https://imgur.com/a/IFf8Gu3
I did a scan with hitman pro and found their was a malware named CLS-precomp.dll. I couldn't remove it though since my hitman pro license was expired. I had the same virus before but it went away 2 years ago and didn't show up on hitman pro
Avast and Malware bytes did not find anything however. I checked virus total and only 11/66 say it is harmful.
https://www.virustot...d6344/detection
Here is the farbar results
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by pahmadi (administrator) on POURIAPC (29-10-2018 18:15:09)
Running from C:\Users\pahmadi\Desktop
Loaded Profiles: pahmadi (Available Profiles: pahmadi)
Platform: Windows 10 Home Version 1803 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Failed to access process -> Memory Compression
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Tweaking.com) C:\Users\pahmadi\Desktop\WR_Tray_Icon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-12-10] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-20] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => E:\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3208992 2018-10-12] (Valve Corporation)
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [53208 2016-08-31] (AVAST Software)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-12-23] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-12-23] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX64.dll [2016-12-23] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-20] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-20] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-23] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-23] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX32.dll [2016-12-23] ()
Startup: C:\Users\pahmadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2016-02-02]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\pahmadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-12-13]
ShortcutTarget: MEGAsync.lnk -> C:\Users\pahmadi\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\pahmadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-12-24]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{69a5be69-089f-41a1-a58b-ce1fe64b399c}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-17] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-10-17] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-10-17] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-12-14] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\pahmadi\AppData\Roaming\Mozilla\Firefox\Profiles\avgppbx6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-12-14] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Extension: No Name - C:\Users\pahmadi\AppData\Roaming\Mozilla\Firefox\Profiles\avgppbx6.default\Extensions\
[email protected] [2018-03-07]
FF Extension: No Name - C:\Users\pahmadi\AppData\Roaming\Mozilla\Firefox\Profiles\avgppbx6.default\Extensions\
[email protected] [2018-04-26]
FF Extension: No Name - C:\Users\pahmadi\AppData\Roaming\Mozilla\Firefox\Profiles\avgppbx6.default\Extensions\
[email protected] [2018-06-22]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Slides) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (uBlock Origin) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-09-29]
CHR Extension: (Adblock for Youtube™) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2018-09-15]
CHR Extension: (Google Search) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Sheets) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (AdBlock) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-13]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-10]
CHR Extension: (Chrome Media Router) - C:\Users\pahmadi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-20] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-20] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-20] (AVAST Software)
S3 BcastDVRUserService; C:\Windows\System32\BcastDVRUserService.dll [1364992 2018-09-20] (Microsoft Corporation)
S3 BcastDVRUserService_2258f; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
S3 BcastDVRUserService_2258f; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
S3 BluetoothUserService; C:\Windows\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-11] (Microsoft Corporation)
S3 BluetoothUserService_2258f; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
S3 BluetoothUserService_2258f; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
S3 BTAGService; C:\Windows\System32\BTAGService.dll [514048 2018-04-11] (Microsoft Corporation)
S3 BthAvctpSvc; C:\Windows\System32\BthAvctpSvc.dll [395264 2018-04-11] (Microsoft Corporation)
R3 camsvc; C:\Windows\system32\CapabilityAccessManager.dll [266752 2018-06-15] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [453120 2018-04-11] (Microsoft Corporation)
R2 CDPUserSvc_2258f; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
R2 CDPUserSvc_2258f; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522520 2018-09-29] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\Windows\System32\Windows.Devices.Picker.dll [400896 2018-04-11] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-11] (Microsoft Corporation)
S3 DevicePickerUserSvc_2258f; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
S3 DevicePickerUserSvc_2258f; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
S3 DevicesFlowUserSvc; C:\Windows\System32\DevicesFlowBroker.dll [750080 2018-04-11] (Microsoft Corporation)
S3 DevicesFlowUserSvc_2258f; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
S3 DevicesFlowUserSvc_2258f; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
S3 diagsvc; C:\Windows\system32\DiagSvc.dll [219648 2018-04-11] (Microsoft Corporation)
R2 DusmSvc; C:\Windows\System32\dusmsvc.dll [356352 2018-04-11] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation)
S3 GraphicsPerfSvc; C:\Windows\System32\GraphicsPerfSvc.dll [90624 2018-04-11] (Microsoft Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [136512 2018-06-28] (SurfRight B.V.)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [61736 2018-08-02] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
S3 InstallService; C:\Windows\system32\InstallService.dll [1487360 2018-06-15] (Microsoft Corporation)
S3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-06-15] (Microsoft Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
S3 IpxlatCfgSvc; C:\Windows\System32\IpxlatCfg.dll [63488 2018-04-11] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
S3 LxpSvc; C:\Windows\System32\LanguageOverlayServer.dll [199680 2018-04-11] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 NaturalAuthentication; C:\Windows\System32\NaturalAuth.dll [824832 2018-04-11] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773328 2018-09-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [767016 2018-10-10] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [645328 2018-09-12] (NVIDIA Corporation)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2098528 2017-09-12] (Electronic Arts)
S3 PrintWorkflowUserSvc; C:\Windows\System32\PrintWorkflowService.dll [170496 2018-04-11] (Microsoft Corporation)
S3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-11] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_2258f; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
S3 PrintWorkflowUserSvc_2258f; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
S3 PushToInstall; C:\Windows\system32\PushToInstall.dll [262144 2018-07-13] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [153600 2018-04-11] (Microsoft Corporation)
R2 SecurityHealthService; C:\Windows\system32\SecurityHealthService.exe [760888 2018-07-14] (Microsoft Corporation)
R3 SEMgrSvc; C:\Windows\system32\SEMgrSvc.dll [1248768 2018-04-11] (Microsoft Corporation)
R2 SgrmBroker; C:\Windows\system32\SgrmBroker.exe [163336 2018-04-11] (Microsoft Corporation)
S3 SharedRealitySvc; C:\Windows\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-11] (Microsoft Corporation)
S3 spectrum; C:\Windows\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [176128 2018-04-11] (Microsoft Corporation)
R3 TokenBroker; C:\Windows\System32\TokenBroker.dll [1395200 2018-08-02] (Microsoft Corporation)
R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2018-08-02] (Microsoft Corporation)
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-11] (Microsoft Corporation)
S3 VacSvc; C:\Windows\System32\vac.dll [411256 2018-04-11] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [309760 2018-04-11] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [309760 2018-04-11] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\Windows\System32\WaaSMedicSvc.dll [392704 2018-08-09] (Microsoft Corporation)
S3 WarpJITSvc; C:\Windows\System32\Windows.WARP.JITService.dll [31744 2018-04-11] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WFDSConMgrSvc; C:\Windows\System32\wfdsconmgrsvc.dll [681984 2018-07-13] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation)
S3 wlpasvc; C:\Windows\System32\lpasvc.dll [1359360 2018-07-13] (Microsoft Corporation)
S3 WpcMonSvc; C:\Windows\System32\WpcDesktopMonSvc.dll [1456640 2018-06-08] (Microsoft Corporation)
S2 WpnUserService; C:\Windows\System32\WpnUserService.dll [96768 2018-04-11] (Microsoft Corporation)
R2 WpnUserService_2258f; C:\WINDOWS\system32\svchost.exe [51288 2018-04-11] (Microsoft Corporation)
R2 WpnUserService_2258f; C:\WINDOWS\SysWOW64\svchost.exe [44520 2018-04-11] (Microsoft Corporation)
S3 xbgm; C:\Windows\system32\xbgmsvc.exe [59512 2018-04-11] (Microsoft Corporation)
S3 XboxGipSvc; C:\Windows\System32\XboxGipSvc.dll [58880 2018-04-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [20480 2018-04-11] (Microsoft Corporation)
R1 afunix; C:\Windows\system32\drivers\afunix.sys [39424 2018-04-11] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [18432 2018-04-11] (Microsoft Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-20] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-20] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-20] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-20] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-20] (AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15360 2018-06-22] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-20] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-20] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-20] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-20] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-20] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-20] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-20] (AVAST Software)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533912 2018-04-11] (QLogic Corporation)
R1 bam; C:\Windows\System32\drivers\bam.sys [60320 2018-04-11] (Microsoft Corporation)
S3 bindflt; C:\Windows\system32\drivers\bindflt.sys [92056 2018-04-11] (Microsoft Corporation)
S0 bttflt; C:\Windows\System32\drivers\bttflt.sys [38304 2018-04-11] (Microsoft Corporation)
S3 CAD; C:\Windows\System32\drivers\CAD.sys [60320 2018-04-11] (Microsoft Corporation)
S0 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [321432 2018-04-11] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [1836952 2018-04-11] (Chelsio Communications)
R2 CldFlt; C:\Windows\System32\drivers\cldflt.sys [414720 2018-07-13] (Microsoft Corporation)
S3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [595456 2014-09-19] (C-MEDIA)
R3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [54272 2018-04-11] (Microsoft Corp.)
R3 ElcMouLFlt; C:\Windows\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
R3 ElcMouUFlt; C:\Windows\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
S4 hvcrash; C:\Windows\System32\drivers\hvcrash.sys [33184 2018-04-11] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [76088 2018-09-20] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2017-12-28] (REALiX)
S3 HwNClx0101; C:\Windows\System32\Drivers\mshwnclx.sys [27136 2018-04-11] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [36864 2018-04-11] (Intel® Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-11] (Intel Corporation)
S3 iaLPSS2i_GPIO2_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-11] (Intel Corporation)
S3 iaLPSS2i_I2C_BXT_P; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-11] (Intel Corporation)
S0 iaStorAVC; C:\Windows\System32\drivers\iaStorAVC.sys [885144 2018-04-11] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [38912 2018-04-11] (Microsoft Corporation)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [126584 2017-08-21] (Intel Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [58272 2018-04-11] (Microsoft Corporation)
S3 IPT; C:\Windows\System32\drivers\ipt.sys [32256 2018-04-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-05-27] ()
S0 ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [145816 2018-04-11] (Avago Technologies)
S3 mausbhost; C:\Windows\System32\drivers\mausbhost.sys [505240 2018-04-11] (Microsoft Corporation)
S3 mausbip; C:\Windows\System32\drivers\mausbip.sys [56736 2018-04-11] (Microsoft Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2018-10-29] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [75160 2018-04-11] (Avago Technologies)
S0 megasas35i; C:\Windows\System32\drivers\megasas35i.sys [82328 2018-04-11] (Avago Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [175104 2018-04-11] (Microsoft Corporation)
S3 nvdimm; C:\Windows\System32\drivers\nvdimm.sys [104448 2018-04-11] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a5e9eb9bc021c27a\nvlddmkm.sys [20337080 2018-10-11] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-06-07] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58776 2018-04-11] (Avago Technologies)
S3 pmem; C:\Windows\System32\drivers\pmem.sys [105984 2018-04-11] (Microsoft Corporation)
S0 Ramdisk; C:\Windows\System32\DRIVERS\ramdisk.sys [39840 2018-04-11] (Microsoft Corporation)
S3 rhproxy; C:\Windows\System32\drivers\rhproxy.sys [104448 2018-04-11] (Microsoft Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [128920 2018-08-02] (Microsoft Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [33176 2018-04-11] (Microsoft Corporation)
R0 SgrmAgent; C:\Windows\System32\drivers\SgrmAgent.sys [63896 2018-04-11] (Microsoft Corporation)
S3 SpatialGraphFilter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [57752 2018-04-12] (Microsoft Corporation)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-11] (Microsoft Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-09-13] (Oracle Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2018-08-02] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16288 2018-04-11] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [151960 2018-04-11] (Microsoft Corporation)
S3 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [82944 2018-04-11] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\Windows\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [227840 2018-07-13] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\Windows\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: InstallService -> C:\Windows\system32\InstallService.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: PushToInstall -> C:\Windows\system32\PushToInstall.dll (Microsoft Corporation)
NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation)
NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation)
NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-28 19:25 - 2018-10-28 19:25 - 00000000 ____D C:\Users\pahmadi\AppData\Roaming\Arrowhead
2018-10-28 19:21 - 2018-10-28 19:21 - 00000218 _____ C:\Users\pahmadi\AppData\Local\recently-used.xbel
2018-10-28 19:14 - 2018-10-28 19:14 - 00000787 _____ C:\Users\Public\Desktop\Helldivers.lnk
2018-10-28 19:14 - 2018-10-28 19:14 - 00000787 _____ C:\Users\Public\Desktop\Helldivers (x86).lnk
2018-10-28 15:59 - 2018-10-28 15:59 - 00000000 ____D C:\Users\pahmadi\AppData\LocalLow\Team17
2018-10-28 15:28 - 2018-10-28 15:28 - 00000547 _____ C:\Users\Public\Desktop\Overcooked! 2.lnk
2018-10-24 11:52 - 2018-10-24 11:52 - 00000000 ____D C:\Users\pahmadi\AppData\Local\SoulcaliburVI
2018-10-23 21:38 - 2018-10-23 21:38 - 00000949 _____ C:\Users\Public\Desktop\SoulCalibur 6.lnk
2018-10-20 15:51 - 2018-10-20 15:51 - 00000000 ____D C:\ProgramData\Brother
2018-10-20 12:08 - 2018-10-20 12:08 - 00378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-20 12:08 - 2018-10-20 12:08 - 00042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-12 13:08 - 2018-10-11 18:34 - 00978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-12 13:08 - 2018-10-11 18:34 - 00978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-12 13:08 - 2018-10-11 18:34 - 00845192 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-12 13:08 - 2018-10-11 18:34 - 00845192 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-12 13:08 - 2018-10-11 18:34 - 00268168 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-12 13:08 - 2018-10-11 18:34 - 00268168 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-12 13:08 - 2018-10-11 18:34 - 00243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-12 13:08 - 2018-10-11 18:34 - 00243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-12 13:08 - 2018-10-11 18:33 - 40254320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 04938152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 04310792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 02017888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441634.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 01997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 01508104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 01468456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441634.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 01455576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 01122672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 00750448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 00631704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 00608680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-10-12 13:08 - 2018-10-11 18:33 - 00522200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-12 13:08 - 2018-10-11 18:32 - 35152136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 35298272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 29973592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 15907400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 13203056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 01471584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 01462376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 01167568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 01152152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 01145704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 00914752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 00822744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 00794608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-10-12 13:08 - 2018-10-11 18:31 - 00637648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-10-12 13:08 - 2018-10-11 18:30 - 19705920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-12 13:08 - 2018-10-11 18:30 - 16985016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-12 13:08 - 2018-10-11 03:19 - 00047576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-10-10 12:31 - 2018-09-21 05:18 - 21386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 12:31 - 2018-09-21 05:01 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 12:31 - 2018-09-21 04:22 - 20381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 12:31 - 2018-09-21 04:12 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 12:31 - 2018-09-21 00:14 - 00661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 12:31 - 2018-09-21 00:13 - 00480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 12:31 - 2018-09-21 00:12 - 01035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 12:31 - 2018-09-21 00:11 - 00753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 12:31 - 2018-09-21 00:09 - 04790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 12:31 - 2018-09-21 00:09 - 02253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 12:31 - 2018-09-21 00:09 - 01427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 12:31 - 2018-09-21 00:09 - 01062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 12:31 - 2018-09-21 00:09 - 00129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 12:31 - 2018-09-21 00:08 - 04404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 12:31 - 2018-09-21 00:08 - 02765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 12:31 - 2018-09-21 00:08 - 01566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 12:31 - 2018-09-21 00:08 - 01456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 12:31 - 2018-09-21 00:08 - 01257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 12:31 - 2018-09-21 00:08 - 01140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 12:31 - 2018-09-21 00:08 - 00982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 12:31 - 2018-09-21 00:08 - 00709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 12:31 - 2018-09-21 00:08 - 00261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 12:31 - 2018-09-21 00:08 - 00170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 12:31 - 2018-09-21 00:07 - 00604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 12:31 - 2018-09-20 23:58 - 05307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 12:31 - 2018-09-20 23:57 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 12:31 - 2018-09-20 23:57 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 12:31 - 2018-09-20 23:56 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 12:31 - 2018-09-20 23:54 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 12:31 - 2018-09-20 23:53 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 12:31 - 2018-09-20 23:43 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 12:31 - 2018-09-20 23:42 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 12:31 - 2018-09-20 23:41 - 03396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 12:31 - 2018-09-20 23:40 - 02368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 12:31 - 2018-09-20 23:39 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 12:31 - 2018-09-20 23:39 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 12:31 - 2018-09-20 23:39 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 12:31 - 2018-09-20 23:39 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 12:31 - 2018-09-20 23:38 - 02172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 12:31 - 2018-09-20 23:38 - 01551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 12:31 - 2018-09-20 23:37 - 02904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 12:31 - 2018-09-20 23:37 - 02236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 12:31 - 2018-09-20 23:37 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 12:31 - 2018-09-20 23:37 - 00604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 12:31 - 2018-09-20 23:36 - 01159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 12:31 - 2018-09-20 23:36 - 01034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 12:31 - 2018-09-20 23:36 - 00932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 12:31 - 2018-09-20 23:36 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 12:31 - 2018-09-20 23:36 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 12:31 - 2018-09-20 05:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 12:31 - 2018-09-20 05:37 - 01634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 12:31 - 2018-09-20 05:23 - 06602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 12:31 - 2018-09-20 05:22 - 13572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 12:31 - 2018-09-20 05:19 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 12:31 - 2018-09-20 05:18 - 03649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 12:31 - 2018-09-20 05:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 12:31 - 2018-09-20 05:17 - 02874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 12:31 - 2018-09-20 05:17 - 01856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 12:31 - 2018-09-20 05:17 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 12:31 - 2018-09-20 05:16 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 12:31 - 2018-09-20 04:46 - 01454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 12:31 - 2018-09-20 04:35 - 05669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 12:31 - 2018-09-20 04:34 - 12500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 12:31 - 2018-09-20 04:30 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 12:31 - 2018-09-20 04:29 - 02891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 12:31 - 2018-09-20 04:29 - 02824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 12:31 - 2018-09-20 04:29 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 12:31 - 2018-09-20 04:28 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 12:31 - 2018-09-20 02:43 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 12:31 - 2018-09-20 01:52 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 12:31 - 2018-09-20 00:29 - 06569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 12:31 - 2018-09-20 00:29 - 06039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 12:31 - 2018-09-20 00:29 - 01989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 12:31 - 2018-09-20 00:29 - 01513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 12:31 - 2018-09-20 00:29 - 00357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 12:31 - 2018-09-20 00:28 - 01129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 12:31 - 2018-09-20 00:28 - 00581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 12:31 - 2018-09-20 00:28 - 00567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 12:31 - 2018-09-20 00:21 - 22013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 12:31 - 2018-09-20 00:17 - 06661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 12:31 - 2018-09-20 00:15 - 19404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 12:31 - 2018-09-20 00:13 - 03711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 12:31 - 2018-09-20 00:12 - 00272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 12:31 - 2018-09-20 00:12 - 00269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 12:31 - 2018-09-20 00:11 - 05777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 12:31 - 2018-09-20 00:11 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 12:31 - 2018-09-20 00:11 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 12:31 - 2018-09-20 00:11 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 12:31 - 2018-09-20 00:11 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 12:31 - 2018-09-20 00:10 - 02719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 12:31 - 2018-09-20 00:10 - 01221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 12:31 - 2018-09-20 00:10 - 01029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 12:31 - 2018-09-20 00:10 - 00566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 12:31 - 2018-09-20 00:10 - 00500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 12:31 - 2018-09-20 00:10 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 12:31 - 2018-09-20 00:10 - 00134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 12:31 - 2018-09-20 00:10 - 00076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 12:31 - 2018-09-20 00:09 - 09089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 12:31 - 2018-09-20 00:09 - 07520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 07432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 02825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 12:31 - 2018-09-20 00:09 - 02462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 02421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 12:31 - 2018-09-20 00:09 - 01767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 01540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 01097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 00885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 12:31 - 2018-09-20 00:09 - 00713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 12:31 - 2018-09-20 00:09 - 00412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 12:31 - 2018-09-20 00:08 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 12:31 - 2018-09-20 00:08 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 12:31 - 2018-09-19 23:53 - 25851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 12:31 - 2018-09-19 23:46 - 22715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 12:31 - 2018-09-19 23:44 - 08188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 12:31 - 2018-09-19 23:44 - 04383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 12:31 - 2018-09-19 23:43 - 00052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 12:31 - 2018-09-19 23:42 - 04866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 12:31 - 2018-09-19 23:42 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 12:31 - 2018-09-19 23:42 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 12:31 - 2018-09-19 23:41 - 07577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 12:31 - 2018-09-19 23:41 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 12:31 - 2018-09-19 23:41 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 12:31 - 2018-09-19 23:41 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 12:31 - 2018-09-19 23:41 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 12:31 - 2018-09-19 23:40 - 03090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 12:31 - 2018-09-19 23:40 - 00808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 12:31 - 2018-09-19 23:40 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 12:31 - 2018-09-19 23:38 - 01724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 12:31 - 2018-09-19 23:38 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 12:31 - 2018-09-19 23:37 - 04615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 12:31 - 2018-09-19 23:37 - 01804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 12:31 - 2018-09-19 23:36 - 01375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 12:31 - 2018-09-19 22:21 - 00001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 12:31 - 2018-09-19 21:28 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 12:31 - 2018-09-08 04:12 - 00452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 12:31 - 2018-09-08 04:07 - 02868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 12:31 - 2018-09-08 04:07 - 01610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 12:31 - 2018-09-08 04:07 - 00792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 12:31 - 2018-09-08 04:07 - 00689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 12:31 - 2018-09-08 04:07 - 00612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 12:31 - 2018-09-08 04:07 - 00309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 12:31 - 2018-09-08 04:07 - 00144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 12:31 - 2018-09-08 04:07 - 00069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 12:31 - 2018-09-08 04:02 - 00645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 12:31 - 2018-09-08 04:02 - 00540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 12:31 - 2018-09-08 03:58 - 01639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 12:31 - 2018-09-08 03:58 - 01520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 12:31 - 2018-09-08 03:57 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 12:31 - 2018-09-08 03:44 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 12:31 - 2018-09-08 03:43 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 12:31 - 2018-09-08 03:43 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 12:31 - 2018-09-08 03:42 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 12:31 - 2018-09-08 03:42 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 12:31 - 2018-09-08 03:42 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 12:31 - 2018-09-08 03:42 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 12:31 - 2018-09-08 03:41 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 12:31 - 2018-09-08 03:40 - 01724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 12:31 - 2018-09-08 03:40 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 12:31 - 2018-09-08 03:40 - 00593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 12:31 - 2018-09-08 03:40 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 12:31 - 2018-09-08 03:40 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 12:31 - 2018-09-08 03:40 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 12:31 - 2018-09-08 03:39 - 05505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 12:31 - 2018-09-08 03:39 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 12:31 - 2018-09-08 03:39 - 01787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 12:31 - 2018-09-08 03:39 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 12:31 - 2018-09-08 03:38 - 01288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 12:31 - 2018-09-08 03:38 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 12:31 - 2018-09-08 03:38 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 12:31 - 2018-09-08 03:38 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 12:31 - 2018-09-08 03:38 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 12:31 - 2018-09-08 03:37 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 12:31 - 2018-09-08 03:16 - 00482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 12:31 - 2018-09-08 03:14 - 01328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 12:31 - 2018-09-08 03:13 - 01626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 12:31 - 2018-09-08 03:13 - 00181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 12:31 - 2018-09-08 03:03 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 12:31 - 2018-09-08 03:03 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 12:31 - 2018-09-08 03:02 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 12:31 - 2018-09-08 03:00 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 12:31 - 2018-09-08 02:59 - 01530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 12:31 - 2018-09-08 02:59 - 01452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 12:31 - 2018-09-08 02:59 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 12:31 - 2018-09-08 02:59 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 12:31 - 2018-09-08 02:58 - 01308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 12:31 - 2018-09-08 02:58 - 00897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 12:31 - 2018-09-08 02:58 - 00775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 12:31 - 2018-09-08 02:57 - 05391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 12:31 - 2018-09-08 02:57 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 12:31 - 2018-09-08 02:57 - 00423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 12:31 - 2018-09-08 02:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 12:31 - 2018-09-08 02:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 12:31 - 2018-09-08 00:08 - 00462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 12:31 - 2018-09-07 23:59 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 12:31 - 2018-09-07 23:59 - 00361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 12:31 - 2018-09-07 23:58 - 00744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 12:31 - 2018-09-07 23:58 - 00376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 12:31 - 2018-09-07 23:58 - 00368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 12:31 - 2018-09-07 23:57 - 02571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 12:31 - 2018-09-07 23:57 - 01016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 12:31 - 2018-09-07 23:57 - 00930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 12:31 - 2018-09-07 23:57 - 00482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 12:31 - 2018-09-07 23:57 - 00368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 12:31 - 2018-09-07 23:57 - 00267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 12:31 - 2018-09-07 23:51 - 00380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 12:31 - 2018-09-07 23:45 - 00295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 12:31 - 2018-09-07 23:45 - 00286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 12:31 - 2018-09-07 23:44 - 01980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 12:31 - 2018-09-07 23:44 - 00829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 12:31 - 2018-09-07 23:43 - 01174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 12:31 - 2018-09-07 23:43 - 00269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 12:31 - 2018-09-07 23:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 12:31 - 2018-09-07 23:31 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 12:31 - 2018-09-07 23:31 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 12:31 - 2018-09-07 23:30 - 03601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 12:31 - 2018-09-07 23:30 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 12:31 - 2018-09-07 23:30 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 12:31 - 2018-09-07 23:30 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 12:31 - 2018-09-07 23:30 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 12:31 - 2018-09-07 23:29 - 04771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 12:31 - 2018-09-07 23:29 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 12:31 - 2018-09-07 23:29 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 12:31 - 2018-09-07 23:29 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 12:31 - 2018-09-07 23:29 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 12:31 - 2018-09-07 23:28 - 00481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 12:31 - 2018-09-07 23:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 12:31 - 2018-09-07 23:28 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 12:31 - 2018-09-07 23:28 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 12:31 - 2018-09-07 23:28 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 12:31 - 2018-09-07 23:27 - 03348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 12:31 - 2018-09-07 23:27 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 12:31 - 2018-09-07 23:27 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 12:31 - 2018-09-07 23:27 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 12:31 - 2018-09-07 23:27 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 12:31 - 2018-09-07 23:27 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 02328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 12:31 - 2018-09-07 23:26 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 12:31 - 2018-09-07 23:25 - 03553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 12:31 - 2018-09-07 23:25 - 02789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 12:31 - 2018-09-07 23:25 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 12:31 - 2018-09-07 23:25 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 12:31 - 2018-09-07 23:25 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 12:31 - 2018-09-07 23:25 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 12:31 - 2018-09-07 23:24 - 01457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 12:31 - 2018-09-07 23:24 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 12:31 - 2018-09-07 23:24 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 12:31 - 2018-09-07 23:24 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 12:31 - 2018-09-07 23:23 - 01655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 12:31 - 2018-09-07 23:23 - 00807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 12:31 - 2018-09-07 23:23 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 12:31 - 2018-09-07 23:23 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-10 12:31 - 2018-09-07 23:22 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-06 20:40 - 2018-10-06 20:40 - 00000000 ____D C:\Users\pahmadi\Documents\WWE2K19
2018-10-06 20:39 - 2018-10-06 20:39 - 00000700 _____ C:\Users\pahmadi\Desktop\WWE 2K19.lnk
2018-10-06 20:39 - 2018-10-06 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WWE 2K19
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-29 18:15 - 2016-04-20 11:28 - 00042879 _____ C:\Users\pahmadi\Desktop\FRST.txt
2018-10-29 18:15 - 2016-04-20 11:27 - 00000000 ____D C:\FRST
2018-10-29 18:10 - 2018-06-09 15:25 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EDA24C7D-A729-4B38-AE7D-A3D379BB6853}
2018-10-29 17:52 - 2018-04-11 19:38 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-29 16:04 - 2018-08-08 11:55 - 00003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-08-08 11:55 - 00003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-08-08 11:55 - 00003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-08-08 11:55 - 00003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-08-08 11:55 - 00002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-06-09 15:25 - 00003752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-29 16:04 - 2018-06-09 15:25 - 00003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-06-09 15:25 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-29 16:04 - 2018-06-09 15:25 - 00003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-10-29 16:04 - 2018-06-09 15:25 - 00003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-06-09 15:25 - 00003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-29 16:04 - 2018-06-09 15:25 - 00002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-29 16:04 - 2018-06-09 15:25 - 00002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-06-09 15:25 - 00002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-06-09 15:25 - 00002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3840187337-3860288294-2545479360-1001
2018-10-29 16:04 - 2018-06-09 15:25 - 00002852 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2018-10-29 16:04 - 2018-06-09 15:25 - 00002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-06-09 15:25 - 00002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-29 16:04 - 2018-06-09 15:25 - 00002446 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1452366284
2018-10-29 16:04 - 2018-06-09 15:25 - 00002434 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2018-10-29 16:04 - 2018-06-09 15:25 - 00002376 _____ C:\WINDOWS\System32\Tasks\{394C945B-1D25-4C06-9BC8-E602C092BE8D}
2018-10-29 16:04 - 2018-06-09 15:25 - 00002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-10-29 16:04 - 2018-06-09 15:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-10-29 14:02 - 2017-11-30 22:28 - 00000000 ____D C:\Users\pahmadi\AppData\Local\Packages
2018-10-29 12:25 - 2017-07-05 22:20 - 00000000 ____D C:\ProgramData\NVIDIA
2018-10-29 11:49 - 2018-06-09 15:24 - 00840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-29 11:49 - 2018-04-11 19:36 - 00000000 ____D C:\WINDOWS\INF
2018-10-29 11:42 - 2018-06-09 15:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-29 11:42 - 2018-04-11 19:38 - 00000000 ____D C:\WINDOWS\AppReadiness
2018-10-29 11:42 - 2016-01-01 14:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2018-10-29 02:46 - 2018-04-11 17:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-29 00:49 - 2018-06-09 15:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-28 20:09 - 2015-12-29 15:25 - 00000000 ____D C:\Users\pahmadi\AppData\Local\CrashDumps
2018-10-28 20:09 - 2015-12-10 23:36 - 00000000 ____D C:\Program Files (x86)\Steam
2018-10-28 12:26 - 2018-04-11 19:38 - 00000000 ___HD C:\Program Files\WindowsApps
2018-10-26 12:28 - 2018-06-23 22:20 - 00000000 ____D C:\Users\pahmadi\AppData\Local\AVAST Software
2018-10-23 18:31 - 2018-06-09 15:25 - 00004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-22 18:24 - 2018-07-09 20:32 - 00000000 ____D C:\ProgramData\Packages
2018-10-21 19:41 - 2015-12-10 23:04 - 00000000 ____D C:\Users\pahmadi\AppData\Local\NVIDIA
2018-10-20 12:08 - 2018-06-08 13:14 - 01028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-20 12:08 - 2018-06-08 13:14 - 00047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-20 12:08 - 2018-04-11 19:38 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-20 12:08 - 2017-12-21 16:46 - 00185240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-10-19 18:06 - 2018-06-09 15:20 - 00002373 _____ C:\Users\pahmadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-19 18:06 - 2016-01-30 00:31 - 00000000 ___RD C:\Users\pahmadi\OneDrive
2018-10-17 12:35 - 2016-01-30 00:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-13 14:57 - 2018-06-23 22:18 - 00000000 ____D C:\WINDOWS\Minidump
2018-10-12 13:09 - 2017-07-05 22:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-12 13:09 - 2017-07-05 22:20 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-12 13:02 - 2017-07-05 22:20 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-12 13:02 - 2016-10-08 14:35 - 00001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-12 13:02 - 2015-12-10 23:21 - 00000000 ____D C:\Users\pahmadi\AppData\Local\NVIDIA Corporation
2018-10-11 18:30 - 2018-05-13 11:07 - 04990192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-10-11 18:30 - 2018-05-13 11:07 - 04249728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-11 11:43 - 2018-06-09 15:19 - 00404656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-11 11:43 - 2017-11-30 22:44 - 00000000 ___RD C:\Users\pahmadi\3D Objects
2018-10-11 11:43 - 2016-04-02 23:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2018-10-11 03:19 - 2018-05-13 11:07 - 01685104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-10-11 03:19 - 2018-05-13 11:07 - 00227856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-10-11 03:19 - 2018-05-13 11:07 - 00048056 _____ C:\WINDOWS\system32\nvinfo.pb
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\zu-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\yo-NG
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\xh-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\wo-SN
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\tn-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\ti-ET
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\rw-RW
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\nso-ZA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\ig-NG
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-10-11 02:37 - 2018-04-12 05:19 - 00000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-10-11 02:37 - 2018-04-11 19:38 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-11 02:37 - 2018-04-11 19:38 - 00000000 ___RD C:\Program Files\Windows Defender
2018-10-11 02:37 - 2018-04-11 19:38 - 00000000 ____D C:\WINDOWS\TextInput
2018-10-11 02:37 - 2018-04-11 19:38 - 00000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-11 02:37 - 2018-04-11 19:38 - 00000000 ____D C:\WINDOWS\bcastdvr
2018-10-11 02:37 - 2018-04-11 19:38 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-10 19:10 - 2017-07-05 22:20 - 05939056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-10-10 19:10 - 2017-07-05 22:20 - 02611696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-10-10 19:09 - 2017-07-05 22:20 - 01767816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-10-10 19:09 - 2017-07-05 22:20 - 00635704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-10-10 19:09 - 2017-07-05 22:20 - 00450416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-10-10 19:09 - 2017-07-05 22:20 - 00124400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-10-10 19:09 - 2017-07-05 22:20 - 00083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-10-10 18:37 - 2017-07-05 22:20 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-10-10 12:33 - 2018-04-11 19:30 - 00000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 12:33 - 2015-12-13 18:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 12:32 - 2015-12-13 18:58 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-09 13:01 - 2018-04-11 19:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-09 13:01 - 2018-04-11 19:38 - 00000000 ____D C:\WINDOWS\system32\Macromed
2018-10-08 05:08 - 2017-07-05 22:20 - 08379002 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-10-08 02:57 - 2018-06-09 15:20 - 00000000 ____D C:\Users\pahmadi
2018-10-02 16:13 - 2018-04-11 19:41 - 00835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 16:13 - 2018-04-11 19:41 - 00179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-12-10 23:50 - 2015-12-23 20:29 - 1065984 _____ () C:\Users\pahmadi\AppData\Local\file__0.localstorage
2018-10-28 19:21 - 2018-10-28 19:21 - 0000218 _____ () C:\Users\pahmadi\AppData\Local\recently-used.xbel
2016-08-08 21:32 - 2016-08-08 21:32 - 0007605 _____ () C:\Users\pahmadi\AppData\Local\Resmon.ResmonCfg
2017-07-05 22:20 - 2017-07-05 22:20 - 0000000 _____ () C:\ProgramData\DP45977C.lfl
2016-12-26 02:30 - 2017-03-09 15:30 - 0005943 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-26 02:30 - 2017-03-09 02:16 - 0008442 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-09 15:19
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by pahmadi (2018-10-29 18:15:33)
Running from C:\Users\pahmadi\Desktop
Windows 10 Home Version 1803 (X64) (2018-06-09 19:25:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3840187337-3860288294-2545479360-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3840187337-3860288294-2545479360-503 - Limited - Disabled)
Guest (S-1-5-21-3840187337-3860288294-2545479360-501 - Limited - Disabled)
pahmadi (S-1-5-21-3840187337-3860288294-2545479360-1001 - Administrator - Enabled) => C:\Users\pahmadi
WDAGUtilityAccount (S-1-5-21-3840187337-3860288294-2545479360-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Atom (HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\atom) (Version: 1.23.3 - GitHub Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Batman: The Enemy Within (HKLM-x32\...\Batman: The Enemy Within_is1) (Version: - )
Bayonetta (HKLM-x32\...\Bayonetta_is1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - )
Deluge 1.3.12 (HKLM-x32\...\Deluge) (Version: - )
DisplayDriverAnalyzer (Version: 416.34 - NVIDIA Corporation) Hidden
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Dragon Ball FighterZ (HKLM-x32\...\Dragon Ball FighterZ_is1) (Version: - )
Dragon Ball: Xenoverse 2 (HKLM-x32\...\Dragon Ball: Xenoverse 2_is1) (Version: - )
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.17 - Google Inc.) Hidden
Hellblade: Senua's Sacrifice (HKLM-x32\...\Hellblade: Senua's Sacrifice_is1) (Version: - )
Helldivers (HKLM-x32\...\Helldivers_is1) (Version: - )
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
HWiNFO64 Version 5.70 (HKLM\...\HWiNFO64_is1) (Version: 5.70 - Martin Malík - REALiX)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel® Chipset Device Software (x32 Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{3CC1CC76-AB3A-4360-AB6F-1355D05A2A17}) (Version: 5.0.10.2907 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6230EE50-BD4E-4B39-904D-3E7600053E08}) (Version: 6.2.1 - Intel Corporation)
iTunes (HKLM\...\{36F365B3-05C2-455D-9D96-B73829DE046D}) (Version: 12.8.0.150 - Apple Inc.)
Life is Strange: Complete Season 1 (HKLM-x32\...\Life is Strange: Complete Season 1_is1) (Version: - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect 3.Deluxe Edition.v 1.5.5427.124 + 14 DLC (HKLM-x32\...\Mass Effect 3.Deluxe Edition.v 1.5.5427.124 + 14 DLC_is1) (Version: Mass Effect 3.Deluxe Edition.v 1.5.5427.124 + 14 DLC - Repack by Fenixx (09.03.2013))
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Middle-Earth: Shadow of War (HKLM-x32\...\Middle-Earth: Shadow of War_is1) (Version: - )
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NBA 2K19 (HKLM-x32\...\NBA 2K19_is1) (Version: - )
NieR: Automata - LOSSLESS Videos (HKLM-x32\...\NieR: Automata - LOSSLESS Videos_is1) (Version: - )
NieR: Automata (HKLM-x32\...\NieR: Automata_is1) (Version: - )
Nioh Complete Edition (HKLM-x32\...\Nioh Complete Edition_is1) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Graphics Driver 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.34 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 359.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Oracle VM VirtualBox 5.1.28 (HKLM\...\{11BAF690-37C7-4A56-B518-3696BD15592F}) (Version: 5.1.28 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Overcooked! 2 (HKLM-x32\...\Overcooked! 2_is1) (Version: - )
Pro Evolution Soccer 2018 (HKLM-x32\...\{9C9C432B-A926-42D1-B16D-6C566431AC59}_is1) (Version: - Konami)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.40.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
SafeZone Stable 1.46.1990.139 (x32 Version: 1.46.1990.139 - Avast Software) Hidden
Self-service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
SoulCalibur 6 (HKLM-x32\...\SoulCalibur 6_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales from the Borderlands: Episodes 1-5 (HKLM-x32\...\Tales from the Borderland: Episodes 1-5_is1) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Wolf Among Us (HKLM-x32\...\1432213513_is1) (Version: 2.0.0.1 - GOG.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.8.6 - Tweaking.com)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
WWE 2K19 (HKLM-x32\...\WWE 2K19_is1) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001_Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\localserver32 -> C:\Users\pahmadi\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001_Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\localserver32 -> C:\Users\pahmadi\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\pahmadi\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001_Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\localserver32 -> C:\Users\pahmadi\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\pahmadi\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001_Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\localserver32 -> C:\Users\pahmadi\AppData\Local\Microsoft\OneDrive\18.172.0826.0010\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {014E1920-4586-4389-8A0B-04EC535398E2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {042D8A51-5878-4000-9C10-C04AFF122A1F} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {04B3E894-DE5B-4C4A-9AA7-CA8F7CE43583} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\Windows\system32\ProvTool.exe [2018-04-11] (Microsoft Corporation)
Task: {04F9E96B-D4D9-4B81-93F7-848875C79866} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-17] (Microsoft Corporation)
Task: {061CDAE0-38D8-4222-AAB4-ED155DC99C57} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {0A98226E-7D43-42E6-95BD-F64873D18F26} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {0C273B67-9392-461A-BC3D-1909AA01B2A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {1A3AA77B-A047-4E7B-A823-CE7EA658195D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-10] (Google Inc.)
Task: {1BE936D4-EE40-4F04-84E0-18FFD27C0A6A} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\Windows\system32\bcdboot.exe [2018-04-11] (Microsoft Corporation)
Task: {20301EF5-5634-4ABE-B168-990F137FFD01} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2231CAFE-FABE-41F5-A0B3-842D9319DBF9} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-08] (Microsoft Corporation)
Task: {2922DB6B-776C-41A7-B09E-A6CAB9CF629D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-12] (NVIDIA Corporation)
Task: {293ECE89-1EE4-481A-AE73-CE2D69592DAC} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Users\pahmadi\Desktop\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {294EF281-56B6-4F71-8115-BAC2919EF034} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {29F3A47A-C0DC-48D8-ACAF-89413EE0731D} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\Windows\System32\UNP\UpdateNotificationMgr.exe [2018-07-14] (Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {2DBD790D-172A-4CFA-B3F7-824D7509680F} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {368FF31E-760A-41E5-B48F-2470EF56E406} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-17] (Microsoft Corporation)
Task: {3CD39E67-7F9E-4E33-9BE6-FBCF523C57FD} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\Windows\system32\Notifier.exe
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4A91BA27-1909-4672-8049-F7CD5F656475} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4C70FA69-40CA-428B-940C-0F76DB4BCFC8} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {4FAEC614-0EDF-4870-BEE4-596F3420258F} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\Windows\system32\ClipRenew.exe [2018-04-12] (Microsoft Corporation)
Task: {51D31EBF-545E-411D-A21A-CB34004CC384} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh
Task: {52AA92AD-C352-4470-B7CD-E30E3EC6A8CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {577C3956-E492-42A5-AEFB-FDC54A537C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {57A7E0DF-F70E-43B1-AA2C-5BA67DBBE753} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {5C21CA87-76E5-474D-BCCF-F2E649371432} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {5C8C3341-6469-4269-95F0-B4E38CFCE000} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {5DB4FD20-4FF2-4C58-9801-ADD6F0149633} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task
Task: {62331915-A3E9-4B6E-9686-86034377E8CF} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications
Task: {6268AB70-2263-4261-BB35-D9F3646F317F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {63C5AB24-A478-41C7-B697-04EB611F56DA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {671C8C2A-8F79-427E-A82D-800981ABC7AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {6DE4F7DC-0B8D-404A-A6C9-83241658F8CA} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2018-06-08] (Microsoft Corporation)
Task: {6FE5844E-AFF1-494E-B989-662630E40EBB} - System32\Tasks\{394C945B-1D25-4C06-9BC8-E602C092BE8D} => pcalua.exe -a "C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServiceUninstaller.exe" -c -u "webfas-79f28e00@@WEBFAS.SPSS 23"
Task: {7138D0D3-1873-4A77-86CF-4840F491C90F} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2018-04-11] (Microsoft Corporation)
Task: {749E286C-C205-4C7C-B742-BE5023BF06DE} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {7EAE5A6B-00F4-4B9F-A255-E1C163B587A1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {800BEC19-4497-4DFC-A8D0-D4BDE81CB324} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-12] (NVIDIA Corporation)
Task: {814AE886-3A44-4986-8FAC-85D409ACB93A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {87169BD9-2A8C-40A2-AA18-2EBF4E97DB61} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
Task: {8A1C898E-78A7-4A0D-97D8-DD54AEB3ED7D} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
Task: {8B9FB1EC-195A-428A-8F13-91399E6ECBE7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-20] (AVAST Software)
Task: {8CCDCCC3-88F0-4860-84BE-5AC16A1C6FA9} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {8EF4C9BF-0E36-47FF-AC50-1DE29C3DA3D7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-28] (AVAST Software)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\Windows\system32\dxgiadaptercache.exe [2018-04-11] (Microsoft Corporation)
Task: {9383AEA3-0CA4-4227-98E2-79AE8DC79D7E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3840187337-3860288294-2545479360-1001 => C:\Users\pahmadi\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2018-10-19] (Microsoft Corporation)
Task: {9772398A-4F8F-49D0-8238-4D627D73452B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-12] (NVIDIA Corporation)
Task: {97E8D66D-0085-423C-BA11-DD777A1258AB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2018-04-11] (Microsoft Corporation)
Task: {A167F6E0-ED47-419C-807E-2A11ECBA98D4} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {A305A840-EC8B-4C66-8EA8-5FF15F129CD2} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2018-04-11] (Microsoft Corporation)
Task: {B0952E0A-C54F-4E8B-95E9-90E560086B37} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {B14C88F4-4AAC-4F00-A94E-8EA180D7AEDC} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {B204151F-C2E4-41B3-9DC4-378F21DFF088} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {B23C35DE-C117-4788-9D45-B7D088502121} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2018-04-11] (Microsoft Corporation)
Task: {B2F4AC84-A8D0-4524-9363-BFF5A5911A00} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask
Task: {BA705F22-48E7-4913-9B25-D9EC64128D57} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {BCC1B356-2104-4F53-94E9-A61663470514} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-08] (Microsoft Corporation)
Task: {CCC841E7-2370-4471-AF7E-A36F94504CF0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {CDA5D686-5D6C-4730-9907-B66710DC3670} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {D010978C-B666-4072-B7F3-DD6340CDD629} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task
Task: {D1B26571-4B28-4800-97D8-F55B8F0EB175} - System32\Tasks\SafeZone scheduled Autoupdate 1452366284 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D3E32239-0B8B-4F0E-A027-96AC53D911A7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation)
Task: {DD710A69-86C6-4932-97B1-01FB13ACFEF1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged
Task: {DE0F76A5-8694-4282-8098-752D80118D81} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-17] (Microsoft Corporation)
Task: {E0862994-9083-482D-A921-27B4860FFA21} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\Windows\system32\eduprintprov.exe [2018-04-11] (Microsoft Corporation)
Task: {E86877F0-BEE7-42C2-B0EA-B2CEB8016029} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-17] (Microsoft Corporation)
Task: {EC60F8B1-954C-427C-97E9-A5B0A6613C47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation)
Task: {EFA86FF7-22AE-4997-AFD9-E89E1BF9B7D6} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2018-04-11] (Microsoft Corporation)
Task: {F6A9AD60-5A59-481C-8B71-05317BB0E06E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-17] (Microsoft Corporation)
Task: {F955A09C-E83A-4AD5-9ABC-7D5D7A055117} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {FC779438-B7FD-4774-AA55-4DE2A4B098A4} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh
Task: {FD27C2E9-D183-431C-A7AD-EC9714AEA6D2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation)
Task: {FFA4B6B6-FBD2-46CF-A37D-95B6F8476D37} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-11 19:34 - 2018-04-11 19:34 - 00491744 _____ () C:\Windows\System32\InputHost.dll
2015-12-09 03:59 - 2015-12-09 03:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2018-04-11 19:34 - 2018-04-11 19:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-28 22:37 - 2018-07-20 12:10 - 08936112 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2014-05-01 10:13 - 2016-12-23 22:20 - 00592384 _____ () C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX64.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 00472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 02759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2015-04-15 16:13 - 2015-04-15 16:13 - 00222720 _____ () E:\Notepad++\NppShell_06.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 00088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 01356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-08-08 11:55 - 2018-09-12 07:45 - 01315024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 00491744 _____ () C:\WINDOWS\SYSTEM32\InputHost.dll
2018-10-10 12:31 - 2018-09-19 23:38 - 02185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-17 17:43 - 2018-09-15 04:26 - 05110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-17 17:43 - 2018-09-15 04:26 - 00116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2018-10-22 18:24 - 2018-10-22 18:24 - 00183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-22 18:24 - 2018-10-22 18:24 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-07-09 20:32 - 2018-07-09 20:32 - 01922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-10-03 21:55 - 2018-10-03 21:55 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-22 18:24 - 2018-10-22 18:24 - 00060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-22 18:24 - 2018-10-22 18:24 - 10978304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-10-22 18:24 - 2018-10-22 18:24 - 02810368 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\skypert.dll
2018-10-22 18:24 - 2018-10-22 18:24 - 00685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-09-23 16:21 - 2018-09-23 16:22 - 00479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-23 16:21 - 2018-09-23 16:22 - 69128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 17:22 - 2017-10-04 17:22 - 02523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-09-23 16:21 - 2018-09-23 16:22 - 00010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-28 20:32 - 2018-08-28 20:32 - 03699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-04 11:10 - 2018-05-04 11:11 - 00009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-08-28 20:32 - 2018-08-28 20:32 - 00035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-17 15:20 - 2018-08-17 15:20 - 02480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-17 15:20 - 2018-08-17 15:20 - 02280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 11:24 - 2018-04-05 11:26 - 02283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-23 16:21 - 2018-09-23 16:22 - 14171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-28 20:32 - 2018-08-28 20:32 - 03544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-23 16:21 - 2018-09-23 16:22 - 02866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-28 20:32 - 2018-08-28 20:32 - 00973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-29 11:35 - 2018-07-29 11:35 - 04584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 00491744 _____ () C:\WINDOWS\system32\InputHost.dll
2015-12-07 12:43 - 2015-12-07 12:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 12:43 - 2015-12-07 12:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 12:44 - 2015-12-07 12:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 12:44 - 2015-12-07 12:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-12-07 12:43 - 2015-12-07 12:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2017-12-28 22:36 - 2018-07-20 12:10 - 08935600 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2014-05-01 10:15 - 2016-12-23 22:20 - 00564736 _____ () C:\Users\pahmadi\AppData\Local\MEGAsync\ShellExtX32.dll
2018-08-08 11:55 - 2018-09-12 07:45 - 01032912 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-03 13:12 - 2018-03-03 13:12 - 67126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-20 12:08 - 2018-10-20 12:08 - 00598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2014-11-10 13:12 - 2014-11-10 13:12 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-12-28 22:38 - 2018-07-20 12:10 - 01452728 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ClientTelemetry.dll
2017-12-28 22:38 - 2018-07-20 12:10 - 01452728 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\ClientTelemetry.dll
2017-12-28 22:33 - 2018-07-20 12:09 - 00294056 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\IEAWSDC.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\sharepoint.com -> hxxps://myyorkuca-files.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2018-10-22 18:59 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\Control Panel\Desktop\\Wallpaper -> e:\thumb-350-320986.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AvastVBoxSvc => 3
MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\StartupApproved\StartupFolder: => "Citrix Receiver.lnk"
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3840187337-3860288294-2545479360-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [UDP Query User{320C0024-9334-44A0-A5F6-32199B3B6502}E:\program files\vlc\vlc.exe] => (Block) E:\program files\vlc\vlc.exe
FirewallRules: [TCP Query User{F4E7D50D-91CA-4595-BDAA-DB75478B53C8}E:\program files\vlc\vlc.exe] => (Block) E:\program files\vlc\vlc.exe
FirewallRules: [UDP Query User{658C00CE-5543-461D-90B7-C3E164472BBA}C:\program files\android\android studio\jre\bin\java.exe] => (Block) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{CF2D7F06-EFD1-4074-A299-D414ED3A773B}C:\program files\android\android studio\jre\bin\java.exe] => (Block) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [{21C451BE-D012-4B3C-B2CE-1E95C9E8975A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0D6A833E-24A9-40C1-B2D4-8DCF63E72743}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A880BD84-F5E5-4FF4-8E9C-5E8093D510C2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{5240993E-7C06-4819-AE2D-792150AC5436}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8FAC55E1-7DD8-45DC-8173-3421D9474730}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{E57C0B53-27B0-4A05-B161-FEBE51127EB5}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [TCP Query User{9532DEA5-4D41-4D82-9554-38BA3161DE74}E:\games\prey\binaries\danielle\x64\release\prey.exe] => (Block) E:\games\prey\binaries\danielle\x64\release\prey.exe
FirewallRules: [UDP Query User{8BE371AF-9C90-4E41-A572-20B6D5AC2588}E:\games\a wii usb folder\wiiu_usb_helper.exe] => (Block) E:\games\a wii usb folder\wiiu_usb_helper.exe
FirewallRules: [TCP Query User{F8AB09C5-8F76-4F14-9EA5-50879FB1A040}E:\games\a wii usb folder\wiiu_usb_helper.exe] => (Block) E:\games\a wii usb folder\wiiu_usb_helper.exe
FirewallRules: [UDP Query User{204E2CDB-3750-4EA3-924F-7E4EB58D22DB}E:\games\7a3ec1-cemu173d_066de503b8c75fd\wiiu_usb_helper.exe] => (Block) E:\games\7a3ec1-cemu173d_066de503b8c75fd\wiiu_usb_helper.exe
FirewallRules: [TCP Query User{EFD941EB-2B7E-46A8-95A5-36745D44E206}E:\games\7a3ec1-cemu173d_066de503b8c75fd\wiiu_usb_helper.exe] => (Block) E:\games\7a3ec1-cemu173d_066de503b8c75fd\wiiu_usb_helper.exe
FirewallRules: [{A2770855-C28A-436F-B7B5-FB4694B8B0FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2AD3F555-8299-48AD-A3CC-BD8087E085BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F9AA4DBC-EC00-44F7-9A4E-36D3FB1F25CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E63CE914-42FC-44D6-947A-69DC000684A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6359BCAF-F074-4DCE-8BB7-03AD47A369B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{647CF0F7-FB28-4988-A356-1088FC5A82EC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{854D8606-698D-465D-BAE6-865F512EBB7C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [UDP Query User{DE046CCC-CFE7-4202-92A5-FBC312F3F7E1}E:\games\call of duty - infinite warfare\iw7_ship.exe] => (Block) E:\games\call of duty - infinite warfare\iw7_ship.exe
FirewallRules: [TCP Query User{024F33C9-AE3D-47FD-99AD-08B9BAD565C5}E:\games\call of duty - infinite warfare\iw7_ship.exe] => (Block) E:\games\call of duty - infinite warfare\iw7_ship.exe
FirewallRules: [{12532985-8E2E-4E08-BD0B-5F51C6D1B918}] => (Block) E:\Games\WWE 2K16\WWE2K16.exe
FirewallRules: [{524F7B37-3DAB-4C8B-9210-6BFB66ACB0D9}] => (Block) E:\Games\WWE 2K16\WWE2K16.exe
FirewallRules: [{16677B84-4748-4237-B403-E469364BE627}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{C75099FD-5390-4559-8402-46DB636B455F}] => (Block) %ProgramFiles%\Sony\Vegas Pro 12.0\vegas120.exe
FirewallRules: [{3C2C5BEA-A485-452B-B949-F14A3F9A26A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F2C0810A-DCF7-4535-A50D-A1D1456D81E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{D2D16456-5462-43A5-9952-B86A731BEF1A}E:\games\mass effect 3.deluxe edition.v 1.5.5427.124 + 14 dlc\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3.deluxe edition.v 1.5.5427.124 + 14 dlc\binaries\win32\masseffect3.exe
FirewallRules: [TCP Query User{41A32F6C-725C-44AA-A33F-55A0DCF2FDC5}E:\games\mass effect 3.deluxe edition.v 1.5.5427.124 + 14 dlc\binaries\win32\masseffect3.exe] => (Allow) E:\games\mass effect 3.deluxe edition.v 1.5.5427.124 + 14 dlc\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{978D1139-1FC1-4243-923F-BEA0D15F4858}E:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{AFBEE18E-242D-4129-9359-89A9D426F29A}E:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\games\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{D0B18DAB-1886-4A2F-95CF-976AC12D838D}E:\games\mass effect 2\binaries\masseffect2.exe] => (Block) E:\games\mass effect 2\binaries\masseffect2.exe
FirewallRules: [TCP Query User{C387CD3A-976C-4FE2-A43A-100D61105E8A}E:\games\mass effect 2\binaries\masseffect2.exe] => (Block) E:\games\mass effect 2\binaries\masseffect2.exe
FirewallRules: [UDP Query User{C6319E23-8E89-4DBD-A16D-9D18815EDFFE}E:\games\grand theft auto v\gta5.exe] => (Block) E:\games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{46589999-D8D3-413C-9367-315AFCF8FB1B}E:\games\grand theft auto v\gta5.exe] => (Block) E:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{7B70A298-F8C9-4FFA-ABA6-8BC9BEA6F9E1}E:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) E:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{25E0CD3E-D64B-4D03-ABDF-159D0DAB5F17}E:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) E:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{4B86F244-3CF5-4EE8-89D3-399EF653E8C1}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{BE3A0F63-2D5A-419C-979C-9F7FF66162F1}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [UDP Query User{F3A8869C-2FD0-4FAB-9378-D7EAA12867AB}E:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Block) E:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [TCP Query User{3B9C4912-B9FF-41FA-A101-14A7746128CE}E:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Block) E:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [UDP Query User{1099DD03-C3B6-46FE-B456-34236D2D1C41}E:\program files\deluge\deluge.exe] => (Block) E:\program files\deluge\deluge.exe
FirewallRules: [TCP Query User{417CC0D1-BF2E-49E3-A7CD-9332F0E162BD}E:\program files\deluge\deluge.exe] => (Block) E:\program files\deluge\deluge.exe
FirewallRules: [{C0035F1A-4351-448B-B6C7-B18D2FAA8CB7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{179DA074-1FAF-4DBF-84D5-C2DC74D1690F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{88C51A6B-E858-474E-8B91-1F1D4544146E}] => (Allow) C:\Users\pahmadi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C0AC25C-317B-4A99-A39A-601F4D50DF8A}] => (Allow) C:\Users\pahmadi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{53340FB0-430E-48D2-975A-8629E682008F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FA146FD5-EAE5-4D45-9A89-564DC41F81B1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A6882C60-CA13-4CD0-A35D-4ED83A85E011}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{878AB48C-196F-4928-B019-9A1EE47529F0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A2A341C9-BEE9-4EC8-B47D-B603684241F5}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe
FirewallRules: [{4431F62C-829D-498E-9500-10F6F961B08C}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe
FirewallRules: [TCP Query User{E3D8EBF8-AC60-4308-9A6E-46D7D36C2365}E:\games\dishonored\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{332770D5-E53D-4743-8A26-2805899A5A95}E:\games\dishonored\binaries\win32\dishonored.exe] => (Block) E:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{CEE51D2C-6F58-4B44-80DF-7470B507D4F7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E7715403-9932-4AF9-8953-BB02F2C4D663}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{98C04D4E-6EFA-4B27-964C-97B953F3834F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E90ABA9B-BFCA-4476-9673-1EED03FEBBA8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{479A758F-34EE-490E-A221-82B7A23CA629}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7FE888D-076D-4A20-84AF-925C498F5EA7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{72357AE1-B4F6-41EE-845A-62D898A90AEF}] => (Allow) E:\Just.Cause.3.XL.Edition.SteamRip-Fisher\Just Cause 3\Steam\Steam.exe
FirewallRules: [{44D63FB1-C32C-4A37-8A64-E266B25D83CA}] => (Allow) E:\Just.Cause.3.XL.Edition.SteamRip-Fisher\Just Cause 3\Steam\Steam.exe
FirewallRules: [{75A88A90-7D16-4119-8AD5-CF2AC825997E}] => (Block) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{C58336A1-D789-4E96-A136-A094A5581952}] => (Block) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [TCP Query User{222C8A48-C05A-4637-A361-8829D1DF7D65}E:\games\doom\doomx64.exe] => (Block) E:\games\doom\doomx64.exe
FirewallRules: [UDP Query User{16B16F31-258C-4DFF-8B60-3DD28FCAC42F}E:\games\doom\doomx64.exe] => (Block) E:\games\doom\doomx64.exe
FirewallRules: [{9FDE8567-9873-4793-8BC6-56CA6429974C}] => (Allow) E:\SteamGames\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{B4B76B2F-F5CE-4B5C-9F78-3A37F5085BDE}] => (Allow) E:\SteamGames\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [TCP Query User{672D35CC-5544-4DF5-90B6-23DF17EBC01D}E:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) E:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [UDP Query User{55E7CB98-657F-4105-9B3A-70847933CF90}E:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => (Allow) E:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe
FirewallRules: [TCP Query User{0F12FBD7-31C9-43E8-B0C8-855FCF98D676}E:\games\nba 2k17\nba2k17.exe] => (Block) E:\games\nba 2k17\nba2k17.exe
FirewallRules: [UDP Query User{E10AA303-CA5A-4959-BFD9-012F94DAA90A}E:\games\nba 2k17\nba2k17.exe] => (Block) E:\games\nba 2k17\nba2k17.exe
FirewallRules: [TCP Query User{C98DF05C-4E72-48AC-A122-C23180735AF6}E:\games\fifa 17\fifa17.exe] => (Block) E:\games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{2B4433C6-80CA-464B-8778-A47EE489E136}E:\games\fifa 17\fifa17.exe] => (Block) E:\games\fifa 17\fifa17.exe
FirewallRules: [{75A8F769-3CE2-4D0B-BFB8-C22B4C7B0951}] => (Block) E:\cemu182b-cracked\cemu182b-cracked\Cemu.exe
FirewallRules: [{C46E8BD9-B6EA-43CB-9670-1FADDAF72103}] => (Block) E:\cemu182b-cracked\cemu182b-cracked\Cemu.exe
FirewallRules: [TCP Query User{4656521D-D8EF-4BD0-AC61-383282981BE7}E:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe] => (Allow) E:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe
FirewallRules: [UDP Query User{64146B5E-C2D5-45EC-ACB4-2A6FA49E0B93}E:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe] => (Allow) E:\program files (x86)\origin games\fifa 18 demo\fifa18_demo.exe
FirewallRules: [TCP Query User{170EE4EB-3AB6-421B-B056-006CAC61AC62}E:\games\pro evolution soccer 2018\pes2018.exe] => (Block) E:\games\pro evolution soccer 2018\pes2018.exe
FirewallRules: [UDP Query User{54B8A51B-4196-4D74-99A2-BD2687234267}E:\games\pro evolution soccer 2018\pes2018.exe] => (Block) E:\games\pro evolution soccer 2018\pes2018.exe
FirewallRules: [TCP Query User{EA98EB0F-EADD-4BDB-B676-15A123DE4267}E:\games\fifa18\fifa18.exe] => (Block) E:\games\fifa18\fifa18.exe
FirewallRules: [UDP Query User{8D36A917-4CFB-48A0-9B8E-CA1F97E138CE}E:\games\fifa18\fifa18.exe] => (Block) E:\games\fifa18\fifa18.exe
FirewallRules: [TCP Query User{8F67A5A4-E51D-4EA0-8CC2-EA4CE0372CA3}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{2AA5EF8A-CE1D-4114-B32A-A6FBB34B13DC}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [TCP Query User{6146C59B-3C26-46B6-8CA1-6DE003E15D2A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{2D3B191A-0630-48AD-A9AB-C7131E1DE9A3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{6D1EEBDE-2C2F-4CDE-8191-FE7EEFF5635C}E:\games\wwe 2k18\wwe2k18_x64.exe] => (Allow) E:\games\wwe 2k18\wwe2k18_x64.exe
FirewallRules: [UDP Query User{2D26C51A-9CC2-4DC2-9760-B9E319E9B774}E:\games\wwe 2k18\wwe2k18_x64.exe] => (Allow) E:\games\wwe 2k18\wwe2k18_x64.exe
FirewallRules: [{2222B623-28D1-4214-B746-3A2B29582469}] => (Block) E:\games\wwe 2k18\wwe2k18_x64.exe
FirewallRules: [{F1EA134E-D97E-4AB9-914D-2F07ECCC4F07}] => (Block) E:\games\wwe 2k18\wwe2k18_x64.exe
FirewallRules: [{B4BA306F-9A16-450F-AA2A-266AE56AFB16}] => (Allow) E:\games\wwe 2k18\wwe2k18_x64.exe
FirewallRules: [{9ECBAC78-2944-4B07-8403-96BD02DA108A}] => (Allow) E:\games\wwe 2k18\wwe2k18_x64.exe
FirewallRules: [{697CA0FD-63C9-429C-980E-590B9027E8CF}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{01C093F9-C186-4869-873A-FEAEC05F1AFE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{503D97DB-6974-422F-A384-87107494FC1F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{BD22F7F7-C5E6-44D7-B24D-6C1D6E16647D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F80AE82C-A121-4BF1-AED4-7EE413FEAA6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CEBEFD5B-6EED-4116-88A5-24D910CA3D01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A904DFC7-4CE0-4A37-B5E5-F79A7FAC6D72}] => (Allow) E:\iTunes.exe
FirewallRules: [{F4F49670-D60A-4000-A762-2E4EEC81B417}] => (Allow) E:\SteamGames\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{45F4A998-4D06-4485-867A-91D9BA729511}] => (Allow) E:\SteamGames\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FD4B51E3-C830-452E-B896-2A1CFC17D7E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9F02D461-CB98-475B-B7EC-67A0D5A94952}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{89139F1A-0C02-41C9-80CD-595CCC140860}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [TCP Query User{0EA59FD4-0435-4935-B454-50A3E2CC675C}E:\program files\deluge\deluge-gtk.exe] => (Block) E:\program files\deluge\deluge-gtk.exe
FirewallRules: [UDP Query User{C45A88AC-10A4-4BF9-89CB-3643848EF438}E:\program files\deluge\deluge-gtk.exe] => (Block) E:\program files\deluge\deluge-gtk.exe
FirewallRules: [{25A65D47-FA60-43AB-9D44-B286232D2632}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{CF818E6F-CF85-4649-8574-492B7883935D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F0A2D70B-F7EF-461F-826B-1165FEF88F74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6A56145B-77B5-4128-AC94-BB4E7E6FF1D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E03E29E1-0942-444B-94E5-F7AE6211BEAD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{F05D6F15-2557-4323-A473-4A45FD032864}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{2F9F3B08-6CF3-4AFC-9D46-3580FDC814B0}] => (Allow) E:\SteamGames\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{2E4BF65A-4A2C-4772-A9E6-5C72D218A5C7}] => (Allow) E:\SteamGames\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{582C7122-764C-4AA5-B521-080932DA6C19}E:\games\helldivers\binaries\x86\helldivers.exe] => (Block) E:\games\helldivers\binaries\x86\helldivers.exe
FirewallRules: [UDP Query User{437F6B0B-99B7-4104-970C-9E0BE40146A3}E:\games\helldivers\binaries\x86\helldivers.exe] => (Block) E:\games\helldivers\binaries\x86\helldivers.exe
==================== Restore Points =========================
08-10-2018 23:02:23 Scheduled Checkpoint
18-10-2018 12:30:13 Scheduled Checkpoint
24-10-2018 11:09:49 Checkpoint by HitmanPro
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/29/2018 02:46:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x27ec
Faulting application start time: 0xsvchost.exe_WpnUserService0
Faulting application path: svchost.exe_WpnUserService1
Faulting module path: svchost.exe_WpnUserService2
Report Id: svchost.exe_WpnUserService3
Faulting package full name: svchost.exe_WpnUserService4
Faulting package-relative application ID: svchost.exe_WpnUserService5
Error: (10/29/2018 12:20:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422333
Error: (10/28/2018 08:09:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x34a4
Faulting application start time: 0xsvchost.exe_WpnUserService0
Faulting application path: svchost.exe_WpnUserService1
Faulting module path: svchost.exe_WpnUserService2
Report Id: svchost.exe_WpnUserService3
Faulting package full name: svchost.exe_WpnUserService4
Faulting package-relative application ID: svchost.exe_WpnUserService5
Error: (10/28/2018 07:27:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: QuietHours.dll, version: 10.0.17134.165, time stamp: 0xa4eee2d0
Exception code: 0xc0000005
Fault offset: 0x000000000004ba32
Faulting process id: 0x1790
Faulting application start time: 0xsvchost.exe_WpnUserService0
Faulting application path: svchost.exe_WpnUserService1
Faulting module path: svchost.exe_WpnUserService2
Report Id: svchost.exe_WpnUserService3
Faulting package full name: svchost.exe_WpnUserService4
Faulting package-relative application ID: svchost.exe_WpnUserService5
Error: (10/28/2018 07:22:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc000041d
Fault offset: 0x00005514
Faulting process id: 0x23e4
Faulting application start time: 0xsetup.tmp0
Faulting application path: setup.tmp1
Faulting module path: setup.tmp2
Report Id: setup.tmp3
Faulting package full name: setup.tmp4
Faulting package-relative application ID: setup.tmp5
Error: (10/28/2018 07:22:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x00005514
Faulting process id: 0x23e4
Faulting application start time: 0xsetup.tmp0
Faulting application path: setup.tmp1
Faulting module path: setup.tmp2
Report Id: setup.tmp3
Faulting package full name: setup.tmp4
Faulting package-relative application ID: setup.tmp5
Error: (10/28/2018 03:57:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc000041d
Fault offset: 0x00005514
Faulting process id: 0x3ee4
Faulting application start time: 0xsetup.tmp0
Faulting application path: setup.tmp1
Faulting module path: setup.tmp2
Report Id: setup.tmp3
Faulting package full name: setup.tmp4
Faulting package-relative application ID: setup.tmp5
Error: (10/28/2018 03:57:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x00005514
Faulting process id: 0x3ee4
Faulting application start time: 0xsetup.tmp0
Faulting application path: setup.tmp1
Faulting module path: setup.tmp2
Report Id: setup.tmp3
Faulting package full name: setup.tmp4
Faulting package-relative application ID: setup.tmp5
Error: (10/28/2018 12:20:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422333
Error: (10/27/2018 01:56:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x1224
Faulting application start time: 0xsvchost.exe_WpnUserService0
Faulting application path: svchost.exe_WpnUserService1
Faulting module path: svchost.exe_WpnUserService2
Report Id: svchost.exe_WpnUserService3
Faulting package full name: svchost.exe_WpnUserService4
Faulting package-relative application ID: svchost.exe_WpnUserService5
System errors:
=============
Error: (10/29/2018 03:43:50 PM) (Source: DCOM) (EventID: 10016) (User: POURIAPC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PouriaPCpahmadiS-1-5-21-3840187337-3860288294-2545479360-1001LocalHost (Using LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723
Error: (10/29/2018 11:59:46 AM) (Source: DCOM) (EventID: 10016) (User: POURIAPC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PouriaPCpahmadiS-1-5-21-3840187337-3860288294-2545479360-1001LocalHost (Using LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723
Error: (10/29/2018 11:42:49 AM) (Source: DCOM) (EventID: 10016) (User: POURIAPC)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}PouriaPCpahmadiS-1-5-21-3840187337-3860288294-2545479360-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/29/2018 11:42:37 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (10/28/2018 09:43:14 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}
Error: (10/28/2018 08:09:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WpnUserService_25d4d service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (10/28/2018 07:27:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WpnUserService_25d4d service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (10/28/2018 05:33:30 PM) (Source: DCOM) (EventID: 10016) (User: POURIAPC)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}PouriaPCpahmadiS-1-5-21-3840187337-3860288294-2545479360-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (10/28/2018 05:30:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WpnUserService_25d4d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (10/28/2018 03:19:31 PM) (Source: DCOM) (EventID: 10016) (User: POURIAPC)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}PouriaPCpahmadiS-1-5-21-3840187337-3860288294-2545479360-1001LocalHost (Using LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723
CodeIntegrity:
===================================
Date: 2018-10-29 11:42:42.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-29 11:42:42.346
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-29 11:42:41.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-29 02:46:21.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-28 12:10:59.974
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-28 12:10:59.435
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-28 12:10:59.025
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-28 02:08:52.848
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-26 12:27:21.230
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-10-26 12:27:20.613
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 93%
Total physical RAM: 8143.88 MB
Available physical RAM: 515.05 MB
Total Virtual: 19919.88 MB
Available Virtual: 5715.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.93 GB) (Free:107.07 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.39 GB) (Free:133.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Edited by SuprememMystique, 29 October 2018 - 04:31 PM.