Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Windows 10 So Slow - not sure if infected [Solved]

Started by dpm , Jan 25 2019 12:45 PM

windows 10 slow windows10 update. update

This topic is locked

#1
dpm

Posted 25 January 2019 - 12:45 PM

Member

Member
27 posts

I keep getting a 403 warning and so have attached the files, with description and logs ... not sure if that will work..

Details are below where I have replied to my own post.. and managed to get details in that way.

Sorry it's the only way I can get this to you..

Edited by dpm, 25 January 2019 - 12:55 PM.

#2
dpm

Posted 25 January 2019 - 12:54 PM

Member

Topic Starter
Member
27 posts

My Windows 10 laptop is so slow

This may be after an update, I'm not sure if it's infected

I ran a command scan, but nothing found

I defragged

Ran a anti malware scan, and found 3 items deleted

Still really slow in Chrome.

Random programmes associated with Outlook keep popping up

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019

Ran by admin (administrator) on DESKTOP-TNONK0U (25-01-2019 18:11:07)

Running from C:\Users\admin\Desktop

Loaded Profiles: admin (Available Profiles: admin)

Platform: Windows 10 Enterprise Version 1803 17134.523 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe

(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe

() C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Greenshot) C:\Program Files\Greenshot\Greenshot.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Enounce Incorporated) C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

(Calendly) C:\Program Files (x86)\Calendly for Outlook\calendly.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe

() C:\Program Files (x86)\Calendly for Outlook\Push\calendlyPush.exe

(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe

(Innovative Digital Technologies) C:\Users\admin\AppData\Roaming\ACEStream\engine\ace_engine.exe

(HP Inc.) C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(HP Inc.) C:\Program Files\HP\HP ENVY 5540 series\Bin\HPNetworkCommunicatorCom.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(McAfee, LLC) C:\Program Files\McAfee\TrueKey\Application\native_proxy.exe

Failed to access process -> mbamtray.exe

(McAfee, LLC) C:\Program Files\McAfee\TrueKey\Application\truekey.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(McAfee, LLC) C:\Program Files\McAfee\TrueKey\Application\truekey.exe

(Innovative Digital Technologies) C:\Users\admin\AppData\Roaming\ACEStream\engine\ace_engine.exe

() C:\Users\admin\AppData\Roaming\ACEStream\updater\ace_update.exe

(The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-12-16] (Alps Electric Co., Ltd.)

HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [528384 2016-11-03] (Greenshot)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4090176 2019-01-22] (Dropbox, Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\Run: [3xAV] => C:\Program Files (x86)\Enounce\MySpeed\MySpeed.exe [937616 2012-07-02] (Enounce Incorporated)

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\Run: [Calendly for Outlook] => c:\program files (x86)\calendly for outlook\calendly.exe [7804376 2016-05-12] (Calendly)

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7410464 2019-01-24] (Lavasoft)

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\Run: [AceStream] => C:\Users\admin\AppData\Roaming\ACEStream\engine\ace_engine.exe [27960 2018-08-30] (Innovative Digital Technologies)

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3770504 2017-03-27] (HP Inc.)

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\MountPoints2: {e21a9bf3-8e16-11e5-9bc5-5c260a554fd8} - "F:\WD SmartWare.exe" autoplay=true

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2018-04-11] (Microsoft Corporation)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-15] (Google Inc.)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\Installer\chrmstp.exe [2019-01-17] (AVAST Software)

HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2018-11-27] (McAfee, LLC.)

Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{7e5a5c67-8a50-4687-8c19-15ef2ea768c9}: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{d4ac1f71-6b10-492a-97a9-07f835a2414b}: [DhcpNameServer] 192.168.1.254

Internet Explorer:

==================

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp

SearchScopes: HKU\S-1-5-21-46578486-4152185240-1140259097-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKU\S-1-5-21-46578486-4152185240-1140259097-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKU\S-1-5-21-46578486-4152185240-1140259097-1001 -> {E486E86E-401B-4D98-B96A-5B34F0A6B655} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default

BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security)

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-13] (Microsoft Corporation)

BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2016-06-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security)

Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security)

DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col430-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=1874001884

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-13] (Microsoft Corporation)

Edge:

======

Edge HomeButtonPage: HKU\S-1-5-21-46578486-4152185240-1140259097-1001 -> hxxp://www.google.co.uk/

FireFox:

========

FF DefaultProfile: 6o34rwch.default

FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default [2019-01-24]

FF Homepage: Mozilla\Firefox\Profiles\6o34rwch.default -> hxxps://www.malwarebytes.org/restorebrowser/

FF Extension: (True Key™ by Intel Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\@true-key.xpi [2017-04-19]

FF Extension: (Search and new tab by Yahoo) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\[email protected] [2017-11-12]

FF Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\[email protected] [2018-07-22]

FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\[email protected] [2018-12-24]

FF Extension: (Avast Online Security) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\[email protected] [2019-01-08]

FF Extension: (1-Click YouTube Video Downloader) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\[email protected] [2018-05-03]

FF Extension: (SEOquake) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi [2018-02-01]

FF Extension: (iMacros for Firefox) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2018-07-22]

FF Extension: (Download YouTube Videos as MP4) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-02-19] [Legacy]

FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\6o34rwch.default\searchplugins\bing-lavasoft-ff59.xml [2019-01-24]

FF ProfilePath: C:\Users\admin\AppData\Roaming\KompoZer\Profiles\sfgyl5bd.default [2018-02-18]

FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]

FF HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi

FF Extension: (Ace Script) - C:\Users\admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-13] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-46578486-4152185240-1140259097-1001: @acestream.net/acestreamplugin,version=3.1.20.4 -> C:\Users\admin\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-13] (Innovative Digital Technologies)

FF Plugin HKU\S-1-5-21-46578486-4152185240-1140259097-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\admin\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-03-27] (Zoom Video Communications, Inc.)

Chrome:

=======

CHR NewTab: Default -> Not-active:"chrome-extension://fabhkdeopjkcpkmofliimbjckmocfiom/newtab.html"

CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&pws=0&gl=us&gws_rd=cr

CHR DefaultSearchKeyword: Default -> google ncr

CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]

CHR Extension: (Google Translate) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-22]

CHR Extension: (SEOquake) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2018-11-27]

CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]

CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-18]

CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]

CHR Extension: (Honey) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-01-13]

CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]

CHR Extension: (FBA Calculator Free Extension) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkgjopcolgcafhnicdahjemapkniikeh [2019-01-24]

CHR Extension: (MozBar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2018-11-30]

CHR Extension: (Adobe Acrobat) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]

CHR Extension: (Yahoo Partner) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabhkdeopjkcpkmofliimbjckmocfiom [2018-05-05]

CHR Extension: (Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]

CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-02]

CHR Extension: (Pinterest Save Button) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-12-13]

CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2018-11-15]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-01-24]

CHR Extension: (DS Amazon Quick View) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkompbllimaoekaogchhkmkdogpkhojg [2018-09-16]

CHR Extension: (Ace Script) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-12-15]

CHR Extension: (True Key™ by McAfee) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbeldjopgciegccabfohnefghfpinncn [2018-05-30]

CHR Extension: (TextBook Money) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbinilphjfjmakmemdiognlidjhoebef [2018-12-20]

CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2018-09-02]

CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12]

CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]

CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]

CHR Extension: (Linked Helper INDEPENDENT) - C:\Users\admin\Desktop\build_cloud_50.1.9\build_cloud [2019-01-06]

CHR HKU\S-1-5-21-46578486-4152185240-1140259097-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-12-16] (Alps Electric Co., Ltd.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-07] (AVAST Software)

S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-30] (AVAST Software)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-07] (AVAST Software)

R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [367728 2019-01-07] (AVAST Software)

S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-05-30] (AVAST Software)

S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.98\elevation_service.exe [390552 2019-01-09] (AVAST Software)

S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-07] (AVAST Software)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-01-22] (Dropbox, Inc.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)

R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-06-17] (Microsoft)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)

S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)

S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [352688 2018-11-27] (McAfee, LLC.)

S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [352688 2018-11-27] (McAfee, LLC.)

R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2018-11-27] (McAfee, LLC.)

R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113024 2018-02-12] ()

S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2019-01-24] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [1764296 2017-12-13] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-07] (AVAST Software)

R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software)

R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-07] (AVAST Software)

R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-07] (AVAST Software)

R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-07] (AVAST Software)

R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (AVAST Software)

S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-07] (AVAST Software)

R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-07] (AVAST Software)

R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-21] (AVAST Software)

R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [512048 2019-01-07] (AVAST Software)

R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-07] (AVAST Software)

R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-07] (AVAST Software)

R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-07] (AVAST Software)

R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-07] (AVAST Software)

R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-07] (AVAST Software)

R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-07] (AVAST Software)

R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [488736 2015-12-16] (Intel Corporation)

R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-19] (Malwarebytes)

R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-25] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-25] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-25] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-25] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-25] (Malwarebytes)

R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2018-04-11] (Intel Corporation)

R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project)

R3 TSVAD_PCM; C:\WINDOWS\system32\drivers\tsvadpcm.sys [33552 2015-01-30] (Windows ® Win 7 DDK provider)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 18:11 - 2019-01-25 18:13 - 000030339 _____ C:\Users\admin\Desktop\FRST.txt

2019-01-25 18:10 - 2019-01-25 18:11 - 000000000 ____D C:\FRST

2019-01-25 18:08 - 2019-01-25 18:08 - 002428416 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe

2019-01-25 17:54 - 2019-01-25 17:54 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2019-01-25 17:53 - 2019-01-25 17:53 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2019-01-25 17:49 - 2019-01-25 17:53 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2019-01-25 17:49 - 2019-01-25 17:49 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2019-01-25 17:45 - 2019-01-25 17:46 - 000331858 _____ C:\WINDOWS\ntbtlog.txt

2019-01-25 17:45 - 2019-01-25 17:45 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2019-01-25 09:39 - 2019-01-25 09:39 - 000000000 ___HD C:\$SysReset

2019-01-24 19:39 - 2019-01-24 19:39 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk

2019-01-24 19:39 - 2019-01-24 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools

2019-01-24 17:47 - 2019-01-24 19:10 - 000000256 _____ C:\Users\admin\Desktop\quollify questions.txt

2019-01-24 09:37 - 2019-01-24 19:20 - 000000000 ____D C:\Users\admin\Desktop\KO

2019-01-24 09:30 - 2019-01-24 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2019-01-23 17:20 - 2019-01-23 17:20 - 065314140 _____ C:\Users\admin\Downloads\Traidia_chinese.mp4

2019-01-23 14:07 - 2019-01-23 14:07 - 007482764 _____ C:\Users\admin\Desktop\Traidia_Jan2019.zip

2019-01-23 14:06 - 2019-01-24 09:41 - 000000000 ____D C:\Users\admin\Desktop\Traidia_Jan2019

2019-01-23 14:03 - 2019-01-23 14:03 - 000780808 _____ C:\Users\admin\Desktop\Traidia Financial Model DRAFT 2018-10-15 v0p7.xlsx

2019-01-22 13:14 - 2019-01-22 13:14 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2019-01-22 13:14 - 2019-01-22 13:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys

2019-01-22 13:14 - 2019-01-22 13:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys

2019-01-22 13:14 - 2019-01-22 13:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

2019-01-21 13:22 - 2019-01-21 13:23 - 000829249 _____ C:\Users\admin\Desktop\Pauline_R_Rogers_Will.pdf

2019-01-18 10:24 - 2019-01-18 10:24 - 000440255 _____ C:\Users\admin\Downloads\Heads of Terms - Arc Software and Qualify - 17Jan19.pdf

2019-01-14 19:46 - 2019-01-14 19:46 - 000576658 _____ C:\Users\admin\Downloads\Ikea kitchen document (updated views, SAVADEL).pdf

2019-01-14 19:46 - 2019-01-14 19:46 - 000000168 _____ C:\Users\admin\Downloads\ATT00001 (1).htm

2019-01-14 15:51 - 2019-01-14 15:51 - 003166800 _____ C:\Users\admin\Downloads\first_designs_Quollify.zip

2019-01-14 14:41 - 2019-01-14 14:41 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys

2019-01-14 10:16 - 2019-01-14 10:16 - 000108163 _____ C:\Users\admin\Desktop\03._Les_Sports_feedback.pdf

2019-01-14 10:14 - 2019-01-14 10:14 - 000101376 _____ C:\Users\admin\Downloads\03._Les_Sports_feedback.pub

2019-01-11 15:17 - 2019-01-11 15:17 - 001887973 _____ C:\Users\admin\Downloads\MSBC About Us 2017 Oct.pptx

2019-01-11 09:03 - 2018-09-20 04:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

2019-01-09 08:09 - 2019-01-01 13:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll

2019-01-09 08:09 - 2019-01-01 13:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll

2019-01-09 08:09 - 2019-01-01 13:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2019-01-09 08:09 - 2019-01-01 13:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll

2019-01-09 08:09 - 2019-01-01 13:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll

2019-01-09 08:09 - 2019-01-01 13:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll

2019-01-09 08:09 - 2019-01-01 13:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2019-01-09 08:09 - 2019-01-01 13:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll

2019-01-09 08:09 - 2019-01-01 13:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll

2019-01-09 08:09 - 2019-01-01 13:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll

2019-01-09 08:09 - 2019-01-01 07:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2019-01-09 08:09 - 2019-01-01 07:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2019-01-09 08:09 - 2019-01-01 07:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2019-01-09 08:09 - 2019-01-01 07:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2019-01-09 08:09 - 2019-01-01 07:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2019-01-09 08:09 - 2019-01-01 07:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys

2019-01-09 08:09 - 2019-01-01 07:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2019-01-09 08:09 - 2019-01-01 07:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2019-01-09 08:09 - 2019-01-01 07:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2019-01-09 08:09 - 2019-01-01 07:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2019-01-09 08:09 - 2019-01-01 07:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2019-01-09 08:09 - 2019-01-01 07:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2019-01-09 08:09 - 2019-01-01 07:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2019-01-09 08:09 - 2019-01-01 07:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2019-01-09 08:09 - 2019-01-01 07:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2019-01-09 08:09 - 2019-01-01 07:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2019-01-09 08:09 - 2019-01-01 07:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2019-01-09 08:09 - 2019-01-01 07:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2019-01-09 08:09 - 2019-01-01 07:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys

2019-01-09 08:09 - 2019-01-01 07:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2019-01-09 08:09 - 2019-01-01 06:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2019-01-09 08:09 - 2019-01-01 06:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2019-01-09 08:09 - 2019-01-01 06:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2019-01-09 08:09 - 2019-01-01 06:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe

2019-01-09 08:09 - 2019-01-01 06:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys

2019-01-09 08:09 - 2019-01-01 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll

2019-01-09 08:09 - 2019-01-01 06:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2019-01-09 08:09 - 2019-01-01 06:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2019-01-09 08:09 - 2019-01-01 06:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll

2019-01-09 08:09 - 2019-01-01 06:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2019-01-09 08:09 - 2019-01-01 06:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2019-01-09 08:09 - 2019-01-01 06:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2019-01-09 08:09 - 2019-01-01 06:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2019-01-09 08:09 - 2019-01-01 06:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll

2019-01-09 08:09 - 2019-01-01 06:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll

2019-01-09 08:09 - 2019-01-01 06:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2019-01-09 08:09 - 2019-01-01 06:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2019-01-09 08:09 - 2019-01-01 06:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll

2019-01-09 08:09 - 2019-01-01 06:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll

2019-01-09 08:09 - 2019-01-01 06:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2019-01-09 08:09 - 2019-01-01 06:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2019-01-09 08:09 - 2019-01-01 06:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2019-01-09 08:09 - 2019-01-01 06:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2019-01-09 08:09 - 2019-01-01 06:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll

2019-01-09 08:09 - 2019-01-01 06:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2019-01-09 08:09 - 2019-01-01 06:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2019-01-09 08:09 - 2019-01-01 06:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll

2019-01-09 08:09 - 2019-01-01 06:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2019-01-09 08:09 - 2019-01-01 06:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2019-01-09 08:09 - 2019-01-01 06:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2019-01-09 08:09 - 2019-01-01 06:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2019-01-09 08:09 - 2019-01-01 06:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2019-01-09 08:09 - 2019-01-01 06:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll

2019-01-09 08:09 - 2019-01-01 06:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll

2019-01-09 08:09 - 2019-01-01 06:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2019-01-09 08:09 - 2019-01-01 06:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2019-01-09 08:09 - 2019-01-01 06:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2019-01-09 08:09 - 2019-01-01 06:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll

2019-01-09 08:09 - 2019-01-01 06:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2019-01-09 08:09 - 2019-01-01 06:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll

2019-01-09 08:09 - 2019-01-01 06:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll

2019-01-09 08:09 - 2019-01-01 06:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2019-01-09 08:09 - 2019-01-01 06:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2019-01-09 08:09 - 2019-01-01 06:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2019-01-09 08:09 - 2019-01-01 06:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll

2019-01-09 08:09 - 2019-01-01 06:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2019-01-09 08:09 - 2019-01-01 06:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2019-01-09 08:09 - 2019-01-01 06:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll

2019-01-09 08:09 - 2019-01-01 06:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2019-01-09 08:09 - 2019-01-01 06:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll

2019-01-09 08:09 - 2019-01-01 06:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2019-01-09 08:09 - 2019-01-01 06:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2019-01-09 08:09 - 2019-01-01 06:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll

2019-01-09 08:09 - 2019-01-01 06:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2019-01-09 08:09 - 2019-01-01 06:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll

2019-01-09 08:09 - 2019-01-01 05:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim

2019-01-09 08:09 - 2018-12-19 04:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2019-01-08 15:42 - 2019-01-24 13:45 - 000000000 ____D C:\Users\admin\Desktop\build_cloud_50.1.9

2019-01-08 15:39 - 2019-01-08 15:40 - 000137287 _____ C:\Users\admin\Desktop\build_cloud_50.1.9.zip

2019-01-08 11:15 - 2019-01-08 11:15 - 000514386 _____ C:\Users\admin\Downloads\ipia user guide.pdf

2019-01-08 11:15 - 2019-01-08 11:15 - 000514386 _____ C:\Users\admin\Downloads\ipia user guide (1).pdf

2019-01-07 06:41 - 2019-01-07 06:41 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2019-01-07 06:41 - 2019-01-07 06:40 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys

2019-01-07 06:41 - 2019-01-07 06:40 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys

2019-01-07 06:41 - 2019-01-07 06:40 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys

2019-01-04 18:53 - 2019-01-04 18:53 - 005259003 _____ C:\Users\admin\Downloads\Ikea kitchen document.pdf

2019-01-03 09:37 - 2019-01-03 09:37 - 000977711 _____ C:\Users\admin\Downloads\Monthly Internet Marketing Report Warren - Aug18.pdf

2019-01-01 16:02 - 2019-01-01 16:02 - 000004512 _____ C:\Users\admin\Desktop\Jan19_Roster.txt

2018-12-28 18:23 - 2018-12-28 18:23 - 000040729 _____ C:\Users\admin\Downloads\M3L1+Deal+Origination+Search+Grid+&+Search+Grid+-+Populated+.xlsx

2018-12-28 15:23 - 2018-12-28 15:23 - 000000000 ____D C:\Users\admin\Desktop\Traidia

2018-12-28 15:22 - 2018-12-28 15:23 - 000000022 _____ C:\Users\admin\Downloads\Traidia Whitepapers.zip

2018-12-27 13:17 - 2018-12-27 13:17 - 000505920 _____ C:\Users\admin\Desktop\cloud3602018signed.pdf

2018-12-27 13:10 - 2018-12-27 13:10 - 000020626 _____ C:\Users\admin\Downloads\CLOUD 360 SOLUTIONS LTD -ACCOUNTS YEAR TO 31ST MARCH 2018.PDF

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 18:15 - 2015-11-19 11:34 - 000000000 ____D C:\Users\admin\Documents\Outlook Files

2019-01-25 18:15 - 2015-11-19 11:31 - 000000000 ____D C:\Users\admin\Documents\Outlook

2019-01-25 18:03 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2019-01-25 17:58 - 2015-12-14 13:17 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps

2019-01-25 17:57 - 2018-03-01 19:23 - 000000000 ____D C:\Users\admin\AppData\Roaming\.ACEStream

2019-01-25 17:53 - 2018-03-14 17:19 - 000000000 ____D C:\Program Files (x86)\TunnelBear

2019-01-25 17:52 - 2018-05-15 07:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2019-01-25 17:52 - 2018-02-05 18:51 - 000000000 ____D C:\Users\admin\AppData\Roaming\WTablet

2019-01-25 17:51 - 2018-04-11 21:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI

2019-01-25 17:46 - 2018-12-19 14:10 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2019-01-25 17:44 - 2018-05-15 07:34 - 000000000 ____D C:\Users\admin

2019-01-25 17:42 - 2015-11-18 19:24 - 000000000 ____D C:\Program Files (x86)\Adobe

2019-01-25 17:38 - 2015-11-23 13:48 - 000000000 ___RD C:\Users\admin\Dropbox

2019-01-25 17:30 - 2015-11-19 10:28 - 000000000 ____D C:\Users\admin\AppData\Local\Greenshot

2019-01-25 16:15 - 2017-07-10 07:40 - 000000000 ____D C:\Users\admin\AppData\Local\GoToMeeting

2019-01-25 16:02 - 2018-05-15 07:46 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F9FEA6DE-A8E1-4D88-8FB1-E0CB672E83AB}

2019-01-25 15:51 - 2018-05-15 07:46 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update

2019-01-25 15:50 - 2018-05-15 07:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2019-01-25 10:57 - 2018-02-07 16:24 - 000000000 ____D C:\Users\admin\AppData\Local\Packages

2019-01-25 10:24 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\AppReadiness

2019-01-25 10:22 - 2015-11-19 13:14 - 000000000 ____D C:\ProgramData\boost_interprocess

2019-01-25 10:14 - 2015-11-19 13:14 - 000000000 ___RD C:\Users\admin\Creative Cloud Files

2019-01-25 10:14 - 2015-11-18 19:23 - 000000000 ____D C:\Users\admin\AppData\Local\Adobe

2019-01-25 10:12 - 2018-04-11 21:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2019-01-25 10:01 - 2018-05-15 07:44 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2019-01-25 10:01 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\INF

2019-01-24 19:19 - 2015-11-18 15:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

2019-01-24 19:16 - 2018-04-11 23:38 - 000000000 ___HD C:\Program Files\WindowsApps

2019-01-24 19:13 - 2016-11-18 09:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2019-01-24 19:13 - 2016-09-10 11:24 - 000000000 ____D C:\Program Files\Microsoft Silverlight

2019-01-24 19:13 - 2016-09-10 11:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2019-01-24 19:13 - 2015-11-23 13:43 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2019-01-24 19:13 - 2015-11-23 13:43 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

2019-01-24 19:13 - 2015-11-19 21:32 - 000000666 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-46578486-4152185240-1140259097-1001.job

2019-01-24 19:13 - 2015-11-19 21:32 - 000000570 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-46578486-4152185240-1140259097-1001.job

2019-01-24 19:13 - 2015-11-18 12:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2019-01-24 16:19 - 2018-12-02 18:46 - 000002654 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP DeskJet 3700 series

2019-01-24 16:19 - 2018-05-23 14:54 - 000002646 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)

2019-01-24 16:19 - 2018-05-15 07:46 - 000003748 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier

2019-01-24 16:19 - 2018-05-15 07:46 - 000003600 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1518980708

2019-01-24 16:19 - 2018-05-15 07:46 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2019-01-24 16:19 - 2018-05-15 07:46 - 000003452 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA

2019-01-24 16:19 - 2018-05-15 07:46 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2019-01-24 16:19 - 2018-05-15 07:46 - 000003278 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2019-01-24 16:19 - 2018-05-15 07:46 - 000003256 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-46578486-4152185240-1140259097-1001

2019-01-24 16:19 - 2018-05-15 07:46 - 000003228 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore

2019-01-24 16:19 - 2018-05-15 07:46 - 000003160 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-46578486-4152185240-1140259097-1001

2019-01-24 16:19 - 2018-05-15 07:46 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2019-01-24 16:19 - 2018-05-15 07:46 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-46578486-4152185240-1140259097-1001

2019-01-24 16:19 - 2018-05-15 07:46 - 000002816 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-TNONK0U-admin

2019-01-24 16:19 - 2018-05-15 07:46 - 000002642 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP ENVY 5540 series

2019-01-24 16:19 - 2018-05-15 07:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software

2019-01-24 13:28 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\NDF

2019-01-24 09:51 - 2018-05-15 07:34 - 000002365 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2019-01-24 09:51 - 2015-11-18 11:54 - 000000000 ___RD C:\Users\admin\OneDrive

2019-01-24 09:30 - 2015-11-23 13:43 - 000000000 ____D C:\Program Files (x86)\Dropbox

2019-01-23 09:56 - 2018-04-11 23:30 - 000000000 ____D C:\WINDOWS\CbsTemp

2019-01-21 08:59 - 2015-11-19 13:17 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2019-01-17 17:22 - 2018-05-30 16:09 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk

2019-01-17 17:19 - 2016-09-10 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2019-01-14 12:59 - 2016-11-20 12:38 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla

2019-01-14 12:57 - 2015-11-18 12:16 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2019-01-09 19:38 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\TextInput

2019-01-09 19:38 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\bcastdvr

2019-01-09 08:18 - 2015-11-18 12:51 - 000000000 ____D C:\WINDOWS\system32\MRT

2019-01-09 08:15 - 2015-11-18 12:51 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2019-01-09 07:59 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2019-01-09 07:59 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\Macromed

2019-01-08 15:52 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2019-01-07 06:41 - 2018-10-23 09:17 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys

2019-01-07 06:41 - 2018-06-23 15:10 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys

2019-01-07 06:41 - 2018-04-11 23:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2019-01-07 06:41 - 2017-11-17 10:15 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys

2019-01-07 06:41 - 2015-11-19 13:17 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2019-01-07 06:41 - 2015-11-19 13:17 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2019-01-07 06:41 - 2015-11-19 13:17 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

2019-01-07 06:41 - 2015-11-19 13:17 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

2019-01-07 06:41 - 2015-11-19 13:17 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2019-01-07 06:41 - 2015-11-19 13:17 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

2019-01-07 06:41 - 2015-11-19 13:17 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys

2019-01-07 06:40 - 2016-02-08 17:09 - 000512048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys

2019-01-03 21:56 - 2018-03-01 20:23 - 000000000 ___HD C:\_acestream_cache_

2019-01-03 20:18 - 2018-03-01 19:21 - 000002072 _____ C:\Users\admin\Desktop\Ace Stream Media Center.lnk

2019-01-03 12:01 - 2015-11-18 19:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2019-01-02 19:41 - 2018-09-27 17:27 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2019-01-02 19:41 - 2018-09-27 17:27 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2018-12-31 08:58 - 2018-05-30 16:08 - 000000000 ____D C:\Users\admin\AppData\Local\AVAST Software

2018-12-26 10:52 - 2017-04-26 20:44 - 000002083 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk

==================== Files in the root of some directories =======

2016-09-27 16:21 - 2016-09-27 16:21 - 000000112 _____ () C:\Users\admin\AppData\Roaming\JP2K CS6 Prefs

2016-07-22 15:44 - 2017-03-06 11:06 - 000040502 _____ () C:\Users\admin\AppData\Roaming\net.telestream.wirecast.xml

2016-02-17 16:23 - 2016-02-17 16:40 - 000016960 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\1eaadjc.dll

2016-02-17 16:23 - 2016-02-17 16:40 - 000018724 ____T () C:\Users\admin\AppData\Roaming\Microsoft\bass.dll

2016-02-17 16:23 - 2016-02-17 16:40 - 000014392 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\kfgresk.dll

2016-02-17 16:23 - 2016-02-17 16:40 - 000014456 ____T () C:\Users\admin\AppData\Roaming\Microsoft\mjcriu.dll

2016-02-17 16:23 - 2016-02-17 16:40 - 000010816 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\peaadje.dll

2016-02-17 16:23 - 2016-02-17 16:40 - 000028760 ____T ((: JOBnik!

[Arthur Aminov, ISRAEL]) C:\Users\admin\AppData\Roaming\Microsoft\qwadjb.dll

2016-02-17 16:23 - 2016-02-17 16:40 - 000015424 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\rsaadjd.dll

2016-02-17 16:23 - 2016-02-17 16:40 - 000098872 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\~DFK637ac04.tmp

2016-02-17 16:30 - 2016-02-17 16:35 - 000004608 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2018-10-01 17:12 - 2018-10-01 17:12 - 000000000 _____ () C:\Users\admin\AppData\Local\oobelibMkey.log

2016-08-22 16:05 - 2017-03-14 10:04 - 000000600 _____ () C:\Users\admin\AppData\Local\PUTTY.RND

Some files in TEMP:

====================

2019-01-24 20:09 - 2019-01-24 20:09 - 001974624 _____ (Oracle Corporation) C:\Users\admin\AppData\Local\Temp\jre-8u201-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\dllhost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-15 07:33

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019

Ran by admin (25-01-2019 18:16:51)

Running from C:\Users\admin\Desktop

Windows 10 Enterprise Version 1803 17134.523 (X64) (2018-05-15 07:46:44)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

admin (S-1-5-21-46578486-4152185240-1140259097-1001 - Administrator - Enabled) => C:\Users\admin

Administrator (S-1-5-21-46578486-4152185240-1140259097-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-46578486-4152185240-1140259097-503 - Limited - Disabled)

Guest (S-1-5-21-46578486-4152185240-1140259097-501 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-46578486-4152185240-1140259097-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

301 Nuke version 2.6 (HKLM-x32\...\{2685190F-9F38-45DF-AEB4-CD34E261FB32}_is1) (Version: 2.6 - 301nuke.com)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)

7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)

Ace Stream Media 3.1.20.4 (HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\AceStream) (Version: 3.1.20.4 - Ace Stream Media) <==== ATTENTION

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)

Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.4 - Adobe Systems Incorporated)

Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)

Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)

Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)

Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.98 - AVAST Software)

Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden

Calendly for Outlook (HKLM-x32\...\{CD7B9A0C-119F-4C0D-B869-2AE4CC8534B5}) (Version: 1.0.1.0 - Calendly)

Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)

CoffeeCup Free HTML Editor (HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\CoffeeCup Free HTML Editor) (Version: - )

CoffeeCup Website Insight (HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\CoffeeCup Website Insight) (Version: 1.1 - CoffeeCup Software)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)

Dropbox (HKLM-x32\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden

Evernote v. 6.1.2 (HKLM-x32\...\{A46ABD1E-2837-11E6-9E7C-005056951CAD}) (Version: 6.1.2.2292 - Evernote Corp.)

FileZilla Client 3.28.0 (HKLM-x32\...\FileZilla Client) (Version: 3.28.0 - Tim Kosse)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden

GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)

GoToMeeting 8.39.1.11584 (HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\GoToMeeting) (Version: 8.39.1.11584 - LogMeIn, Inc.)

GoToMyPC Print Assistant (HKLM\...\{57414DD3-55A7-4D2E-916F-2F1407AABE91}) (Version: 8.6.942 - Softland)

Greenshot 1.2.8.14 (HKLM\...\Greenshot_is1) (Version: 1.2.8.14 - Greenshot)

HP DeskJet 3700 series Basic Device Software (HKLM\...\{307EE3A5-A788-4D01-B615-ABAA728DFB57}) (Version: 40.12.1161.1896 - HP Inc.)

HP DeskJet 3700 series Help (HKLM-x32\...\{9D10BAEF-4767-46EC-8A40-A6E75D84432C}) (Version: 40.0.0 - HP)

HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)

HP ENVY 5540 series Basic Device Software (HKLM\...\{7F9C00D2-32F6-4844-AC17-290D5F06F186}) (Version: 40.11.1119.1786 - HP Inc.)

HP ENVY 5540 series Help (HKLM-x32\...\{3B1BE080-D477-4B94-AAE4-8B0BEC5D0CE3}) (Version: 35.0.0 - Hewlett Packard)

HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

LiveWeb (HKLM-x32\...\{F0A7B33E-C872-42C8-B1A9-55450809DAFF}) (Version: 4.00 - Shyam Pillai)

Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)

McAfee True Key (HKLM\...\TrueKey) (Version: 5.2.167.1 - McAfee, LLC)

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)

Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.11126.20266 - Microsoft Corporation)

Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)

Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)

Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)

MP3MyMP3 4.2 (HKLM-x32\...\MP3MyMP3_is1) (Version: - Bruce McArthur)

MySpeed v3.8.4 (HKLM-x32\...\{D56F5842-C299-4667-B2DA-16B52A575476}) (Version: 3.08.0252 - Enounce Incorporated)

Netpeak Spider version 1.0.13.2 (HKLM-x32\...\{F38BE199-6918-4BEA-A2D2-9B68E90FFC9E}_is1) (Version: 1.0.13.2 - Netpeak)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)

novaPDF 8 Printer Driver (HKLM\...\{1A9E9E77-B29B-47C6-ADEB-9E7D6F7A08CE}) (Version: 8.6.942 - Softland)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden

Product Improvement Study for HP DeskJet 3700 series (HKLM\...\{826144A0-42A2-40D3-A49B-129979BA2B0C}) (Version: 40.12.1161.1896 - HP Inc.)

Product Improvement Study for HP ENVY 5540 series (HKLM\...\{9E4F436B-5B50-4D84-954A-5C8A18CEB836}) (Version: 40.11.1119.1786 - HP Inc.)

Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)

Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)

Sublime Text 1.4 (HKLM-x32\...\Sublime Text_is1) (Version: - )

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)

TunnelBear (HKLM-x32\...\{5dbd322e-98b2-41c8-a2d9-d9f21423afa9}) (Version: 3.2.0.6 - TunnelBear)

TunnelBear (HKLM-x32\...\{EAF52E02-CC78-47F4-A304-F91FDB6A55D1}) (Version: 3.2.0.6 - TunnelBear) Hidden

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)

Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.27-2 - Wacom Technology Corp.)

Web Companion (HKLM-x32\...\{9910738a-1803-4e4d-8fbf-8254accee67c}) (Version: 4.5.1957.3838 - Lavasoft)

Wirecast (HKLM\...\{57A71CEF-3EDD-4D0C-9C5A-5200798E19A4}) (Version: 6.0.1 - Telestream, Inc.)

Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)

Zoom (HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-46578486-4152185240-1140259097-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-FD8E73FEA996}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File

CustomCLSID: HKU\S-1-5-21-46578486-4152185240-1140259097-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\admin\AppData\Local\GoToMeeting\8625\G2MOutlookAddin64.dll => No File

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-17] ()

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc.)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] ()

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0588517B-622B-4142-AB6C-DCD6CC52EC24} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)

Task: {226B6FCB-946E-45B8-A5FE-39696BDA92D0} - System32\Tasks\HPCustParticipation HP ENVY 5540 series => C:\Program Files\HP\HP ENVY 5540 series\Bin\HPCustPartic.exe [2017-03-27] (HP Inc.)

Task: {27DDBAA4-8B71-4633-90C1-255D362A0F89} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)

Task: {27DF28F9-5714-478D-B972-07713E2B7332} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-21] (Microsoft Corporation)

Task: {3AE7FF95-5C8A-4ED0-986D-A52F5D48E7C3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-21] (Microsoft Corporation)

Task: {46614C2D-38E5-407A-B99A-49217132EE5C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)

Task: {4771A3D6-2515-4D68-A5A0-D2AF0EB082E9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-24] (AVAST Software)

Task: {4FC3F51F-5DC9-473A-A1CC-5AECD4D2F707} - System32\Tasks\Opera scheduled Autoupdate 1518980708 => C:\Users\admin\AppData\Local\Programs\Opera\launcher.exe

Task: {5071FE6A-219C-4FA5-9047-1E011FCB1CB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18] (Google Inc.)

Task: {5209E19E-CE48-4E33-A559-A91C4939F46C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)

Task: {5228594D-0524-48D4-BC4B-B8D45987DFA6} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-09-11] (McAfee, Inc.)

Task: {5B514952-7683-44C1-B13C-052E283E5229} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-21] (Microsoft Corporation)

Task: {5CB635C7-75E5-4B1E-B4B9-C3A7B34A2A66} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)

Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()

Task: {78CCD0B2-B450-4B7D-959C-FCAFA374CEB7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)

Task: {8ADFA7B9-D0ED-457C-B140-E9773F542C84} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18] (Google Inc.)

Task: {8D2516FC-2BB4-49C7-B8AC-95688E76C388} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-TNONK0U-admin => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)

Task: {945BD535-9A3E-4ACD-8195-FEFB2C29190C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-30] (AVAST Software)

Task: {A1EE787E-E5A1-48DE-B6E4-CFCB7EACE8EE} - System32\Tasks\G2MUpdateTask-S-1-5-21-46578486-4152185240-1140259097-1001 => C:\Users\admin\AppData\Local\GoToMeeting\11584\g2mupdate.exe [2019-01-21] (LogMeIn, Inc.)

Task: {A72E303B-2B13-479A-BB2F-C93F191D576D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-21] (Microsoft Corporation)

Task: {B6EDFE51-67C3-49D6-9B47-164EBA940C61} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-07] (AVAST Software)

Task: {C3129F32-2833-48A7-9BC9-40C3D3F157AE} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [2018-04-06] (HP Inc.)

Task: {C9E400A1-91D1-4BD7-9730-4C571939475A} - System32\Tasks\G2MUploadTask-S-1-5-21-46578486-4152185240-1140259097-1001 => C:\Users\admin\AppData\Local\GoToMeeting\11584\g2mupload.exe [2019-01-21] (LogMeIn, Inc.)

Task: {CB9705CD-C350-4FCD-9534-73FE27886ED8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {D3A5B232-DC32-4E89-9C33-944BDE0101D6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2019-01-21] (Microsoft Corporation)

Task: {E09EFC31-D767-4426-B4F8-F21E1729E2D2} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe

Task: {ED5B084A-D968-4DA6-8736-2F6025B30EDF} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-05-30] (AVAST Software)

Task: {F2398DC5-BCC6-4F6A-A09E-5363BB7B5595} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)

Task: {F9A446BC-4CE9-4F75-A298-EE7E45481EEC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-46578486-4152185240-1140259097-1001.job => C:\Users\admin\AppData\Local\GoToMeeting\11584\g2mupdate.exe

Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-46578486-4152185240-1140259097-1001.job => C:\Users\admin\AppData\Local\GoToMeeting\11584\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\1481

==================== Loaded Modules (Whitelisted) ==============

2018-04-11 23:34 - 2018-04-11 23:34 - 000444416 _____ () c:\windows\system32\SSDM.dll

2018-04-11 23:34 - 2018-04-11 23:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2018-02-05 18:49 - 2017-12-13 18:49 - 002288072 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll

2018-03-05 19:47 - 2018-03-05 19:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll

2018-04-11 23:34 - 2018-04-11 23:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll

2018-12-12 14:00 - 2018-11-09 02:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll

2016-05-17 22:42 - 2016-05-17 22:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2019-01-07 06:41 - 2019-01-07 06:41 - 000667016 _____ () c:\program files\avast software\avast\streamback.dll

2016-06-17 11:43 - 2016-06-17 11:43 - 000145696 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll

2018-02-12 20:34 - 2018-02-12 20:34 - 000113024 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe

2018-10-23 09:18 - 2018-12-19 14:10 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2018-10-23 09:18 - 2018-12-19 14:10 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

2019-01-09 08:09 - 2019-01-01 06:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll

2019-01-07 06:41 - 2019-01-07 06:41 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2016-05-12 09:46 - 2016-05-12 09:46 - 000021976 _____ () c:\program files (x86)\calendly for outlook\Push\calendlyPush.exe

2018-12-15 13:43 - 2018-12-12 05:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll

2018-12-15 13:43 - 2018-12-12 05:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll

2018-12-09 13:44 - 2018-11-29 04:42 - 070337520 _____ () C:\Program Files\McAfee\TrueKey\Application\libcef.dll

2015-11-10 06:54 - 2015-11-10 06:54 - 000027000 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\ace_update.exe

2018-02-12 20:33 - 2018-02-12 20:33 - 000161792 _____ () C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll

2017-08-20 11:52 - 2019-01-13 17:55 - 000165456 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll

2018-02-18 19:05 - 2019-01-24 19:28 - 000121120 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll

2018-02-18 19:05 - 2019-01-24 19:28 - 000105248 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

2018-02-18 19:05 - 2019-01-24 19:28 - 000373536 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll

2018-02-18 19:05 - 2019-01-24 19:28 - 000059168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll

2018-08-04 14:44 - 2019-01-24 19:28 - 000068384 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll

2018-02-18 19:05 - 2019-01-24 19:28 - 000084256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll

2017-10-04 12:10 - 2018-08-30 07:29 - 000372736 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd

2016-12-17 17:45 - 2016-12-17 17:45 - 000046592 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_socket.pyd

2016-12-17 17:45 - 2016-12-17 17:45 - 001410048 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd

2016-12-17 17:46 - 2016-12-17 17:46 - 001016832 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd

2017-10-01 15:52 - 2017-10-01 15:52 - 000018944 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd

2016-12-17 17:44 - 2016-12-17 17:44 - 000136704 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_elementtree.pyd

2016-12-17 17:44 - 2016-12-17 17:44 - 000136704 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd

2015-11-07 12:14 - 2015-11-07 12:14 - 002977792 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\lxml.etree.pyd

2012-02-07 16:37 - 2012-02-07 16:37 - 000167424 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\win32gui.pyd

2012-02-07 16:35 - 2012-02-07 16:35 - 000110080 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll

2012-02-07 16:36 - 2012-02-07 16:36 - 000035840 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\win32process.pyd

2014-01-23 11:37 - 2014-01-23 11:37 - 000036352 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd

2012-02-07 16:37 - 2012-02-07 16:37 - 000098816 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\win32api.pyd

2012-02-07 16:38 - 2012-02-07 16:38 - 000358912 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll

2012-02-07 16:36 - 2012-02-07 16:36 - 000111616 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\win32file.pyd

2012-02-07 16:36 - 2012-02-07 16:36 - 000024064 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd

2016-12-17 17:44 - 2016-12-17 17:44 - 000687104 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd

2016-12-17 17:44 - 2016-12-17 17:44 - 000010240 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\select.pyd

2016-12-17 17:44 - 2016-12-17 17:44 - 000091648 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd

2017-10-01 15:52 - 2017-10-01 15:52 - 002386432 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pywebrtc.pyd

2017-10-04 12:06 - 2018-08-30 07:29 - 003552768 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd

2013-12-21 13:20 - 2013-12-21 13:20 - 000053248 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_blist.pyd

2013-12-21 13:20 - 2013-12-21 13:20 - 000040448 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd

2011-01-18 21:56 - 2011-01-18 21:56 - 000334336 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd

2011-02-13 15:02 - 2011-02-13 15:02 - 000031232 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd

2017-10-04 12:39 - 2018-08-30 07:29 - 005892096 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd

2016-12-17 17:45 - 2016-12-17 17:45 - 000050688 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_sqlite3.pyd

2016-12-17 17:45 - 2016-12-17 17:45 - 000551424 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\sqlite3.dll

2016-05-08 19:48 - 2016-05-08 19:48 - 000014848 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\netifaces.pyd

2010-10-10 22:23 - 2010-10-10 22:23 - 000723968 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\apsw.pyd

2013-01-29 16:20 - 2013-01-29 16:20 - 000082944 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd

2011-07-15 19:37 - 2011-07-15 19:37 - 000981504 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000746496 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000670720 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000966144 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000674816 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd

2017-10-04 09:07 - 2017-10-04 09:07 - 000273000 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter.pyd

2017-10-01 15:52 - 2017-10-01 15:52 - 000112142 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\libgcc_s_dw2-1.dll

2017-10-01 15:52 - 2017-10-01 15:52 - 000061952 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd

2016-12-17 17:44 - 2016-12-17 17:44 - 000027648 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\_multiprocessing.pyd

2013-01-29 16:20 - 2013-01-29 16:20 - 000066048 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd

2019-01-24 09:30 - 2019-01-22 13:14 - 001213768 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll

2019-01-24 09:30 - 2019-01-22 13:14 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll

2019-01-09 23:06 - 2019-01-22 13:16 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:14 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes36.dll

2019-01-09 23:06 - 2019-01-22 13:14 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000082760 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:14 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom36.dll

2019-01-24 09:30 - 2019-01-22 13:15 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:16 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:16 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:14 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 001457488 _____ () C:\Program Files (x86)\Dropbox\Client\dbxlog._dbxlog.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:16 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 001755472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000101200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt592.sip.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 001885520 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000523600 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 003755344 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000169304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000061784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000042840 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000202584 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000117584 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000214872 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000099664 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:14 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 011941712 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:14 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll

2019-01-24 09:30 - 2019-01-22 13:15 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000272208 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll

2019-01-09 23:06 - 2019-01-22 13:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL

2019-01-09 23:06 - 2019-01-22 13:16 - 000038240 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000026432 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL

2019-01-24 09:30 - 2019-01-22 13:15 - 001967936 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll

2019-01-09 23:06 - 2019-01-22 13:16 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000054096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:17 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd

2019-01-09 23:06 - 2019-01-22 13:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000557392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp36-win32.pyd

2019-01-24 09:30 - 2019-01-22 13:15 - 000335184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp36-win32.pyd

2017-10-04 09:07 - 2017-10-04 09:07 - 000318976 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.jsplayer.pyd

2017-10-01 15:52 - 2017-10-01 15:52 - 000350720 _____ () C:\Users\admin\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pyvlc.pyd

2017-01-18 12:51 - 2017-01-18 12:51 - 000165216 _____ () C:\Users\admin\AppData\Roaming\ACEStream\player\libtsplayer.dll

2017-01-18 12:51 - 2017-01-18 12:51 - 001968480 _____ () C:\Users\admin\AppData\Roaming\ACEStream\player\libtsplayercore.dll

2011-06-12 13:09 - 2011-06-12 13:09 - 000038400 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\_socket.pyd

2011-06-12 13:09 - 2011-06-12 13:09 - 000720896 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd

2011-07-15 19:37 - 2011-07-15 19:37 - 000981504 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000746496 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000670720 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000966144 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd

2011-07-15 19:38 - 2011-07-15 19:38 - 000674816 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd

2011-06-12 13:06 - 2011-06-12 13:06 - 000287232 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd

2011-01-18 21:56 - 2011-01-18 21:56 - 000334336 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd

2011-06-12 13:06 - 2011-06-12 13:06 - 000011776 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\select.pyd

2011-06-12 13:06 - 2011-06-12 13:06 - 000152576 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd

2012-02-07 16:37 - 2012-02-07 16:37 - 000098816 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\win32api.pyd

2012-02-07 16:35 - 2012-02-07 16:35 - 000110080 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll

2012-02-07 16:38 - 2012-02-07 16:38 - 000358912 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll

2012-02-07 16:36 - 2012-02-07 16:36 - 000111616 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\win32file.pyd

2012-02-07 16:36 - 2012-02-07 16:36 - 000024064 _____ () C:\Users\admin\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\admin\Dropbox:user.myxattr [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost

IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com

IE trusted site: HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\localhost -> localhost

IE trusted site: HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\sharepoint.com -> hxxps://cloud360solutions-files.sharepoint.com

IE trusted site: HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 11:04 - 2019-01-25 17:53 - 000000839 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\

HKU\S-1-5-21-46578486-4152185240-1140259097-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg

DNS Servers: 192.168.1.254

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5C51D13D-8B2A-4132-9594-1B7EA4D5BA3D}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc.)

FirewallRules: [{EE384327-96DB-4272-8E31-C5217EF72388}] => (Allow) LPort=5357

FirewallRules: [{C0CA721A-B062-41F7-B739-B5681FA63DA1}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\DeviceSetup.exe (HP Inc.)

FirewallRules: [{B08C1BE3-113F-4022-B6CB-9EB9F598D1C9}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2E36\HPDiagnosticCoreUI.exe No File

FirewallRules: [{C4102D7D-E420-4BEB-9FC7-2545A8BB6C43}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2E36\HPDiagnosticCoreUI.exe No File

FirewallRules: [{98CCB3EC-D30E-4FE9-A31A-65D6922F82B7}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2D7C\HPDiagnosticCoreUI.exe No File

FirewallRules: [{639418CD-71AB-4684-96AB-92C071529B4A}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2D7C\HPDiagnosticCoreUI.exe No File

FirewallRules: [{30CF14A5-F7E5-4F40-B0C7-E8D90B135F2F}] => (Allow) C:\Users\admin\AppData\Local\Programs\Opera\51.0.2830.55\opera.exe No File

FirewallRules: [{6F64ACD9-9966-4128-A11F-FCB4AB3A31E6}] => (Allow) C:\Users\admin\AppData\Roaming\ACEStream\engine\ace_engine.exe (Innovative Digital Technologies)

FirewallRules: [{2ECB55A3-49FA-44DA-88A3-60E3B0DB4403}] => (Allow) C:\Users\admin\AppData\Roaming\ACEStream\engine\ace_engine.exe (Innovative Digital Technologies)

FirewallRules: [{85569FEA-1845-42BA-A351-2A28BE537AA1}] => (Allow) C:\Users\admin\AppData\Local\Programs\Opera\51.0.2830.34\opera.exe No File

FirewallRules: [{9D959A01-454D-47F7-91D6-CFAFC0D63935}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS5ED5\HPDiagnosticCoreUI.exe No File

FirewallRules: [{7DF97707-5A88-4826-8B57-79C2243941EA}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS5ED5\HPDiagnosticCoreUI.exe No File

FirewallRules: [{C5A22B6E-E592-4DF4-B1BE-2498F5E56C39}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS4F0D\HPDiagnosticCoreUI.exe No File

FirewallRules: [{A50FC268-C64A-4CE3-94C7-8C088CDB6C91}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS4F0D\HPDiagnosticCoreUI.exe No File

FirewallRules: [{CB052BA1-CEC0-4671-8937-C76BDC165ADC}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2E81\HP.EasyStart.exe No File

FirewallRules: [{D69927B0-9F82-469F-8148-693CF20F234F}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS467E\HP.EasyStart.exe No File

FirewallRules: [{01A811ED-4962-4D7B-A7C5-F49DA4FBA212}] => (Allow) LPort=8317

FirewallRules: [{E8FEA0D5-4662-496D-A3A6-EA7A0031B6F0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)

FirewallRules: [{3FD7A38B-B88C-4B10-A6B6-28FF44CDDB7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

FirewallRules: [{CE7BF747-619E-4A42-A314-A52A8789EC5C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

FirewallRules: [{1D131AAA-5BBF-47C2-BAC0-2073FA47227C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

FirewallRules: [{1DD0140A-CF6C-4E3A-9EFB-BF0FC6379834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

FirewallRules: [{551B4A0B-8BC0-4C14-877E-44365A274287}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)

FirewallRules: [{4E33E70F-EFC5-4276-8648-CCAE62F5A9D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)

FirewallRules: [{EF982E96-51CD-4828-A6B5-07B8BFBD05D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)

FirewallRules: [{64A8C38F-023C-45A8-B3F8-2BEAB884EE96}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)

FirewallRules: [{1BA8B0BA-1C1A-4C38-B0B0-99047BD41C03}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS7744\HPDiagnosticCoreUI.exe No File

FirewallRules: [{1F1632BD-35A9-446A-9CCE-0D08F426A009}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS7744\HPDiagnosticCoreUI.exe No File

FirewallRules: [{70D537B0-4A52-496B-A1C3-6D4BC72C9210}] => (Allow) LPort=8501

FirewallRules: [{E712745B-3493-4B3A-890D-6E8B1CC3993D}] => (Allow) LPort=8501

FirewallRules: [{973A7AFA-F31D-471D-9E5F-317238A59696}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)

FirewallRules: [{E845A954-84D2-4412-BEEF-F85AEA61EEDB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)

FirewallRules: [{1E7C3624-5FAD-4358-9FA4-61459E6DFFEE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)

FirewallRules: [{F11FFCBF-B2B9-4B26-ABD3-E3B1C04F5188}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)

FirewallRules: [{2CAB2858-1B3E-4318-A5D0-A4AAB2A6D289}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)

FirewallRules: [{B09CC75D-6ADC-49A6-8A61-56D96D2F013B}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS286A\HPDiagnosticCoreUI.exe No File

FirewallRules: [{5EB99369-E263-44BC-86DB-AC33C81C0220}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS286A\HPDiagnosticCoreUI.exe No File

FirewallRules: [{1C88F52A-6AF8-46E7-B34D-CCF49B948065}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2906\HPDiagnosticCoreUI.exe No File

FirewallRules: [{E770817B-E545-400E-9689-43DE34423509}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2906\HPDiagnosticCoreUI.exe No File

FirewallRules: [{19405CEB-8C35-471A-B880-374419EC9AE3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

FirewallRules: [{21E93D36-0454-450D-B9D3-927F6C32427F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

FirewallRules: [{C7A4F1BC-D473-4934-BDE4-A565F058AE28}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS65AF\HPDiagnosticCoreUI.exe No File

FirewallRules: [{2A50B688-AC20-40B6-B40D-C4D96DEA1E8B}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS65AF\HPDiagnosticCoreUI.exe No File

FirewallRules: [{F8B8365B-9536-42E1-A0F9-916642F51645}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe (HP Inc.)

FirewallRules: [{C3567C04-F927-4AB1-9EAB-185AFEFEE423}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc.)

FirewallRules: [{C6BE74B3-34C2-4E36-BA86-FCA4FD7AC82A}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS0908\HPDiagnosticCoreUI.exe No File

FirewallRules: [{311C91F9-5CF2-4C7A-BB5A-F31C6CC08BD2}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS0908\HPDiagnosticCoreUI.exe No File

FirewallRules: [{75FE6AFB-EE0F-43C9-A0F6-DCDAAF7DABEC}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2D50\HPDiagnosticCoreUI.exe No File

FirewallRules: [{382F197A-0541-4743-887F-1B9A948E95ED}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS2D50\HPDiagnosticCoreUI.exe No File

FirewallRules: [{CFDD9EE4-E362-40EF-B6B3-E42A43F5C4DF}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS3C08\HPDiagnosticCoreUI.exe No File

FirewallRules: [{6C0289BE-1826-4CCC-B34A-3995DBFE49E3}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS3C08\HPDiagnosticCoreUI.exe No File

FirewallRules: [{C16974E2-3115-41B1-82A1-0AA5AC04382A}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS3D70\HPDiagnosticCoreUI.exe No File

FirewallRules: [{BE3C6598-6ED4-4436-9587-71B2AFB00789}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS3D70\HPDiagnosticCoreUI.exe No File

FirewallRules: [{6819DE5C-7A68-4B10-A58B-8B18DA0C397C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

FirewallRules: [{184EA6D9-F9AA-47BD-AE48-A5F47D834AB0}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS6834\HPDiagnosticCoreUI.exe No File

FirewallRules: [{6B32724B-2D1D-4ED9-BD32-E2D711BF6D3F}] => (Allow) C:\Users\admin\AppData\Local\Temp\7zS6834\HPDiagnosticCoreUI.exe No File

FirewallRules: [{3678FF42-BF69-4559-87EB-32EF57BB11EB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

FirewallRules: [{7425566C-5450-4855-B601-A04A83CFEA17}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

FirewallRules: [{DA1D9319-1F4E-45AA-94D9-D1D39E6DCBE1}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software)

FirewallRules: [{C1E1A3DB-BDF9-405F-BE39-693DFA414F8D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

Name: Broadcom USH

Description: Broadcom USH

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (01/25/2019 05:57:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamtray.exe, version: 3.1.0.1662, time stamp: 0x5c070ada

Faulting module name: Qt5Core.dll, version: 5.11.1.0, time stamp: 0x5bd23201

Exception code: 0xc0000005

Fault offset: 0x0018dc19

Faulting process id: 0x1730

Faulting application start time: 0x01d4b4d6e1407847

Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll

Report Id: accda2b8-325c-49cd-874e-2fc8d5bc6a81

Faulting package full name:

Faulting package-relative application ID:

Error: (01/25/2019 05:47:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )

Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:

Could not query the status of the EventSystem service.

System Error:

A system shutdown is in progress.

Error: (01/25/2019 11:17:17 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Event-ID 0

Error: (01/25/2019 10:55:13 AM) (Source: Microsoft Office 16) (EventID: 2001) (User: )

Description: Microsoft Word: Rejected Safe Mode action : Word couldn't start last time. Safe mode could help you troubleshoot the problem, but some features might not be available in this mode.

Do you want to start in safe mode?.

Rejected Safe Mode action : Microsoft Word.

Error: (01/25/2019 10:27:53 AM) (Source: VSS) (EventID: 8193) (User: )

Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.

Operation:

Executing Asynchronous Operation

Context:

Current State: DoSnapshotSet

Error: (01/25/2019 10:13:40 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_OFF.

Error: (01/25/2019 10:12:57 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating Windows Defender status to SECURITY_PRODUCT_STATE_ON.

Error: (01/25/2019 09:50:33 AM) (Source: System Restore) (EventID: 8210) (User: )

Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070003.

System errors:

=============

Error: (01/25/2019 05:55:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TNONK0U)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user DESKTOP-TNONK0U\admin SID (S-1-5-21-46578486-4152185240-1140259097-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/25/2019 05:52:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The WCAssistantService service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (01/25/2019 05:52:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the WCAssistantService service to connect.

Error: (01/25/2019 05:52:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The TrueKeyScheduler service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (01/25/2019 05:52:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the TrueKeyScheduler service to connect.

Error: (01/25/2019 05:52:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The TrueKey service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (01/25/2019 05:52:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the TrueKey service to connect.

Error: (01/25/2019 05:52:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TNONK0U)

Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID

{7022A3B3-D004-4F52-AF11-E9E987FEE25F}

and APPID

{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}

CodeIntegrity:

===================================

Date: 2019-01-25 17:53:38.675

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-01-25 17:53:23.093

Description:

Date: 2019-01-25 17:52:34.605

Description:

Date: 2019-01-25 17:51:07.246

Description:

Date: 2019-01-25 17:49:44.295

Description:

Date: 2019-01-25 17:49:25.640

Description:

Date: 2019-01-25 17:48:31.855

Description:

Date: 2019-01-25 17:44:25.695

Description:

==================== Memory info ===========================

Processor: Intel® Core™ i7-2620M CPU @ 2.70GHz

Percentage of memory in use: 47%

Total physical RAM: 8072.89 MB

Available physical RAM: 4213.61 MB

Total Virtual: 14728.89 MB

Available Virtual: 10303.95 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:149.62 GB) (Free:55.25 GB) NTFS

Drive e: (Data) (Fixed) (Total:296.57 GB) (Free:194.56 GB) NTFS

\\?\Volume{14cd345b-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS

\\?\Volume{14cd345b-0000-0000-0000-c08625000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 14CD345B)

Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=149.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=468 MB) - (Type=27)

Partition 4: (Not Active) - (Size=296.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#3
iMacg3

Posted 27 January 2019 - 10:33 AM

GeekU PowerPC G3

GeekU Moderator
1,921 posts

Welcome to the Geeks To Go malware removal forum.
I'm iMacg3 and will be helping you.

Please keep the following information in mind before we begin:

Do not run any fixes or tools on your system unless I request that you do so.
Please read all instructions completely before you complete them.
If your computer seems to start working normally, please don't abandon the topic. Just because your computer doesn't seem to have a problem doesn't mean that it isn't infected.
If you have pirated or illegal software on your computer, remove it now. It is one is the leading causes of malware infecting a computer.
If you have questions about anything, please ask.

--------------------

Press the Windows Key + R. This will open the Run box.
Type Appwiz.cpl and click OK.

A list of installed programs will appear. Uninstall the below program/s by selecting them and clicking Uninstall:

Ace Stream Media

Follow the steps in the uninstaller to remove the program.

--------------------

Open Google Chrome. Type chrome://extensions in the address bar and press Enter.
Click the trash can icon by the following extension/s:

Ace Script

A confirmation dialog will appear. Click Remove.

--------------------

Highlight the contents of the below code box and press Ctrl + C:

Start::

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION

FF HKU\S-1-5-21-46578486-4152185240-1140259097-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\admin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]

CHR NewTab: Default ->  Not-active:"chrome-extension://fabhkdeopjkcpkmofliimbjckmocfiom/newtab.html"
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj] - hxxps://clients2.google.com/service/update2/crx

2016-02-17 16:23 - 2016-02-17 16:40 - 000016960 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\1eaadjc.dll
2016-02-17 16:23 - 2016-02-17 16:40 - 000018724 ____T () C:\Users\admin\AppData\Roaming\Microsoft\bass.dll
2016-02-17 16:23 - 2016-02-17 16:40 - 000014392 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\kfgresk.dll
2016-02-17 16:23 - 2016-02-17 16:40 - 000014456 ____T () C:\Users\admin\AppData\Roaming\Microsoft\mjcriu.dll
2016-02-17 16:23 - 2016-02-17 16:40 - 000010816 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\peaadje.dll
2016-02-17 16:23 - 2016-02-17 16:40 - 000028760 ____T ((: JOBnik! :) [Arthur Aminov, ISRAEL]) C:\Users\admin\AppData\Roaming\Microsoft\qwadjb.dll
2016-02-17 16:23 - 2016-02-17 16:40 - 000015424 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\rsaadjd.dll
2016-02-17 16:23 - 2016-02-17 16:40 - 000098872 ____T (Un4seen Developments) C:\Users\admin\AppData\Roaming\Microsoft\~DFK637ac04.tmp

Task: {CB9705CD-C350-4FCD-9534-73FE27886ED8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

End::

Right-click on FRST/FRST64 and select Run as Administrator.
Click on Fix.
Note - there is no need to paste the contents of the code box anywhere.
If your computer restarts, allow it to do so.
Once the fix is complete, a file called fixlog will be saved to the same directory as FRST. The log may open in Notepad as well.
Please copy and paste the contents of the fixlog into your next reply.

Let me know if the problems persist.

Thanks.

#4
dpm

Posted 28 January 2019 - 05:10 PM

Member

Topic Starter
Member
27 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019

Ran by admin (28-01-2019 23:06:20) Run:1

Running from C:\Users\admin\Desktop

Loaded Profiles: admin (Available Profiles: admin)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

EmptyTemp:

CloseProcesses: