608 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2252472 2017-12-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2506424 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2667704 2018-03-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [83104 2018-02-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_AppManager_Service; C:\Program Files (x86)\MSI\APP Manager\AppManager_Service.exe [2054840 2018-08-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2191032 2018-12-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [71864 2018-02-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2017-12-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [30904 2017-10-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-12-06] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-12-06] (Microsoft Corporation -> Microsoft Corporation)
S3 AVGSecureBrowserElevationService; "C:\Program Files (x86)\AVG\Browser\Application\73.0.762.88\elevation_service.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34696 2017-10-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-10-16] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137104 2017-11-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37368 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [254680 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [196560 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblog.sys [320672 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [58152 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42336 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [166896 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112360 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [87992 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [476824 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [220472 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [385904 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-10-19] (Realtek Semiconductor Corp. -> Realtek )
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12464 2019-04-21] (Macrovision Europe Ltd) [File not signed]
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [207344 2019-04-14] (Disc Soft Ltd -> Duplex Secure Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-12-06] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-26 04:02 - 2019-04-26 04:03 - 000031347 _____ C:\Users\Jon Kunkel\Desktop\FRST.txt
2019-04-26 04:02 - 2019-04-26 04:02 - 000000000 ____D C:\Users\Jon Kunkel\Desktop\FRST-OlderVersion
2019-04-26 04:02 - 2019-04-26 04:02 - 000000000 ____D C:\FRST
2019-04-25 08:49 - 2019-04-26 04:02 - 002429952 _____ (Farbar) C:\Users\Jon Kunkel\Desktop\FRST64.exe
2019-04-24 17:34 - 2019-04-24 17:34 - 000003826 _____ C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2019-04-24 17:34 - 2019-04-24 17:34 - 000003416 _____ C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineUA
2019-04-24 17:34 - 2019-04-24 17:34 - 000003292 _____ C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineCore
2019-04-24 17:34 - 2019-04-24 17:34 - 000003242 _____ C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2019-04-24 17:34 - 2019-04-24 17:34 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2019-04-24 17:34 - 2019-04-24 17:34 - 000002459 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2019-04-24 17:32 - 2019-04-24 17:32 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\johnsadventures.com
2019-04-24 17:26 - 2019-04-24 17:26 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-04-21 13:23 - 2019-04-21 13:23 - 000012464 _____ (Macrovision Europe Ltd) C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2019-04-21 13:20 - 2019-04-21 13:20 - 000000000 ____D C:\Program Files (x86)\ubi.com
2019-04-21 13:20 - 2002-10-17 08:35 - 000026096 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmlinst.exe
2019-04-21 13:20 - 2002-04-24 10:43 - 000035840 ____R C:\WINDOWS\SysWOW64\comdlg32.oca
2019-04-21 13:20 - 2002-04-09 15:23 - 000029184 ____R C:\WINDOWS\SysWOW64\MSINET.oca
2019-04-21 13:20 - 2002-01-07 14:30 - 000024576 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2019-04-21 13:20 - 2001-05-04 09:05 - 000505104 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml.dll
2019-04-21 13:20 - 2001-05-04 09:05 - 000028432 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxmlr.dll
2019-04-21 13:20 - 2000-05-21 22:00 - 000140488 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2019-04-21 13:20 - 2000-03-17 06:21 - 000069632 ____R C:\WINDOWS\SysWOW64\xmltok.dll
2019-04-21 13:20 - 2000-03-17 06:21 - 000036864 ____R C:\WINDOWS\SysWOW64\xmlparse.dll
2019-04-21 13:20 - 1998-06-23 22:00 - 000115016 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSINET.OCX
2019-04-21 13:20 - 1998-06-17 22:00 - 000089360 ____R (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL
2019-04-21 13:16 - 2019-04-21 13:20 - 000000000 ____D C:\Program Files (x86)\Ubi Soft
2019-04-20 05:50 - 2019-04-20 05:50 - 000000881 _____ C:\Users\Jon Kunkel\Desktop\qtorrent downloads - Shortcut.lnk
2019-04-14 20:34 - 2019-04-14 20:34 - 000002560 _____ C:\WINDOWS\_MSRSTRT.EXE
2019-04-14 08:27 - 2019-04-14 08:29 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Roaming\DAEMON Tools Lite
2019-04-14 08:27 - 2019-04-14 08:27 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2019-04-14 08:27 - 2019-04-14 08:27 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2019-04-14 08:27 - 2019-04-14 08:27 - 000000899 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2019-04-14 08:27 - 2019-04-14 08:27 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2019-04-14 08:27 - 2019-04-14 08:27 - 000000000 ____D C:\Users\Public\Documents\Catch!
2019-04-14 08:27 - 2019-04-14 08:27 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Local\Disc_Soft_Ltd
2019-04-14 08:27 - 2019-04-14 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2019-04-14 08:27 - 2019-04-14 08:27 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2019-04-14 08:26 - 2019-04-14 08:27 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-04-14 01:34 - 2019-04-14 01:34 - 000000124 _____ C:\Users\Jon Kunkel\Documents\ax_files.xml
2019-04-14 01:30 - 2019-04-14 08:19 - 000000000 ____D C:\ProgramData\Alcohol Soft
2019-04-13 18:30 - 2019-04-13 18:30 - 000516032 _____ C:\Users\Jon Kunkel\Documents\[email protected]_20190411_133549.pdf
2019-04-13 18:19 - 2019-04-13 18:19 - 000064353 _____ C:\Users\Jon Kunkel\Documents\Blackhorse BD-5J Lindinger Invoice RK2214775[2753].pdf
2019-04-12 17:07 - 2019-04-24 17:26 - 000000077 _____ C:\WINDOWS\system32\Drivers\avgSP.sys.sum
2019-04-09 19:52 - 2019-04-09 19:52 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-09 19:52 - 2019-04-09 19:52 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-09 19:52 - 2019-04-09 19:52 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-09 19:52 - 2019-04-09 19:52 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-09 19:52 - 2019-04-09 19:52 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-09 19:52 - 2019-04-09 19:52 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-09 19:52 - 2019-04-09 19:52 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-09 19:52 - 2019-04-09 19:52 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-09 19:52 - 2019-04-09 19:52 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-09 19:52 - 2019-04-09 19:52 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-09 19:52 - 2019-04-09 19:52 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-04-09 19:52 - 2019-04-09 19:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-04-07 22:44 - 2019-04-07 22:44 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Local\Glance
2019-04-07 22:42 - 2019-04-14 08:54 - 000000000 ____D C:\Users\Jon Kunkel\Documents\TurboTax
2019-04-07 22:36 - 2019-04-07 23:23 - 000000469 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2019-04-07 22:36 - 2019-04-07 22:42 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Roaming\Intuit
2019-04-07 22:36 - 2019-04-07 22:36 - 000002547 _____ C:\Users\Public\Desktop\TurboTax 2018.lnk
2019-04-07 22:36 - 2019-04-07 22:36 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Local\IsolatedStorage
2019-04-07 22:36 - 2019-04-07 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2018
2019-04-07 22:35 - 2019-04-07 22:36 - 000000000 ____D C:\ProgramData\Intuit
2019-04-07 22:35 - 2019-04-07 22:35 - 000000000 ____D C:\Program Files (x86)\TurboTax
2019-04-03 20:14 - 2019-04-03 20:14 - 000001300 _____ C:\Users\Jon Kunkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom Player MAX.lnk
2019-04-01 11:29 - 2019-04-01 11:29 - 000503396 _____ C:\Users\Jon Kunkel\Documents\Full Time Schedule, March 31st to April 6th.zip
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-04-26 03:58 - 2019-03-09 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-26 03:58 - 2018-09-15 00:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-26 00:06 - 2019-03-09 08:31 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-26 00:06 - 2019-03-09 08:31 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-26 00:06 - 2019-03-09 08:31 - 000003056 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-04-26 00:06 - 2019-03-09 08:31 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1455080203-1993767787-3070024092-1002
2019-04-26 00:06 - 2019-03-09 08:31 - 000002280 _____ C:\WINDOWS\System32\Tasks\MSIGH_Host
2019-04-26 00:06 - 2019-03-09 08:31 - 000002222 _____ C:\WINDOWS\System32\Tasks\MSIOSDx86_Host
2019-04-26 00:06 - 2019-03-09 08:31 - 000002222 _____ C:\WINDOWS\System32\Tasks\MSIOSDx64_Host
2019-04-26 00:06 - 2019-03-09 08:31 - 000002206 _____ C:\WINDOWS\System32\Tasks\MSILEDKeeper_Host
2019-04-26 00:06 - 2019-03-09 08:31 - 000002148 _____ C:\WINDOWS\System32\Tasks\MSISW_Host
2019-04-26 00:06 - 2019-03-09 08:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-26 00:05 - 2018-12-07 08:19 - 000000000 ____D C:\ProgramData\Zoom Player
2019-04-24 17:35 - 2019-03-09 08:32 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-24 17:35 - 2018-09-15 00:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-24 17:34 - 2018-12-07 08:12 - 000000000 ____D C:\Program Files (x86)\AVG
2019-04-24 17:34 - 2018-12-07 08:11 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Local\Avg
2019-04-24 17:30 - 2019-03-09 08:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-24 17:27 - 2018-12-06 01:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-04-24 17:27 - 2018-09-14 23:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-24 17:26 - 2019-01-29 04:59 - 000254680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-04-24 17:26 - 2019-01-04 01:13 - 000320672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblog.sys
2019-04-24 17:26 - 2019-01-04 01:13 - 000196560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-04-24 17:26 - 2019-01-04 01:13 - 000058152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-04-24 17:26 - 2019-01-04 01:13 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000476824 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000205656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000166896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-04-24 17:26 - 2018-12-07 08:12 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-04-24 17:26 - 2018-09-15 00:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 16:54 - 2018-09-15 00:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-24 16:54 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-23 17:30 - 2018-12-08 04:34 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Local\CrashDumps
2019-04-23 15:24 - 2018-09-15 00:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-21 23:20 - 2018-12-08 04:41 - 000001154 _____ C:\Users\Jon Kunkel\Desktop\Zoom Player 2.lnk
2019-04-21 22:12 - 2019-03-09 08:22 - 000000000 ____D C:\Users\Jon Kunkel
2019-04-21 21:50 - 2018-12-07 08:02 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-04-20 05:51 - 2018-12-24 09:16 - 000000000 ____D C:\qtorrent downloads
2019-04-20 00:25 - 2018-12-24 09:14 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Roaming\qBittorrent
2019-04-14 20:37 - 2019-03-09 08:21 - 000276040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-14 20:35 - 2018-09-15 02:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-14 20:35 - 2018-09-15 00:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-14 20:35 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-14 20:35 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-14 20:35 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-14 20:35 - 2018-09-15 00:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-14 20:35 - 2018-09-14 23:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-14 08:41 - 2018-12-06 01:18 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Local\VirtualStore
2019-04-14 08:27 - 2018-12-09 06:33 - 000207344 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2019-04-14 08:21 - 2018-12-06 04:32 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-04-13 07:51 - 2018-12-06 01:20 - 000000000 ___RD C:\Users\Jon Kunkel\OneDrive
2019-04-13 07:50 - 2019-03-09 08:22 - 000002427 _____ C:\Users\Jon Kunkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-10 22:25 - 2018-12-06 23:31 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-10 22:25 - 2018-12-06 23:31 - 000002303 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-09 19:52 - 2018-12-06 01:05 - 000408534 __RSH C:\bootmgr
2019-04-09 19:49 - 2018-12-06 01:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-09 19:48 - 2018-12-06 01:32 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-07 21:59 - 2019-03-03 21:19 - 000000000 ____D C:\Users\Jon Kunkel\AppData\Local\ElevatedDiagnostics
2019-04-03 20:14 - 2019-02-07 05:14 - 000001154 _____ C:\Users\Jon Kunkel\Desktop\Zoom Player MAX.lnk
2019-04-01 11:02 - 2018-09-15 00:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 11:02 - 2018-09-15 00:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2018-12-14 18:40 - 2019-03-05 18:23 - 000014336 _____ () C:\Users\Jon Kunkel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================

 


  • 0

Advertisements

#2
iMacg3
Posted 27 April 2019 - 12:20 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi jlk69, Welcome to the Geeks To Go malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Do not run any fixes or tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you don't respond to your topic in 4 days, it will be closed.
    • If your topic is closed and you still need assistance, send any staff member a Private Message with a link to your topic.
  • If you have questions at any time during the cleanup, feel free to ask.
--------------------

CKScanner
  • Download CKScanner by askey127 and save it to your desktop.
  • Right-click CKScanner.exe and select Run as administrator.
  • When the tool opens click Search For Files.
  • When the cursor loading icon disappears, click Save List To File.
  • A message box will verify the file is saved. Please run the program only once.
  • The tool will create a log on your desktop called CKFiles.txt. Open it, then copy and paste its contents into your next reply.
-----------------------------------------------------------
  • Press the Windows Key + R. This will open the Run box.
  • Type cmd and press Ctrl + Shift + Enter.
  • In the command prompt, type slmgr -dli then hit Enter
  • A window will open after a few seconds. Take a screenshot of the window.
  • Next, type slmgr -xpr at the command prompt then hit Enter
  • A window will open after a few seconds. Take a screenshot of the window.
  • Attach both screenshots in your next reply.

  • 0

#3
jlk69
Posted 28 April 2019 - 09:21 PM

jlk69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\ubi soft\il-2 sturmovik forgotten battles\#sas\00_b-26_v2.2\3do\cockpit\b-26b-fgun\glashcracks.mat
c:\program files (x86)\ubi soft\il-2 sturmovik forgotten battles\#sas\cockpit\3do\cockpit\he-111h-2\glashcracks.tga
c:\program files (x86)\ubi soft\il-2 sturmovik forgotten battles\#sas\cockpit_dbw\3do\cockpit\tu-4\glashcracks.mat
c:\program files (x86)\ubi soft\il-2 sturmovik forgotten battles\#sas\cockpit_dbw\3do\cockpit\tu-4\glashcracks.tga
c:\qtorrent downloads\vp modpack installation files\vp_modpack\#sas\00_b-26_v2.2\3do\cockpit\b-26b-fgun\glashcracks.mat
c:\qtorrent downloads\vp modpack installation files\vp_modpack\#sas\cockpit\3do\cockpit\he-111h-2\glashcracks.tga
c:\qtorrent downloads\vp modpack installation files\vp_modpack\#sas\cockpit_dbw\3do\cockpit\tu-4\glashcracks.mat
c:\qtorrent downloads\vp modpack installation files\vp_modpack\#sas\cockpit_dbw\3do\cockpit\tu-4\glashcracks.tga
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.17763.1_none_ad6c66b207e8c478\ssh-keygen.exe
scanner sequence 3.ED.11.LONALZ
 ----- EOF ----- 
 
 added Windows Script Host  jpg files

Attached Thumbnails

  • Windows Script Host 2.jpg
  • Windows Script Host.jpg

Edited by jlk69, 29 April 2019 - 08:57 PM.

  • 0

#4
iMacg3
Posted 29 April 2019 - 09:08 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

To attach a file, click on More Reply Options > Attach Files. Select Browse, then the file(s) you want to attach.
  • 0

#5
jlk69
Posted 30 April 2019 - 11:04 PM

jlk69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts

Edited previous post.


  • 0

#6
iMacg3
Posted 01 May 2019 - 09:36 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Is your Operating System properly activated?
  • 0

#7
jlk69
Posted 01 May 2019 - 09:10 PM

jlk69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts

Not sure.


  • 0

#8
iMacg3
Posted 02 May 2019 - 09:18 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Did you purchase your computer with Windows preinstalled, or did you install Windows yourself?
  • 0

#9
jlk69
Posted 02 May 2019 - 11:43 AM

jlk69

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts

I installed it my self from a disk from a computer friend. I didn't think there was problem because i was able to update Windows 10 from Microsoft without any problems or messages.


  • 0

#10
iMacg3
Posted 03 May 2019 - 08:17 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

There is evidence that you are running an improperly licensed copy of Windows. Unfortunately, I won't be able to assist unless your copy of Windows is properly activated.

If you are unsure about whether the OS is properly activated, I suggest you talk to microsoft.

Click the Start button > type command prompt in the search box and press Enter > type slui.exe 4 (note the space... it should be there) and hit Enter.

Select an activation center near you, call, speak with a representative and explain what happened regarding the activation.

Come back and tell me how you got on. I cannot help you further until the machine is validated.
  • 0

#11
iMacg3
Posted 07 May 2019 - 07:08 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP