Jump to content

wxlfstealth

Members
  • Content Count

    3
  • Joined

  • Last visited

About wxlfstealth

  • Rank
    New Member
  1. this thread is no longer open to replies, i'm afraid
  2. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017 Ran by Qwerty45 (administrator) on WXLFSTEALTH (01-09-2017 01:42:20) Running from C:\Users\Qwerty45\Downloads Loaded Profiles: Qwerty45 (Available Profiles: Qwerty45 & DefaultAppPool) Platform: Windows 10 Home Version 1703 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE () C:\Windows\System32\msiscxc.exe () C:\Windows\System32\ravcpdkz.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\widimon\widimon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Learnpulse) C:\Users\Qwerty45\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Avid Technology, Inc.) C:\Program Files (x86)\Avid\Application Manager\AvidAppManHelper.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe () C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Image-Line) C:\Program Files (x86)\Image-Line\FL Studio 12.1\FL.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated) HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools\MMERefresh.exe [84992 2015-06-26] (Avid Technology, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2009-01-05] (Apple Inc.) HKLM-x32\...\Run: [AppManHelper] => C:\Program Files (x86)\Avid\Application Manager\AvidAppManHelper.exe [617984 2015-06-09] (Avid Technology, Inc.) HKLM-x32\...\Run: [nisdxfk] => C:\Users\Qwerty45\AppData\Local\ntuserlitelist\nisdxfk\nisdxfk.exe [884224 2017-08-29] () Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-10-29] (Google Inc.) HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.) HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Run: [Google Update] => C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.) HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd) HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-07-14] (Apple Inc.) HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Run: [Discord] => C:\Users\Qwerty45\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.) HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Run: [Screenpresso] => C:\Users\Qwerty45\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [12701760 2017-08-25] (Learnpulse) HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\MountPoints2: {73076b02-afab-11e5-8d74-dc0ea132659d} - "E:\Autorun.exe" HKU\S-1-5-21-46816778-57343354-1960291723-1000\...409d6c4515e9\InprocServer32: [Default-shell32] \\?\globalroot\Device\HarddiskVolume2\Users\Qwerty45\AppData\Local\Temp\spvvpme\somweox\wow.dll ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2017-08-06] ShortcutTarget: Avid Application Manager.lnk -> C:\Windows\Installer\{A59C0B17-6673-46E6-9E00-BB25E755A299}\NewShortcut1_E1E0FF1FC1474601A40EFEF248F11D43.exe (Flexera Software LLC) BootExecute: autocheck autochk * native.exebootdelete ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3ca7c2b2-2e4b-4ebd-a2d5-f4ea6b035f3b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{95b0461c-ad35-4fd9-a9e9-bfb199aa070b}: [DhcpNameServer] 208.201.224.11 208.201.224.33 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130896678514150908&GUID=356F98BF-0B0C-4D53-BC93-B4DB494FEF8B HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com/ HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=130896678518674916&GUID=356F98BF-0B0C-4D53-BC93-B4DB494FEF8B HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com HKU\S-1-5-21-46816778-57343354-1960291723-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com SearchScopes: HKLM -> DefaultScope value is missing SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM -> {3DA7C27B-E286-4FE9-8B88-89520CC5627A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKLM-x32 -> DefaultScope {3982AC7B-C64F-4B7D-A2FF-38572E31320D} URL = SearchScopes: HKLM-x32 -> {3DA7C27B-E286-4FE9-8B88-89520CC5627A} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP SearchScopes: HKU\.DEFAULT -> {3DA7C27B-E286-4FE9-8B88-89520CC5627A} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP SearchScopes: HKU\S-1-5-21-46816778-57343354-1960291723-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-46816778-57343354-1960291723-1000 -> {3DA7C27B-E286-4FE9-8B88-89520CC5627A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1&rlz=1I7TSNP_enUS508 SearchScopes: HKU\S-1-5-21-46816778-57343354-1960291723-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869 SearchScopes: HKU\S-1-5-21-46816778-57343354-1960291723-1000 -> {B0228A14-39ED-4171-861C-F0CFE0453527} URL = SearchScopes: HKU\S-1-5-21-46816778-57343354-1960291723-1000 -> {D7E76E41-47B9-4A01-BFE0-3542AEA4B2AC} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.) BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation) BHO-x32: Media Watch -> {01f7b574-386b-4d5f-b054-57af8651331d} -> C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home4073\ie\MediaWatchV1home4073.dll => No File BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO-x32: Deals Plugin Extension -> {11111111-1111-1111-1111-110211181106} -> C:\Program Files (x86)\Deals Plugin Extension\Deals Plugin Extension.dll => No File BHO-x32: Better Surf Plus -> {1824FF90-C98E-48A6-838F-E3B6572B0C77} -> C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll => No File BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) BHO-x32: BetterSurf -> {6E3C6B04-08FE-43BC-8E50-F90285024DEA} -> C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll => No File BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-21] (Sun Microsystems, Inc.) BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.) Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.) Toolbar: HKU\S-1-5-21-46816778-57343354-1960291723-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.) Toolbar: HKU\S-1-5-21-46816778-57343354-1960291723-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2017-07-24] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon FF HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-30] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll [2014-11-23] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll [2014-11-23] () FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-08-21] (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-04-01] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems) FF Plugin HKU\S-1-5-21-46816778-57343354-1960291723-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Qwerty45\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-46816778-57343354-1960291723-1000: @talk.google.com/O1DPlugin -> C:\Users\Qwerty45\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-46816778-57343354-1960291723-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin HKU\S-1-5-21-46816778-57343354-1960291723-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Qwerty45\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Qwerty45\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.com/ CHR Profile: C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default [2017-09-01] CHR Extension: (Norton Security Toolbar) - C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-08-29] CHR Extension: (Norton Identity Safe) - C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-19] CHR Extension: (SoundCloud Downloader Free) - C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2016-08-17] CHR Extension: (TubeBuddy for YouTube) - C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2017-08-31] CHR Extension: (Chrome Web Store Payments) - C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-21] CHR Extension: (vidIQ Vision for YouTube) - C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2017-08-31] CHR Extension: (Chrome Media Router) - C:\Users\Qwerty45\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-23] CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <no Path/update_url> CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [almclanplcamekachfcgegkhccfcfjob] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha595\ch\MediaViewV1alpha595.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [bamnogeacelmodfckoonpifbabnihkne] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode7720\ch\MediaBuzzV1mode7720.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [bpbihhinmelnmebfeckkncdgpdbkpnfj] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha265\ch\MediaViewerV1alpha265.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-23] CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [gmbhobeefeoagiecgdmehhnanncolknm] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home4073\ch\MediaWatchV1home4073.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ijecbbphegkhdmnicgnddloekamgadpg] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8454\ch\MediaViewV1alpha8454.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com) S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated) S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.) S4 DigiRefresh; C:\Program Files\Avid\Pro Tools\MMERefresh.exe [84992 2015-06-26] (Avid Technology, Inc.) [File not signed] S4 digiSPTIService64; C:\Program Files\Avid\Pro Tools\digisptiservice64.exe [190464 2015-06-26] (Avid Technology, Inc.) [File not signed] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd) S4 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [11774544 2017-08-19] () [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S2 N360; C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\N360.exe [326144 2017-07-14] (Symantec Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S4 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132056 2013-01-31] (Symantec Corporation) S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S4 Thpsrv; C:\windows\system32\ThpSrv.exe [558592 2011-04-20] (TOSHIBA Corporation) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.) S2 9fb84e2b0df14682486e50657f354d01; no ImagePath ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 3cf6d6da3ead87fe90affbc7820fd373; C:\WINDOWS\system32\drivers\3cf6d6da3ead87fe90affbc7820fd373.sys [78744 2017-08-30] (MTQ0HV) <==== ATTENTION S1 962d106b650173b2fcc2b0d78f709f93; no ImagePath S1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20170522.003\BHDrvx64.sys [1862784 2017-05-22] (Symantec Corporation) S1 ccSet_N360; C:\WINDOWS\system32\drivers\N360x64\160A000.055\ccSetx64.sys [187520 2017-07-14] (Symantec Corporation) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-12-25] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2015-12-25] (Disc Soft Ltd) R1 e8d0ca95ef9561120b3a538f54bfba88; C:\WINDOWS\system32\drivers\e8d0ca95ef9561120b3a538f54bfba88.sys [78744 2017-08-29] (MCRITU) <==== ATTENTION S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-07-24] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158336 2017-07-24] (Symantec Corporation) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-08-30] () S3 HTCAND64; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed] S1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20170724.002\IDSvia64.sys [1056920 2017-07-24] (Symantec Corporation) S1 msidntfs; C:\WINDOWS\System32\drivers\msidntfs.sys [81696 2013-07-06] () [File not signed] R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 SRTSP; C:\WINDOWS\System32\Drivers\N360x64\160A000.055\SRTSP64.SYS [810136 2017-07-14] (Symantec Corporation) S1 SRTSPX; C:\WINDOWS\system32\drivers\N360x64\160A000.055\SRTSPX64.SYS [49304 2017-07-14] (Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\N360x64\160A000.055\SYMEFASI64.SYS [1868416 2017-07-14] (Symantec Corporation) S4 SymELAM; C:\WINDOWS\system32\drivers\N360x64\160A000.055\SymELAM.sys [24608 2017-05-11] (Symantec Corporation) S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [102568 2017-07-23] (Symantec Corporation) S1 SymIRON; C:\WINDOWS\system32\drivers\N360x64\160A000.055\Ironx64.SYS [301288 2017-07-14] (Symantec Corporation) S1 SymNetS; C:\WINDOWS\System32\Drivers\N360x64\160A000.055\SYMNETS.SYS [566912 2017-07-14] (Symantec Corporation) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-10-24] (Toshiba Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-08-29] (Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-08-29] (Zemana Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-01 01:42 - 2017-09-01 01:43 - 000028578 _____ C:\Users\Qwerty45\Downloads\FRST.txt 2017-09-01 01:42 - 2017-09-01 01:42 - 000000000 ____D C:\FRST 2017-09-01 01:41 - 2017-09-01 01:41 - 002395648 _____ (Farbar) C:\Users\Qwerty45\Downloads\FRST64.exe 2017-09-01 00:10 - 2017-09-01 00:14 - 000000000 ____D C:\Users\Qwerty45\Downloads\Kaspersky Rescue2Usb 2017-09-01 00:06 - 2017-09-01 00:07 - 000000000 ____D C:\Users\Qwerty45\Documents\New Student Orientation 2017-08-30 23:09 - 2017-08-30 23:10 - 120186702 _____ C:\Users\Qwerty45\Downloads\Main.mp4 2017-08-30 21:50 - 2017-08-30 21:50 - 040383058 _____ C:\Users\Qwerty45\Downloads\retrogrl.wav 2017-08-30 05:09 - 2017-08-30 05:09 - 000628224 _____ C:\WINDOWS\cd7d79639a751643a609d5814c6c8673.exe 2017-08-30 05:09 - 2017-08-30 05:09 - 000078744 _____ (MTQ0HV) C:\WINDOWS\system32\Drivers\3cf6d6da3ead87fe90affbc7820fd373.sys 2017-08-30 05:09 - 2017-08-30 05:09 - 000046467 _____ C:\WINDOWS\uninstaller.dat 2017-08-30 03:05 - 2017-08-30 16:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-08-30 01:22 - 2017-09-01 01:10 - 000000417 _____ C:\DelFix.txt 2017-08-30 01:04 - 2017-08-30 01:04 - 000055286 _____ C:\WINDOWS\system32\.crusader 2017-08-30 00:26 - 2017-08-30 01:08 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2017-08-30 00:25 - 2017-08-30 01:07 - 000000000 ____D C:\ProgramData\HitmanPro 2017-08-29 21:09 - 2017-09-01 01:43 - 004331519 _____ C:\WINDOWS\ZAM.krnl.trace 2017-08-29 21:09 - 2017-09-01 01:43 - 000679683 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2017-08-29 21:09 - 2017-08-29 21:09 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys 2017-08-29 21:09 - 2017-08-29 21:09 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys 2017-08-29 21:09 - 2017-08-29 21:09 - 000001184 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2017-08-29 21:09 - 2017-08-29 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2017-08-29 21:08 - 2017-08-29 21:10 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2017-08-29 21:07 - 2017-08-29 21:07 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\Zemana 2017-08-29 05:35 - 2017-08-29 05:35 - 000078744 _____ (MCRITU) C:\WINDOWS\system32\Drivers\e8d0ca95ef9561120b3a538f54bfba88.sys 2017-08-28 02:46 - 2017-08-28 02:46 - 000562254 _____ C:\Users\Qwerty45\Downloads\08. Tory Lanez - Lord Knows Pt. 2 (Prod. By Play Picasso x Tory Lanez) - Part_2.wav 2017-08-28 02:35 - 2017-08-28 02:35 - 001779882 _____ C:\Users\Qwerty45\Downloads\08. Tory Lanez - Lord Knows Pt. 2 (Prod. By Play Picasso x Tory Lanez) - Part_1.wav 2017-08-28 01:33 - 2015-06-28 23:11 - 011080573 _____ C:\Users\Qwerty45\Downloads\01 - Lord Knows.m4a 2017-08-25 20:29 - 2017-08-25 20:29 - 000002266 _____ C:\Users\Qwerty45\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screenpresso.lnk 2017-08-25 20:28 - 2017-08-25 20:28 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\Learnpulse 2017-08-25 20:28 - 2017-08-25 20:28 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\Learnpulse 2017-08-25 20:26 - 2017-08-25 20:27 - 012701760 _____ (Learnpulse) C:\Users\Qwerty45\Downloads\Screenpresso.exe 2017-08-24 16:00 - 2017-08-24 16:01 - 000122826 _____ C:\Users\Qwerty45\Downloads\London On Da Track Nexus Expansion.zip 2017-08-23 22:11 - 2017-04-21 03:14 - 000916064 _____ (Adobe Systems Incorporated) C:\Users\Qwerty45\Downloads\setup.exe 2017-08-23 16:22 - 2017-08-29 01:55 - 000003274 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller 2017-08-23 15:49 - 2017-08-23 15:50 - 000597612 _____ C:\WINDOWS\Minidump\082317-55390-01.dmp 2017-08-22 22:35 - 2017-08-22 22:35 - 000000552 _____ C:\WINDOWS\system32\reimage.rep 2017-08-22 00:39 - 2017-08-22 01:03 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\obs-studio 2017-08-22 00:39 - 2017-08-22 00:39 - 000001242 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2017-08-22 00:39 - 2017-08-22 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2017-08-22 00:38 - 2017-08-22 00:38 - 000000000 ____D C:\Program Files (x86)\obs-studio 2017-08-22 00:37 - 2017-08-22 00:37 - 101899104 _____ (obsproject.com) C:\Users\Qwerty45\Downloads\OBS-Studio-20.0.1-Full-Installer.exe 2017-08-21 23:09 - 2017-08-21 23:09 - 004608178 _____ C:\Users\Qwerty45\Downloads\looperman-l-1351931-0108238-kadoonthetrack-trap-flute-loop-ii.wav 2017-08-21 23:08 - 2017-08-21 23:08 - 004704178 _____ C:\Users\Qwerty45\Downloads\looperman-l-1351931-0108237-kadoonthetrack-trap-loop.wav 2017-08-21 14:09 - 2017-08-21 14:10 - 003704745 _____ C:\Users\Qwerty45\Downloads\MONEY WAYNE.zip 2017-08-21 13:19 - 2017-08-21 13:20 - 000595140 _____ C:\WINDOWS\Minidump\082117-47375-01.dmp 2017-08-21 13:16 - 2017-08-21 13:16 - 013153786 _____ C:\Users\Qwerty45\Downloads\JWAC (1).zip 2017-08-20 20:44 - 2017-08-20 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2017-08-20 20:42 - 2017-08-20 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-08-20 20:42 - 2017-08-20 20:42 - 000000000 ____D C:\Program Files\iTunes 2017-08-20 20:42 - 2017-08-20 20:42 - 000000000 ____D C:\Program Files\iPod 2017-08-20 14:54 - 2017-08-20 14:54 - 000000015 _____ C:\Users\Qwerty45\Documents\license key.txt 2017-08-20 14:46 - 2017-08-20 14:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2017-08-20 14:34 - 2017-08-22 22:05 - 000012710 _____ C:\WINDOWS\system32\Native.exe 2017-08-20 14:34 - 2017-08-22 22:05 - 000000000 ____D C:\ReimageUndo 2017-08-20 00:00 - 2017-08-20 00:00 - 000002297 _____ C:\Users\Qwerty45\Desktop\Discord.lnk 2017-08-20 00:00 - 2017-08-20 00:00 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-08-19 23:59 - 2017-08-24 01:02 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\discord 2017-08-19 23:59 - 2017-08-19 23:59 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\Discord 2017-08-19 23:57 - 2017-08-20 00:00 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\SquirrelTemp 2017-08-19 23:56 - 2017-08-19 23:57 - 054332920 _____ (Discord Inc.) C:\Users\Qwerty45\Downloads\DiscordSetup.exe 2017-08-19 16:13 - 2017-08-19 16:14 - 058132076 _____ C:\Users\Qwerty45\Downloads\reqwettteretruiem.mp4 2017-08-16 16:18 - 2017-08-16 16:20 - 000651924 _____ C:\WINDOWS\Minidump\081617-57375-01.dmp 2017-08-16 15:09 - 2017-08-16 15:11 - 000617220 _____ C:\WINDOWS\Minidump\081617-47406-01.dmp 2017-08-16 13:44 - 2017-08-16 13:47 - 000597540 _____ C:\WINDOWS\Minidump\081617-44906-01.dmp 2017-08-16 00:58 - 2017-08-16 00:59 - 051966929 _____ C:\Users\Qwerty45\Downloads\JWAC.zip 2017-08-15 07:30 - 2017-08-15 07:30 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2017-08-15 07:30 - 2017-08-15 07:30 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\TileDataLayer 2017-08-14 23:40 - 2017-08-29 23:25 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\llssoft 2017-08-14 23:39 - 2017-08-29 23:25 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\ntuserlitelist 2017-08-14 22:23 - 2017-08-23 15:49 - 000000000 ____D C:\WINDOWS\Minidump 2017-08-13 14:37 - 2017-08-29 23:09 - 000000000 ___HD C:\Program Files (x86)\deon 2017-08-13 14:37 - 2017-08-29 23:08 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\dyapmf 2017-08-13 14:37 - 2017-08-21 01:08 - 000000000 ___HD C:\Program Files (x86)\Midsize 2017-08-13 14:37 - 2017-08-14 23:09 - 000000000 ____D C:\Program Files (x86)\s5 2017-08-13 14:37 - 2017-08-13 14:37 - 002793472 ____N C:\WINDOWS\system32\msiscxc.exe 2017-08-13 14:37 - 2017-08-13 14:37 - 000003856 _____ C:\WINDOWS\System32\Tasks\k72058313 2017-08-13 14:37 - 2017-08-13 14:37 - 000003850 _____ C:\WINDOWS\System32\Tasks\72058313 2017-08-13 14:37 - 2017-08-13 14:37 - 000003850 _____ C:\WINDOWS\System32\Tasks\42112495 2017-08-13 14:37 - 2017-08-13 14:37 - 000003840 _____ C:\WINDOWS\System32\Tasks\54100156 2017-08-13 14:37 - 2017-08-13 14:37 - 000003728 _____ C:\WINDOWS\System32\Tasks\gak72058313k72058313 2017-08-13 14:37 - 2017-08-13 14:37 - 000003722 _____ C:\WINDOWS\System32\Tasks\ga4211249542112495 2017-08-13 14:37 - 2017-08-13 14:37 - 000003720 _____ C:\WINDOWS\System32\Tasks\ga7205831372058313 2017-08-13 14:37 - 2017-08-13 14:37 - 000003710 _____ C:\WINDOWS\System32\Tasks\ga5410015654100156 2017-08-13 14:37 - 2017-08-13 14:37 - 000001302 _____ C:\Users\Qwerty45\Desktop\Google Chrome.lnk 2017-08-13 14:37 - 2017-08-13 14:37 - 000000946 _____ C:\Users\Qwerty45\Desktop\s5.lnk 2017-08-13 14:37 - 2017-08-13 14:37 - 000000020 _____ C:\WINDOWS\b54100156 2017-08-13 14:37 - 2017-08-13 14:37 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\et 2017-08-13 14:37 - 2017-08-13 14:37 - 000000000 ____D C:\Program Files (x86)\trusted 2017-08-13 14:35 - 2017-08-14 22:23 - 000000406 _____ C:\WINDOWS\Tasks\Updater_Online_Application.job 2017-08-13 14:35 - 2017-08-14 22:23 - 000000374 _____ C:\WINDOWS\Tasks\Online Application V2G3.job 2017-08-13 14:35 - 2017-08-14 22:23 - 000000374 _____ C:\WINDOWS\Tasks\Online Application V2G2.job 2017-08-13 14:35 - 2017-08-14 22:23 - 000000374 _____ C:\WINDOWS\Tasks\Online Application V2G1.job 2017-08-13 14:35 - 2017-08-13 14:35 - 000003300 _____ C:\WINDOWS\System32\Tasks\Updater_Online_Application 2017-08-13 14:35 - 2017-08-13 14:35 - 000003264 _____ C:\WINDOWS\System32\Tasks\Online Application V2G3 2017-08-13 14:35 - 2017-08-13 14:35 - 000003264 _____ C:\WINDOWS\System32\Tasks\Online Application V2G2 2017-08-13 14:35 - 2017-08-13 14:35 - 000003264 _____ C:\WINDOWS\System32\Tasks\Online Application V2G1 2017-08-13 14:34 - 2017-08-30 22:36 - 000000000 ____D C:\Program Files\9fb84e2b0df14682486e50657f354d01 2017-08-13 14:34 - 2017-08-13 14:34 - 000031475 _____ C:\WINDOWS\5a295e92eb7692d6756c9349f3ac22fc.ps1 2017-08-13 14:34 - 2017-08-13 14:34 - 000003476 _____ C:\WINDOWS\System32\Tasks\5a295e92eb7692d6756c9349f3ac22fc 2017-08-13 14:34 - 2017-08-13 14:34 - 000003292 _____ C:\WINDOWS\System32\Tasks\9fb84e2b0df14682486e50657f354d01 2017-08-13 14:34 - 2017-08-13 14:34 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL 2017-08-12 01:30 - 2017-08-12 01:30 - 000164370 _____ C:\Users\Qwerty45\Downloads\The_Precisions___If_This_Is_Love_I'd_Rather_Be_Lonely - Part_1.wav 2017-08-11 23:39 - 2017-08-11 23:39 - 064532328 _____ C:\Users\Qwerty45\Downloads\TOO GOOD [BLVCKFLAME].zip 2017-08-11 14:23 - 2017-08-11 14:23 - 011427151 _____ C:\Users\Qwerty45\Downloads\OUTRO.zip 2017-08-11 13:00 - 2017-08-11 13:00 - 023829605 _____ C:\Users\Qwerty45\Downloads\trill bill.zip 2017-08-11 02:42 - 2017-08-11 02:42 - 004233778 _____ C:\Users\Qwerty45\Downloads\looperman-l-1938010-0111766-heyhobo-lofi-hip-hop-rhodes.wav 2017-08-11 02:41 - 2017-08-11 02:41 - 004844110 _____ C:\Users\Qwerty45\Downloads\looperman-l-0911223-0111819-silencekills-bliss-keys-140-fm.wav 2017-08-11 02:38 - 2017-08-11 02:38 - 002646146 _____ C:\Users\Qwerty45\Downloads\looperman-l-2247732-0111855-hbsamples-hbs-broken-piano-a-128bpm.wav 2017-08-11 02:18 - 2017-08-11 02:18 - 001597800 _____ C:\Users\Qwerty45\Downloads\Travi$ Scott - Drunk (Feat. Young Thug) - Part_4.wav 2017-08-09 06:53 - 2017-07-31 22:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2017-08-09 06:53 - 2017-07-31 22:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-08-09 06:53 - 2017-07-31 22:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-08-09 06:53 - 2017-07-31 22:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-08-09 06:53 - 2017-07-31 22:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-08-09 06:53 - 2017-07-31 22:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-08-09 06:53 - 2017-07-31 22:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-08-09 06:53 - 2017-07-31 22:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-08-09 06:53 - 2017-07-31 22:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-08-09 06:53 - 2017-07-31 22:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-08-09 06:53 - 2017-07-31 22:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-08-09 06:53 - 2017-07-31 21:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-08-09 06:53 - 2017-07-28 01:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-08-09 06:53 - 2017-07-28 00:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-08-09 06:53 - 2017-07-28 00:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-08-09 06:53 - 2017-07-28 00:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-08-09 06:53 - 2017-07-28 00:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-08-09 06:53 - 2017-07-28 00:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-08-09 06:53 - 2017-07-28 00:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-08-09 06:53 - 2017-07-28 00:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-08-09 06:53 - 2017-07-28 00:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2017-08-09 06:53 - 2017-07-28 00:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-08-09 06:53 - 2017-07-28 00:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-08-09 06:53 - 2017-07-28 00:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-08-09 06:53 - 2017-07-28 00:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-08-09 06:53 - 2017-07-28 00:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll 2017-08-09 06:53 - 2017-07-28 00:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-08-09 06:53 - 2017-07-28 00:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-08-09 06:53 - 2017-07-28 00:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-08-09 06:53 - 2017-07-28 00:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-08-09 06:53 - 2017-07-28 00:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-08-09 06:53 - 2017-07-28 00:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll 2017-08-09 06:53 - 2017-07-28 00:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-08-09 06:53 - 2017-07-28 00:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2017-08-09 06:53 - 2017-07-28 00:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-08-09 06:53 - 2017-07-28 00:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-08-09 06:53 - 2017-07-28 00:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-08-09 06:53 - 2017-07-28 00:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-08-09 06:53 - 2017-07-28 00:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-08-09 06:53 - 2017-07-28 00:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-08-09 06:53 - 2017-07-28 00:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-08-09 06:53 - 2017-07-28 00:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-08-09 06:53 - 2017-07-28 00:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2017-08-09 06:53 - 2017-07-28 00:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-08-09 06:53 - 2017-07-28 00:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-08-09 06:52 - 2017-07-31 22:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-08-09 06:52 - 2017-07-31 22:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2017-08-09 06:52 - 2017-07-31 22:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2017-08-09 06:52 - 2017-07-31 22:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-08-09 06:52 - 2017-07-31 22:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2017-08-09 06:52 - 2017-07-31 22:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2017-08-09 06:52 - 2017-07-31 22:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-08-09 06:52 - 2017-07-31 22:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-08-09 06:52 - 2017-07-31 22:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2017-08-09 06:52 - 2017-07-31 22:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2017-08-09 06:52 - 2017-07-31 22:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll 2017-08-09 06:52 - 2017-07-31 22:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll 2017-08-09 06:52 - 2017-07-31 22:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll 2017-08-09 06:52 - 2017-07-31 22:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-08-09 06:52 - 2017-07-31 22:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-08-09 06:52 - 2017-07-31 22:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2017-08-09 06:52 - 2017-07-31 22:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-08-09 06:52 - 2017-07-31 21:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-08-09 06:52 - 2017-07-31 18:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll 2017-08-09 06:52 - 2017-07-28 01:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2017-08-09 06:52 - 2017-07-28 01:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-08-09 06:52 - 2017-07-28 01:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-08-09 06:52 - 2017-07-28 01:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-08-09 06:52 - 2017-07-28 00:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2017-08-09 06:52 - 2017-07-28 00:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-08-09 06:52 - 2017-07-28 00:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-08-09 06:52 - 2017-07-28 00:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-08-09 06:52 - 2017-07-28 00:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2017-08-09 06:52 - 2017-07-28 00:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2017-08-09 06:52 - 2017-07-28 00:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll 2017-08-09 06:52 - 2017-07-28 00:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll 2017-08-09 06:52 - 2017-07-28 00:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-08-09 06:52 - 2017-07-28 00:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-08-09 06:52 - 2017-07-28 00:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2017-08-09 06:52 - 2017-07-28 00:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll 2017-08-09 06:52 - 2017-07-28 00:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-08-09 06:52 - 2017-07-28 00:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll 2017-08-09 06:52 - 2017-07-28 00:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-08-09 06:52 - 2017-07-28 00:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-08-09 06:52 - 2017-07-28 00:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-08-09 06:52 - 2017-07-28 00:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2017-08-09 06:52 - 2017-07-28 00:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-08-09 06:52 - 2017-07-28 00:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-08-09 06:52 - 2017-07-28 00:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll 2017-08-09 06:52 - 2017-07-28 00:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-08-09 06:52 - 2017-07-28 00:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-08-09 06:52 - 2017-07-28 00:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2017-08-09 06:52 - 2017-07-28 00:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2017-08-09 06:52 - 2017-07-28 00:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-08-09 06:52 - 2017-07-28 00:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-08-09 06:52 - 2017-07-28 00:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll 2017-08-09 06:52 - 2017-07-28 00:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-08-09 06:52 - 2017-07-28 00:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2017-08-09 06:52 - 2017-07-28 00:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe 2017-08-09 06:52 - 2017-07-28 00:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2017-08-09 06:52 - 2017-07-28 00:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe 2017-08-09 06:52 - 2017-07-28 00:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe 2017-08-09 06:52 - 2017-07-28 00:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2017-08-09 06:51 - 2017-07-31 22:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-08-09 06:51 - 2017-07-31 22:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-08-09 06:51 - 2017-07-31 22:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-08-09 06:51 - 2017-07-31 22:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-08-09 06:51 - 2017-07-31 22:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2017-08-09 06:51 - 2017-07-31 22:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2017-08-09 06:51 - 2017-07-31 22:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2017-08-09 06:51 - 2017-07-31 22:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2017-08-09 06:51 - 2017-07-31 22:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-08-09 06:51 - 2017-07-31 22:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-08-09 06:51 - 2017-07-31 22:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-08-09 06:51 - 2017-07-31 22:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-08-09 06:51 - 2017-07-31 22:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-08-09 06:51 - 2017-07-31 22:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-08-09 06:51 - 2017-07-31 22:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-08-09 06:51 - 2017-07-31 21:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-08-09 06:51 - 2017-07-31 21:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2017-08-09 06:51 - 2017-07-31 21:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-08-09 06:51 - 2017-07-31 21:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2017-08-09 06:51 - 2017-07-31 21:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-08-09 06:51 - 2017-07-31 21:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2017-08-09 06:51 - 2017-07-31 21:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-08-09 06:51 - 2017-07-31 21:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-08-09 06:51 - 2017-07-31 21:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-08-09 06:51 - 2017-07-28 01:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-08-09 06:51 - 2017-07-28 01:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-08-09 06:51 - 2017-07-28 01:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2017-08-09 06:51 - 2017-07-28 01:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2017-08-09 06:51 - 2017-07-28 01:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-08-09 06:51 - 2017-07-28 01:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-08-09 06:51 - 2017-07-28 01:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-08-09 06:51 - 2017-07-28 01:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-08-09 06:51 - 2017-07-28 01:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-08-09 06:51 - 2017-07-28 01:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-08-09 06:51 - 2017-07-28 01:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-08-09 06:51 - 2017-07-28 01:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2017-08-09 06:51 - 2017-07-28 01:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-08-09 06:51 - 2017-07-28 01:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2017-08-09 06:51 - 2017-07-28 01:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-08-09 06:51 - 2017-07-28 01:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-08-09 06:51 - 2017-07-28 00:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2017-08-09 06:51 - 2017-07-28 00:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-08-09 06:51 - 2017-07-28 00:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2017-08-09 06:51 - 2017-07-28 00:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-08-09 06:51 - 2017-07-28 00:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-08-09 06:51 - 2017-07-28 00:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2017-08-09 06:51 - 2017-07-28 00:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2017-08-09 06:51 - 2017-07-28 00:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-08-09 06:51 - 2017-07-28 00:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-08-09 06:51 - 2017-07-28 00:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-08-09 06:51 - 2017-07-28 00:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll 2017-08-09 06:51 - 2017-07-28 00:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-08-09 06:51 - 2017-07-28 00:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-08-09 06:51 - 2017-07-28 00:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-08-09 06:51 - 2017-07-28 00:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-08-09 06:51 - 2017-07-28 00:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-08-09 06:51 - 2017-07-28 00:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-08-09 06:51 - 2017-07-28 00:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2017-08-09 06:51 - 2017-07-28 00:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll 2017-08-09 06:51 - 2017-07-28 00:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2017-08-09 06:51 - 2017-07-28 00:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll 2017-08-09 06:51 - 2017-07-28 00:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2017-08-09 06:50 - 2017-07-31 22:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2017-08-09 06:50 - 2017-07-31 22:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-08-09 06:50 - 2017-07-31 22:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-08-09 06:50 - 2017-07-31 22:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-08-09 06:50 - 2017-07-31 22:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-08-09 06:50 - 2017-07-31 22:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-08-09 06:50 - 2017-07-31 22:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2017-08-09 06:50 - 2017-07-31 22:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-08-09 06:50 - 2017-07-31 21:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-08-09 06:50 - 2017-07-31 21:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-08-09 06:50 - 2017-07-31 21:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-08-09 06:50 - 2017-07-31 21:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2017-08-09 06:50 - 2017-07-31 21:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2017-08-09 06:50 - 2017-07-31 21:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-08-09 06:50 - 2017-07-31 21:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2017-08-09 06:50 - 2017-07-31 21:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-08-09 06:50 - 2017-07-31 21:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2017-08-09 06:50 - 2017-07-31 21:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2017-08-09 06:50 - 2017-07-31 21:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll 2017-08-09 06:50 - 2017-07-31 21:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll 2017-08-09 06:50 - 2017-07-31 21:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-08-09 06:50 - 2017-07-31 21:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-08-09 06:50 - 2017-07-31 21:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-08-09 06:50 - 2017-07-31 21:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2017-08-09 06:50 - 2017-07-31 21:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-08-09 06:50 - 2017-07-31 21:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-08-09 06:50 - 2017-07-31 21:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-08-09 06:50 - 2017-07-31 21:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-08-09 06:50 - 2017-07-31 21:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-08-09 06:50 - 2017-07-31 21:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2017-08-09 06:50 - 2017-07-31 21:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-08-09 06:50 - 2017-07-28 01:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-08-09 06:50 - 2017-07-28 01:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2017-08-09 06:50 - 2017-07-28 01:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-08-09 06:50 - 2017-07-28 01:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-08-09 06:50 - 2017-07-28 01:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2017-08-09 06:50 - 2017-07-28 01:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2017-08-09 06:50 - 2017-07-28 01:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2017-08-09 06:50 - 2017-07-28 01:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-08-09 06:50 - 2017-07-28 01:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-08-09 06:50 - 2017-07-28 01:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2017-08-09 06:50 - 2017-07-28 01:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll 2017-08-09 06:50 - 2017-07-28 01:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-08-09 06:50 - 2017-07-28 01:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-08-09 06:50 - 2017-07-28 01:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll 2017-08-09 06:50 - 2017-07-28 01:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-08-09 06:50 - 2017-07-28 00:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-08-09 06:50 - 2017-07-28 00:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2017-08-09 06:50 - 2017-07-28 00:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll 2017-08-09 06:50 - 2017-07-28 00:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe 2017-08-09 06:50 - 2017-07-28 00:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-08-09 06:50 - 2017-07-28 00:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-08-09 06:50 - 2017-07-28 00:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-08-09 06:50 - 2017-07-28 00:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-08-09 06:50 - 2017-07-28 00:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll 2017-08-09 06:50 - 2017-07-28 00:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-08-09 06:50 - 2017-07-28 00:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2017-08-09 06:50 - 2017-07-28 00:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-08-09 06:50 - 2017-07-28 00:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll 2017-08-09 06:50 - 2017-07-28 00:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll 2017-08-09 06:50 - 2017-07-28 00:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2017-08-09 06:50 - 2017-07-28 00:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2017-08-09 06:50 - 2017-07-28 00:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2017-08-09 06:50 - 2017-07-28 00:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-08-09 06:50 - 2017-07-28 00:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2017-08-09 06:50 - 2017-07-28 00:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2017-08-09 06:50 - 2017-07-28 00:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-08-09 06:50 - 2017-07-28 00:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-08-09 06:50 - 2017-07-28 00:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-08-09 06:50 - 2017-07-28 00:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-08-09 06:50 - 2017-07-28 00:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2017-08-09 06:50 - 2017-07-28 00:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-08-09 06:50 - 2017-07-28 00:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll 2017-08-09 06:50 - 2017-07-28 00:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-08-09 06:50 - 2017-07-28 00:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-08-09 06:50 - 2017-07-28 00:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-08-09 06:50 - 2017-07-28 00:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-08-09 06:50 - 2017-07-28 00:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-08-09 06:50 - 2017-07-28 00:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-08-09 06:50 - 2017-07-28 00:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-08-09 06:50 - 2017-07-28 00:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2017-08-09 06:50 - 2017-07-28 00:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2017-08-09 06:50 - 2017-07-28 00:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-08-09 06:50 - 2017-07-28 00:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-08-09 06:50 - 2017-07-28 00:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-08-09 06:50 - 2017-07-28 00:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-08-09 06:50 - 2017-07-28 00:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2017-08-09 06:50 - 2017-07-28 00:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-08-09 06:50 - 2017-07-28 00:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-08-09 06:50 - 2017-07-28 00:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-08-09 06:50 - 2017-07-28 00:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-08-09 06:50 - 2017-07-28 00:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-08-09 06:50 - 2017-07-28 00:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-08-09 06:50 - 2017-07-28 00:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2017-08-09 06:50 - 2017-07-28 00:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2017-08-09 06:50 - 2017-07-28 00:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2017-08-09 06:50 - 2017-07-28 00:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-08-09 06:50 - 2017-07-28 00:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2017-08-09 06:50 - 2017-07-28 00:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2017-08-09 06:49 - 2017-07-31 21:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2017-08-09 06:49 - 2017-07-31 21:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2017-08-09 06:49 - 2017-07-31 21:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll 2017-08-09 06:49 - 2017-07-31 21:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2017-08-09 06:49 - 2017-07-31 21:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2017-08-09 06:49 - 2017-07-31 21:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2017-08-09 06:49 - 2017-07-31 21:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-08-09 06:49 - 2017-07-31 21:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2017-08-09 06:49 - 2017-07-31 21:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2017-08-09 06:49 - 2017-07-31 21:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2017-08-09 06:49 - 2017-07-28 00:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2017-08-09 06:49 - 2017-07-28 00:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2017-08-09 06:49 - 2017-07-28 00:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll 2017-08-09 06:49 - 2017-07-28 00:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2017-08-09 06:49 - 2017-07-28 00:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-08-09 06:49 - 2017-07-28 00:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll 2017-08-09 06:49 - 2017-07-28 00:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-08-09 06:49 - 2017-07-28 00:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-08-09 06:49 - 2017-07-28 00:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2017-08-09 06:49 - 2017-07-28 00:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll 2017-08-09 06:49 - 2017-07-28 00:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2017-08-09 06:49 - 2017-07-28 00:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2017-08-09 06:49 - 2017-07-28 00:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-08-09 06:49 - 2017-07-28 00:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2017-08-09 00:38 - 2017-08-09 00:41 - 526442953 _____ C:\Users\Qwerty45\Downloads\Woah Dummy Video.mp4 2017-08-08 19:55 - 2017-08-08 19:55 - 000103980 _____ C:\Users\Qwerty45\Downloads\buu_not-for-profit-use - Part_1.wav 2017-08-08 16:10 - 2017-08-08 16:10 - 000016852 _____ C:\Users\Qwerty45\Downloads\Travi$ Scott - Drunk (Feat. Young Thug) - Part_3.wav 2017-08-08 16:09 - 2017-08-08 16:09 - 000007492 _____ C:\Users\Qwerty45\Downloads\Travi$ Scott - Drunk (Feat. Young Thug) - Part_2.wav 2017-08-08 16:06 - 2017-08-08 16:06 - 000008536 _____ C:\Users\Qwerty45\Downloads\Travi$ Scott - Drunk (Feat. Young Thug) - Part_1.wav 2017-08-08 01:09 - 2017-08-08 01:09 - 003253984 _____ C:\Users\Qwerty45\Downloads\ANTIDOTE SAMPLE PITCH IT DOWN 4 SEMITONES AND YOULL GET THE OG SAMPLE CUT.wav 2017-08-08 01:08 - 2017-08-08 01:08 - 003253984 _____ C:\Users\Qwerty45\Downloads\Lee_Fields_-_All_I_Need - Part_1.wav 2017-08-08 00:36 - 2017-08-08 00:36 - 018616336 _____ C:\Users\Qwerty45\Downloads\ACHE_-_Expectation_(1976) - Part_1.wav 2017-08-08 00:36 - 2017-08-08 00:36 - 001234528 _____ C:\Users\Qwerty45\Downloads\ACHE_-_Expectation_(1976) - Part_1 - Part_1.wav 2017-08-07 23:37 - 2017-08-07 23:37 - 000463288 _____ C:\Users\Qwerty45\Downloads\The_four_tops_-_Ask_the_lonely - Part_1.wav 2017-08-07 13:56 - 2017-08-07 13:56 - 001465832 _____ C:\Users\Qwerty45\Downloads\The_Education_of_Sonny_Carson_OST_-_Track_9_-_Flashbulbs - Part_1.wav 2017-08-07 01:53 - 2017-08-07 01:53 - 000028772 _____ C:\Users\Qwerty45\Downloads\Ibanez Pick (1) (1).wav 2017-08-07 01:52 - 2017-08-07 01:52 - 000028772 _____ C:\Users\Qwerty45\Downloads\Ibanez Pick (1).wav 2017-08-06 18:28 - 2017-08-07 02:08 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk 2017-08-06 18:28 - 2017-08-07 02:08 - 000002085 _____ C:\Users\Public\Desktop\iLok License Manager.lnk 2017-08-06 18:28 - 2017-08-07 02:08 - 000000000 ____D C:\Program Files (x86)\iLok License Manager 2017-08-06 18:19 - 2017-08-06 18:21 - 102081890 _____ C:\Users\Qwerty45\Downloads\LicenseSupportInstallerWin64 (1).zip 2017-08-06 18:15 - 2017-08-06 18:15 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\DBG 2017-08-06 18:05 - 2017-08-06 18:05 - 000002027 _____ C:\Users\Public\Desktop\Pro Tools 12.lnk 2017-08-06 18:01 - 2017-08-06 18:01 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\Avid 2017-08-06 18:01 - 2017-08-06 18:01 - 000000000 ____D C:\Users\Public\Documents\Avid Video Engine 2017-08-06 17:54 - 2017-08-06 17:54 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\FLEXnet 2017-08-06 17:51 - 2017-08-06 18:01 - 000000000 ____D C:\Program Files\Avid 2017-08-06 17:49 - 2017-08-06 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid 2017-08-06 17:48 - 2017-08-06 17:54 - 000000000 ___HD C:\AvidDownloads 2017-08-06 17:48 - 2017-08-06 17:51 - 000000000 ____D C:\Program Files (x86)\Avid 2017-08-06 17:48 - 2017-08-06 17:48 - 000000000 ____D C:\ProgramData\Avid 2017-08-06 16:00 - 2015-06-26 22:02 - 000022880 _____ (Avid Technology, Inc.) C:\WINDOWS\system32\Drivers\diginet.sys 2017-08-06 15:42 - 2017-08-13 14:21 - 000000000 ____D C:\Users\Qwerty45\Downloads\pro tools stuff 2017-08-06 15:38 - 2017-08-06 15:38 - 000000035 _____ C:\Users\Qwerty45\Downloads\Password c.txt 2017-08-04 19:25 - 2017-08-04 19:25 - 007543512 _____ C:\Users\Qwerty45\Downloads\sheesh 90 bpm bwoi.wav 2017-08-04 19:17 - 2017-08-04 19:17 - 002441622 _____ C:\Users\Qwerty45\Downloads\Attack_on_Titan_Season_2_OST_03_-_YouSeeBIGGIRL-T-T_(Reiner_Berthold_Transformation_Theme) - Part_4.wav 2017-08-04 17:34 - 2017-08-04 17:34 - 000033386 _____ C:\Users\Qwerty45\Downloads\Attack_on_Titan_Season_2_OST_03_-_YouSeeBIGGIRL-T-T_(Reiner_Berthold_Transformation_Theme) - Part_3.wav 2017-08-02 23:22 - 2017-08-02 23:30 - 000000000 ____D C:\Users\Qwerty45\Downloads\after effects stuff 2017-08-02 12:03 - 2017-08-02 12:03 - 000037416 _____ C:\Users\Qwerty45\Downloads\Franz_Schubert_-_Piano_Trio_No_2_in_E_flat_major - Part_1.wav ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-08-31 23:33 - 2017-07-30 21:01 - 000004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{88C58348-7B8E-40F8-8BAC-B3B5EA8A1725} 2017-08-31 22:43 - 2017-07-30 20:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-08-31 19:47 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-31 19:47 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-31 02:00 - 2012-11-01 01:55 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\Adobe 2017-08-30 22:19 - 2017-07-30 21:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-30 22:18 - 2017-03-18 07:40 - 018087936 _____ C:\WINDOWS\system32\config\HARDWARE 2017-08-30 22:18 - 2017-03-18 07:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-08-30 12:52 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF 2017-08-30 12:06 - 2017-07-30 20:20 - 000000000 ____D C:\Users\Qwerty45 2017-08-30 03:09 - 2013-07-07 12:57 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\ElevatedDiagnostics 2017-08-30 03:00 - 2013-06-30 22:13 - 000000000 ____D C:\WINDOWS\pss 2017-08-30 01:04 - 2013-09-10 09:54 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\TopArcadeHits 2017-08-29 23:42 - 2012-11-22 01:49 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\CrashDumps 2017-08-29 23:09 - 2014-01-30 03:18 - 000000258 __RSH C:\ProgramData\ntuser.pol 2017-08-28 01:36 - 2016-09-21 16:07 - 000000032 _____ C:\ProgramData\aceg.ini 2017-08-25 14:33 - 2012-10-29 13:52 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-23 16:30 - 2012-10-31 20:23 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\Adobe 2017-08-23 16:21 - 2015-09-15 21:11 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-08-23 16:20 - 2015-09-15 21:12 - 000000000 ____D C:\Program Files\Adobe 2017-08-23 15:49 - 2016-09-27 06:36 - 1394984912 _____ C:\WINDOWS\MEMORY.DMP 2017-08-23 01:06 - 2015-09-15 21:21 - 000000000 ____D C:\Users\Qwerty45\Documents\Adobe 2017-08-23 01:06 - 2011-08-21 23:18 - 000000000 ____D C:\ProgramData\Adobe 2017-08-21 14:48 - 2017-05-06 11:33 - 000000000 ____D C:\Users\Qwerty45\Documents\Addictive Keys Logs 2017-08-20 18:58 - 2017-07-30 20:19 - 001390444 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-20 18:52 - 2017-05-03 19:12 - 000000000 ____D C:\ProgramData\Gramblr 2017-08-20 14:58 - 2012-11-01 00:44 - 000000000 ____D C:\Temp 2017-08-20 14:10 - 2012-10-29 14:11 - 000000000 ____D C:\Program Files (x86)\TOSHIBA Games 2017-08-20 14:09 - 2009-07-14 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-08-20 02:14 - 2017-07-30 20:20 - 000000000 ____D C:\Users\DefaultAppPool 2017-08-20 00:26 - 2016-09-15 14:31 - 000000000 ____D C:\Users\Qwerty45\Downloads\Tone2.ElectraX.VSTi.v1.2-prplxr 2017-08-19 23:39 - 2015-12-31 16:45 - 000000000 ____D C:\Program Files (x86)\Program Files (x86) 2017-08-19 14:46 - 2017-05-03 19:12 - 000000000 ____D C:\Program Files\Gramblr 2017-08-16 16:25 - 2017-07-30 21:01 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2017-08-16 16:01 - 2017-07-24 21:56 - 000000000 ____D C:\Users\Qwerty45\Downloads\PhotoshopPortable 2017-08-16 16:01 - 2017-02-16 20:28 - 000000000 ____D C:\Users\Qwerty45\Downloads\EveScripts 2017-08-14 23:44 - 2015-10-18 10:24 - 000000000 ____D C:\Program Files (x86)\Steinberg 2017-08-14 23:26 - 2015-09-15 20:58 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-08-14 22:25 - 2017-03-18 07:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-08-11 00:37 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\rescache 2017-08-09 18:08 - 2015-09-10 01:42 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-08-09 17:37 - 2017-07-30 20:14 - 005079592 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-08-09 17:34 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2017-08-09 17:34 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2017-08-09 17:34 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-08-09 17:34 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\oobe 2017-08-09 17:34 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-08-09 17:33 - 2017-03-18 17:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-08-09 17:33 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-08-09 17:33 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-08-09 07:04 - 2017-03-18 16:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-09 07:01 - 2013-07-18 08:10 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-09 06:55 - 2012-11-02 19:28 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-09 00:37 - 2012-11-01 01:55 - 000000000 ____D C:\Users\Qwerty45\AppData\LocalLow\Adobe 2017-08-08 21:23 - 2015-10-24 23:00 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\Packages 2017-08-07 14:30 - 2015-10-16 13:37 - 000000000 ____D C:\Users\Qwerty45\Downloads\Rodeo (Deluxe) 2017-08-07 13:27 - 2016-09-28 14:40 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\ConnectedDevicesPlatform 2017-08-07 02:38 - 2016-12-28 21:53 - 000004096 _____ C:\Users\Qwerty45\PaceKeyChain 2017-08-06 19:43 - 2016-12-28 03:12 - 000000000 ____D C:\ProgramData\PACE 2017-08-06 19:41 - 2013-02-23 14:42 - 000000000 ____D C:\Users\Qwerty45\AppData\Roaming\SoftGrid Client 2017-08-06 18:29 - 2011-08-21 23:18 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-08-06 18:28 - 2016-12-01 22:03 - 000033504 _____ C:\WINDOWS\system32\Drivers\iLokDrvr.sys 2017-08-06 18:01 - 2015-10-15 20:48 - 000000000 ____D C:\Program Files\Common Files\Avid 2017-08-06 17:48 - 2012-11-01 00:46 - 000000000 ____D C:\Users\Qwerty45\AppData\Local\Downloaded Installations 2017-08-02 22:51 - 2016-09-04 15:20 - 000000000 ___RD C:\Users\Qwerty45\Creative Cloud Files ==================== Files in the root of some directories ======= 2014-07-18 15:53 - 2015-10-18 10:23 - 054401101 _____ () C:\Program Files\LUXONIX_Purity_1_2_7_DEMO_win.exe 2016-09-21 16:07 - 2017-08-28 01:36 - 000000032 _____ () C:\ProgramData\aceg.ini 2013-02-17 17:45 - 2013-02-21 17:14 - 000002041 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== 2017-08-26 16:13 - 2017-08-26 16:13 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext1328032545817477327.dll 2017-08-23 15:30 - 2017-08-23 15:30 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext1518996440393467507.dll 2017-08-24 15:24 - 2017-08-24 15:24 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext1881813077279115734.dll 2017-08-28 02:10 - 2017-08-28 02:10 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext2692807617637592397.dll 2017-08-23 21:04 - 2017-08-23 21:04 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext2737959611233789991.dll 2017-08-25 21:09 - 2017-08-25 21:09 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext2976824129678821684.dll 2017-08-23 15:56 - 2017-08-23 15:56 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext3106095699349482639.dll 2017-08-25 20:22 - 2017-08-25 20:23 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext3914285489675060232.dll 2017-08-21 22:44 - 2017-08-21 22:44 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext4084062227090207294.dll 2017-08-24 23:22 - 2017-08-24 23:22 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext4185893086871371790.dll 2017-08-30 00:17 - 2017-08-30 00:17 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext5105297303184788124.dll 2017-08-30 01:13 - 2017-08-30 01:13 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext5179390872916468894.dll 2017-08-30 12:53 - 2017-08-30 12:53 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext5306205000494281459.dll 2017-08-24 01:06 - 2017-08-24 01:06 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext5377410593191451090.dll 2017-08-28 01:27 - 2017-08-28 01:27 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext5859297050172832128.dll 2017-08-30 22:24 - 2017-08-30 22:24 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext6107483296596590129.dll 2017-08-29 12:38 - 2017-08-29 12:38 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext6277541176908701097.dll 2017-08-28 23:44 - 2017-08-28 23:44 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext7297753989428358316.dll 2017-08-29 23:43 - 2017-08-29 23:43 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext7531531463534043506.dll 2017-08-22 22:40 - 2017-08-22 22:40 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext9136312590766163320.dll 2017-08-23 18:19 - 2017-08-23 18:19 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext921789644283613885.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-08-28 01:51 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017 Ran by Qwerty45 (01-09-2017 01:44:34) Running from C:\Users\Qwerty45\Downloads Windows 10 Home Version 1703 (X64) (2017-07-31 01:17:11) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= 7EF49B7320A04AFCADD3 (S-1-5-21-46816778-57343354-1960291723-1006 - Limited - Enabled) 8FF3F883D5384719B362 (S-1-5-21-46816778-57343354-1960291723-1007 - Limited - Enabled) Administrator (S-1-5-21-46816778-57343354-1960291723-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-46816778-57343354-1960291723-503 - Limited - Disabled) Guest (S-1-5-21-46816778-57343354-1960291723-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-46816778-57343354-1960291723-1002 - Limited - Enabled) Qwerty45 (S-1-5-21-46816778-57343354-1960291723-1000 - Administrator - Enabled) => C:\Users\Qwerty45 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton 360 (Disabled - Out of date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton 360 (Disabled - Out of date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117} FW: Norton 360 (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated) Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_5) (Version: 1.0.5 - Adobe Systems Incorporated) Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated) Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated) Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated) Adobe Photoshop (HKLM\...\{9B08B2EC-C82E-4D24-A3E0-57646E2CE480}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Amazon Music Importer (HKLM-x32\...\{98823CC0-51DA-565C-FF90-DCC72D47BD24}) (Version: 2.0.1 - Amazon Services LLC) Hidden Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 2.0.1 - Amazon Services LLC) Antares Auto-Tune Evo TDM (HKLM-x32\...\{E43E5F45-E924-4D83-9DB9-8D74BCF7A9DD}) (Version: 6.00.0009 - Antares Audio Technologies) Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Authorizer 2.9.0d5 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.9.0d5 - Propellerhead Software AB) Avid Application Manager (HKLM-x32\...\{A59C0B17-6673-46E6-9E00-BB25E755A299}) (Version: 2.4.0.6360 - Avid Technology, Inc.) Avid Effects (HKLM\...\{0B7B27FF-F720-44B2-94C5-EE410050539B}) (Version: 12.1.0.94 - Avid Technology, Inc.) Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 12.1.0.94 - Avid Technology, Inc.) Avid Pro Tools (HKLM\...\{478452E8-ED47-49C9-8B1D-59AD0A57E60A}) (Version: 12.1.0.94 - Avid Technology, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.430 - Corel Inc.) Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated) D110 (HKLM-x32\...\{55C4B9E9-39C8-4BD6-9BCF-41BE40393A5F}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Discord (HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Discord) (Version: 0.0.298 - Discord Inc.) Ease Audio Converter 5.30 (HKLM-x32\...\Ease Audio Converter_is1) (Version: - ) ElectraX full (HKLM-x32\...\Tone2 ElectraX full_is1) (Version: - Tone2) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio 12.1.2 (HKLM\...\FL Studio 12.1.2_is1) (Version: - ) FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden Gramblr (HKLM\...\Gramblr) (Version: 2.9.67 - Gramblr Team) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPAppStudio (HKLM-x32\...\{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}) (Version: 140.0.95.000 - Hewlett-Packard) Hidden HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version: - ) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2430 - Intel Corporation) Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.) iZotope Nectar 2 Production Suite (HKLM-x32\...\iZotope Nectar 2 Production Suite_is1) (Version: 2.03 - iZotope, Inc.) iZotope Nectar Elements (HKLM-x32\...\iZotope Nectar Elements_is1) (Version: 1.00 - iZotope, Inc.) Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.59.2 - JMicron Technology Corp.) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel) LUXONIX Purity DEMO (HKLM-x32\...\LUXONIX_Purity) (Version: 1.2.7 DEMO - LUXONIX) Luxonix Purity VSTi v1.1.2 (HKLM-x32\...\Luxonix Purity VSTi_is1) (Version: - ) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.2.419 - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.9.132 - Native Instruments) Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden Network64 (HKLM\...\{CE47BA54-78AC-409F-9151-BDF5BE15A804}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Norton 360 (HKLM-x32\...\N360) (Version: 22.10.0.85 - Symantec Corporation) Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.5.38.0 - Symantec Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project) Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.6.0 - Microleaves) Hidden <==== ATTENTION PACE License Support Win64 (HKLM\...\{233E2172-6B0E-4444-8BBA-C0D2BB9D7C37}) (Version: 3.1.7.1901 - PACE Anti-Piracy, Inc.) Hidden PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden PACE License Support Win64 (HKLM-x32\...\InstallShield_{233E2172-6B0E-4444-8BBA-C0D2BB9D7C37}) (Version: 3.1.7.1901 - PACE Anti-Piracy, Inc.) PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PS_AIO_07_D110_SW_Min (HKLM-x32\...\{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden QuickTime (HKLM-x32\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.) QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6323 - Realtek Semiconductor Corp.) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Rosetta Stone Ltd Services (HKLM-x32\...\{FFF186B6-4D02-4D8D-A776-C43E062E01A9}) (Version: 3.2.18 - Rosetta Stone Ltd.) Rosetta Stone TOTALe (HKLM-x32\...\{4010ADCB-1347-D570-FCF1-3002CABEBD2F}) (Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden Rosetta Stone TOTALe (HKLM-x32\...\{8A1FEA5E-8DB8-AD80-5C14-AEF33D16EF5A}) (Version: 4.1.1 - Rosetta Stone, Ltd) Hidden Rosetta Stone TOTALe (HKLM-x32\...\com.rosettastone.rosettastonetotale) (Version: 4.1.15.1 - Rosetta Stone, Ltd) Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden Screenpresso (HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\Screenpresso) (Version: 1.7.0.0 - Learnpulse) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (HKLM-x32\...\{8E4B1BE8-DCF3-4B90-A726-B28107442623}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden Status (HKLM-x32\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Sugar Bytes Effectrix Demo 1.4.3 (HKLM\...\Effectrix_is1) (Version: 1.4.3 - Sugar Bytes) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated) Toolbox (HKLM-x32\...\{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}) (Version: 140.0.424.000 - Hewlett-Packard) Hidden Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA) TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION) Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation) TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation) TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation) TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.12C - TOSHIBA CORPORATION) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.1.37C - TOSHIBA CORPORATION) TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.2.15 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation) Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation) TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION) Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation) TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA) TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation) TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.51.2C - TOSHIBA CORPORATION) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation) TOSHIBA VIDEO PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 4.00.7.06-A - TOSHIBA Corporation) TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.30 - TOSHIBA Corporation) TOSHIBA Wireless Display Monitor (HKLM-x32\...\{617773AE-ADBA-4479-BB04-65FE7758B35C}) (Version: 1.0.1 - TOSHIBA CORPORATION) TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5B01BCB7-A5D3-476F-AF11-E515BA206591}) (Version: 1.0.5 - TOSHIBA CORPORATION) TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.6 - TOSHIBA) TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.52.3C - TOSHIBA) Hidden Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.52.3C - TOSHIBA) Hidden WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version: - ) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.) Zynaptiq UNMIX DRUMS 1.0.1 (Win32) (HKLM-x32\...\{1A9FF1F0-7997-41CB-82D9-1661DBA43004}) (Version: 1.0.1 Build 5 - Zynaptiq) Zynaptiq UNMIX DRUMS 1.0.1 (x64) (HKLM\...\{A69D5782-6E75-49AE-8559-FFDE2AD3DE29}) (Version: 1.0.1 Build 5 - Zynaptiq) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-BDF8E70C4DC9}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Qwerty45\AppData\Roaming\unincar\cumadis.dll => No File <==== ATTENTION CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Qwerty45\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-46816778-57343354-1960291723-1000_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> \\?\globalroot\Device\HarddiskVolume2\Users\Qwerty45\AppData\Local\Temp\spvvpme\somweox\wow.dll => No File ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-29] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\NavShExt.dll [2017-07-14] (Symantec Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\windows\SysWOW64\WSCM64.dll [2015-02-27] () ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\NavShExt.dll [2017-07-14] (Symantec Corporation) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation) ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-29] () ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] () ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\buShell.dll [2017-07-14] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\NavShExt.dll [2017-07-14] (Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal) FolderExtensions: [ShellFolder for CD Burning] -> {fbeb8a05-beee-4442-804e-409d6c4515e9} => \\?\globalroot\Device\HarddiskVolume2\Users\Qwerty45\AppData\Local\Temp\spvvpme\somweox\wow.dll -> No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0074551D-2763-4950-B66A-8EDC31E98073} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {04367D5D-79DB-4496-8643-D075517BFA5A} - System32\Tasks\9fb84e2b0df14682486e50657f354d01 => sc start 9fb84e2b0df14682486e50657f354d01 <==== ATTENTION Task: {044A34FF-8FC0-47E1-88A5-FDB3D4B3EE74} - System32\Tasks\AdobeAAMUpdater-1.0-Foxy1-Qwerty45 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {0B907308-7DC3-4600-B3F2-1CABCEC6BD44} - System32\Tasks\72058313 => C:\Program Files (x86)\Midsize\belushi.exe <==== ATTENTION Task: {0C816F3A-8102-46D5-A105-9D6485D62E84} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2017-07-14] (Symantec Corporation) Task: {0FB12037-5454-47F0-9EA6-4D956725EE1E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1072AF4D-DFA5-485E-AEDE-D29FC624701B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {14662B22-C042-4A4C-B294-792DB50EE983} - System32\Tasks\TOSHIBA Wireless Display Monitor => C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe [2010-12-25] (TOSHIBA CORPORATION) Task: {165E7116-B1BA-4576-9555-20F036241DFB} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated) Task: {17263487-C0B5-4256-AD11-6D3E6CCAE652} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\WSCStub.exe [2017-07-14] (Symantec Corporation) Task: {213C676E-C327-4CA8-A2CF-A97CD44B5BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-46816778-57343354-1960291723-1000Core => C:\Users\Qwerty45\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {21B27300-0B53-4D43-8474-0071C5533422} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {230C56DD-CC1A-4282-A783-364866E7EE3B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {25A5701F-473E-4228-85ED-E735F5FF8A6C} - System32\Tasks\ga4211249542112495 => C:\Users\Qwerty45\AppData\Local\belushi.exe Task: {28684D6E-8ECF-4724-BA75-0411AB5C3092} - System32\Tasks\54100156 => C:\Program Files (x86)\Tg\belushi.exe <==== ATTENTION Task: {2A3352D0-BC51-4C74-9B77-CB77E1AF4063} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2D691A94-E9ED-42DA-BBD6-4E47CAD216F5} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {32CD12E2-7184-4953-9A7F-2CB702679DE7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {37E678B0-80AF-4BF5-AB12-D36544AC1B9D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {38C3C139-0C11-4244-B39A-44803186094E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {39ED74B0-F708-4514-972E-57581B16F437} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {3E38D741-5C9D-493E-9FE0-671880A93606} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION Task: {42F46E08-6A86-42D7-A4E1-57D51DD2CBE5} - System32\Tasks\ga7205831372058313 => C:\Program Files (x86)\Midsize\belushi.exe Task: {4874C1A8-FDF8-4243-BC0E-BFF658466C44} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {4930DF5F-6630-42C1-BD68-62FEDAB0DB2A} - System32\Tasks\Updater21806.exe => C:\Users\Qwerty45\AppData\Local\Updater21806\Updater21806.exe <==== ATTENTION Task: {4A0B886C-8DF8-4BDC-B13E-C0BA6BC5412B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {4C213A4E-103B-4129-85F1-35F1564B5893} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5524916F-104A-4FA5-9969-66728A72D2AB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {60F02232-E50B-4DD0-A658-8E0D4DAD4448} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-46816778-57343354-1960291723-1000UA => C:\Users\Qwerty45\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {633C8A62-9A96-4E2C-A4F3-B20EEE4E6C8A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {646D8DB5-7448-4792-9AFC-68423CEDE267} - System32\Tasks\gak72058313k72058313 => C:\Program Files (x86)\trusted\trusted.exe [2017-08-13] (stocks) Task: {64EEADCE-F26A-4FAC-8FAC-46CC1CB83E43} - System32\Tasks\ga5410015654100156 => C:\Program Files (x86)\Tg\belushi.exe Task: {6AF2081A-00A3-4574-AF01-508BC969351D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-09] (Microsoft Corporation) Task: {6EBF7769-E76C-43EC-8EE8-8E08DE8DCF19} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: {765467D8-F1EB-41EB-99CA-60D37BA7BE20} - System32\Tasks\{02E8938B-77B1-4B85-B39D-1A9FEEE9AE2B} => C:\windows\system32\pcalua.exe -a "C:\Users\Qwerty45\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BZLQ34Z2\wlsetup-web.exe" -d C:\Users\Qwerty45\Desktop Task: {7752ECD6-7E18-4728-9D16-1588E25120F3} - System32\Tasks\eh => C:\Program Files (x86)\Image-Line\FL Studio 12.1\FL.exe [2015-08-11] (Image-Line) Task: {7B63278D-519F-46BE-A2CE-B0CC7E12B95C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {7BC96433-8B59-4A11-9F18-5262707E62BD} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\SymErr.exe [2017-07-14] (Symantec Corporation) Task: {7C118ABB-43DA-422A-A112-7793AF1A9C78} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {7F5DD076-48E2-44B1-BB48-26E469BB8694} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {814E97B6-B49C-4538-8E2D-06FD4F6EF85A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-46816778-57343354-1960291723-1000UA1d2b47eb019552 => C:\Users\Qwerty45\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {81DEAEB2-7FFA-43BD-AB5B-5442551AE3A3} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: {83CD15E6-78E4-4759-9F18-F8C56D4784F6} - \Microsoft\Windows\Media Center\StartRecording -> No File <==== ATTENTION Task: {84977A4D-1245-4127-B525-E57ABD9A02C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8989F02E-951F-40C5-85A5-D805C7C85595} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File <==== ATTENTION Task: {9039B8A4-9BB1-4F11-9E6B-59D02FF1785A} - System32\Tasks\{B5F3BE4F-3DF9-4526-B788-1C09136DC0AF} => C:\windows\system32\pcalua.exe -a "C:\Users\Qwerty45\Downloads\wlsetup-web (1).exe" -d C:\Users\Qwerty45\Desktop Task: {94DBB326-E4ED-4B25-8A74-D3BB93D114E3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {966BC96D-F988-4FBC-9347-49D45294C1CF} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-07-13] (Adobe Systems Incorporated) Task: {A876E2D3-F668-42C1-BBEF-4E2F94C4B723} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {AD04852E-9D6B-4F43-8F02-7B542BCF6346} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {B0B96072-0402-4B82-A3F9-E78E91ABFA3B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B56865AE-E127-4FFE-9D1F-D308DD51DCE7} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\SymErr.exe [2017-07-14] (Symantec Corporation) Task: {B79E1AAB-C17F-4DF8-9946-0558BF9F1665} - System32\Tasks\5a295e92eb7692d6756c9349f3ac22fc => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\WINDOWS\5a295e92eb7692d6756c9349f3ac22fc.ps1" <==== ATTENTION Task: {B843A927-CE21-4A45-A9F1-30AB73ECA7DB} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: {B8FAD605-2921-4EEA-801A-2C9A163419F1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C30A8561-BC14-49B2-938E-FFE5E2231D9F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C357ED8B-1006-4F46-AAB2-A73D64F11176} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {C593677A-1D91-4073-A140-5CC7F528AAF2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-46816778-57343354-1960291723-1000Core1d2b47eade154a => C:\Users\Qwerty45\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {C71D0C17-5CA1-45C5-8DCA-52297A318F90} - System32\Tasks\{838766B3-652E-4A71-ACC9-B60A6C97C59F} => C:\WINDOWS\system32\pcalua.exe -a E:\Autorun.exe -d E:\ Task: {D32A2485-6BEC-45EC-A9F0-163C5AD97B66} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.10.0.85\SymErr.exe [2017-07-14] (Symantec Corporation) Task: {D7B105F1-A888-44E3-A9E9-51F296E5A0B5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D8DD1B16-E4E9-4320-B762-D7F7C2BD2270} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {DAEF5D1A-B8B4-4380-B106-45004F8CA530} - System32\Tasks\{378E9AC8-C0F4-4C21-919D-40576465C793} => C:\windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe" Task: {DB9DDE4C-E485-40D1-89D1-FF89FC7DC4F8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DC01740B-B66C-4DFC-B9D3-60E3A43F3262} - System32\Tasks\k72058313 => C:\Program Files (x86)\trusted\trusted.exe [2017-08-13] (stocks) Task: {DC9DA170-18EC-4088-A722-28C4C99960A5} - System32\Tasks\42112495 => C:\Users\Qwerty45\AppData\Local\belushi.exe <==== ATTENTION Task: {E19FDF11-916B-4011-96A7-D74BEEFFA68D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E99D8BDF-2CD3-4415-AE4F-9E3317B5F292} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {F311C6B3-0E3B-4C57-A97E-68B946370F4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {F3F8EE29-04AF-4DA5-9091-28838F2527F1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {FBEBED4A-E9B5-49C9-8ADD-6433E85A3963} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {FDAF80A9-BB2C-4DE3-BA9A-AD37CDF60BB8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FDE5FECE-E336-4644-AECF-7A6469D09539} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2017-08-29 21:09 - 2017-08-29 21:09 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll 2015-10-24 18:50 - 2015-02-27 17:38 - 000721263 _____ () C:\windows\SysWOW64\WSCM64.dll 2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-08-13 14:37 - 2017-08-13 14:37 - 002793472 ____N () C:\WINDOWS\SYSTEM32\MSISCXC.EXE 2017-03-18 16:59 - 2017-03-18 22:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-07-31 22:13 - 2017-07-31 22:13 - 000429568 ____N () C:\WINDOWS\SYSTEM32\RAVCPDKZ.EXE 2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-08-20 20:38 - 2017-05-09 03:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll 2017-08-20 20:38 - 2017-05-09 03:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll 2017-06-08 14:37 - 2017-06-08 14:37 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-08-25 14:19 - 2017-08-25 14:20 - 010600960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-08-25 14:19 - 2017-08-25 14:20 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2017-08-23 15:38 - 2017-08-23 15:39 - 024502272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe 2017-08-23 15:38 - 2017-08-23 15:39 - 009145344 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-08-08 21:21 - 2017-08-08 21:21 - 003544488 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-08-19 15:11 - 2017-08-19 16:16 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-08-19 15:11 - 2017-08-19 16:14 - 029627904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-08-19 15:11 - 2017-08-19 16:16 - 000358912 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-08-19 15:11 - 2017-08-19 16:16 - 002536448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2017-08-19 15:11 - 2017-08-19 16:16 - 020719104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-08-19 15:11 - 2017-08-19 16:16 - 002415104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-08-19 15:11 - 2017-08-19 16:15 - 003065856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-06-08 14:37 - 2017-06-08 14:37 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-14 14:26 - 2017-06-14 14:27 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2017-08-19 15:11 - 2017-08-19 16:16 - 001370112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-07-26 23:15 - 2017-07-26 23:16 - 032960512 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe 2017-07-26 23:15 - 2017-07-26 23:16 - 009161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-07-13 18:37 - 2017-07-13 18:38 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-07-26 23:15 - 2017-07-26 23:16 - 013154304 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.Visuals.dll 2017-07-08 16:46 - 2017-07-08 16:46 - 000016384 _____ () C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.exe 2017-08-25 14:33 - 2017-08-23 04:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll 2017-08-25 14:33 - 2017-08-23 04:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll 2017-07-13 20:50 - 2017-07-13 20:50 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2016-10-05 19:18 - 2016-10-05 19:18 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-24 18:51 - 2015-04-28 18:22 - 001498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2015-10-24 18:51 - 2014-05-19 20:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2013-08-23 12:43 - 2013-08-23 12:43 - 003386880 _____ () c:\program files (x86)\avid\application manager\jre\bin\client\jvm.dll 2017-08-30 22:24 - 2017-08-30 22:24 - 000110592 _____ () C:\Users\Qwerty45\AppData\Local\Temp\ext6107483296596590129.dll 2017-07-08 16:46 - 2017-07-08 16:46 - 017818112 _____ () C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.8.1.0_x86__wgeqdkkx372wm\Twitter.Windows.dll 2015-01-17 05:27 - 2015-01-17 11:27 - 026940728 _____ () C:\Program Files (x86)\Image-Line\Shared\dsp_ipp.dll 2015-03-18 12:18 - 2015-03-18 18:18 - 000534840 _____ () C:\Program Files (x86)\Image-Line\Shared\QuickFontCache.dll 2014-12-02 15:32 - 2014-12-02 21:32 - 000486712 _____ () C:\Program Files (x86)\Image-Line\Shared\freetype.dll 2016-09-23 16:49 - 2015-06-11 07:02 - 000120632 _____ () c:\program files\image-line\fl studio asio\ilwasapi2asio.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\PACE:7CEB1E8A235CA015 [1] AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [120] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-03-18 17:03 - 2017-08-13 14:37 - 000001282 _____ C:\WINDOWS\system32\Drivers\etc\hosts 162.222.193.86 aoaomo.tremorhub.com 188.95.50.62 bobomo.tremorhub.com 162.222.193.86 www.howcast.com 162.222.193.86 howcast.com 162.222.193.86 www.ustream.tv 162.222.193.86 ustream.tv 162.222.193.86 www.livestream.com 162.222.193.86 livestream.com 162.222.193.86 www.dailymotion.com 162.222.193.86 dailymotion.com 192.192.3.8 www.virustotal.com 192.192.3.8 virustotal.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-46816778-57343354-1960291723-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Qwerty45\Pictures\CHAPTER 2 FINALIZED (2).jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: DigiRefresh => 2 MSCONFIG\Services: digiSPTIService64 => 3 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: EvtEng => 2 MSCONFIG\Services: FLEXnet Licensing Service => 3 MSCONFIG\Services: GamesAppIntegrationService => 3 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: gramblrclient => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: IviRegMgr => 2 MSCONFIG\Services: JavkSmZpb => 2 MSCONFIG\Services: LMIRescue_f92948e0-2ce6-4f43-b62f-6b067e3b7d80 => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MyWiFiDHCPDNS => 3 MSCONFIG\Services: NetHttpService => 2 MSCONFIG\Services: Norton PC Checkup Application Launcher => 2 MSCONFIG\Services: PaceLicenseDServices => 2 MSCONFIG\Services: PassThru Service => 2 MSCONFIG\Services: PSI_SVC_2 => 2 MSCONFIG\Services: RegSrvc => 2 MSCONFIG\Services: ReimageRealTimeProtector => 2 MSCONFIG\Services: RosettaStoneDaemon => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Thpsrv => 2 MSCONFIG\Services: TMachInfo => 3 MSCONFIG\Services: TODDSrv => 2 MSCONFIG\Services: TosCoSrv => 2 MSCONFIG\Services: TOSHIBA eco Utility Service => 2 MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3 MSCONFIG\Services: TPCHSrv => 3 MSCONFIG\Services: UNS => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon MSCONFIG\startupreg: DAEMON Tools Lite => "E:\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Google Update => "C:\Users\Qwerty45\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: HP Update => regsvr32.exe C:\Users\Qwerty45\AppData\Local\HP\idqbe32.dll MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe MSCONFIG\startupreg: HTC => rundll32 "C:\Users\Qwerty45\AppData\Local\Google\HTC\idpjhpgbbb.dll",DllRegisterServer MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe MSCONFIG\startupreg: IntelPAN => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray MSCONFIG\startupreg: Internet Security => C:\Users\Qwerty45\AppData\Roaming\tdefender.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KeNotify => "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM MSCONFIG\startupreg: Norton Download Manager{N360216032-SHPD-FSD40014} => C:\Users\Public\Downloads\Norton\{N360216032-SHPD-FSD40014}\NortonN360Downloader.exe /m MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3 MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: SVPWUTIL => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r MSCONFIG\startupreg: ThpSrv => C:\windows\system32\thpsrv /logon MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe HKLM\...\StartupApproved\StartupFolder: => "Avid Application Manager.lnk" HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\StartupApproved\StartupFolder: => "depleting.lnk" HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\StartupApproved\Run: => "fool" HKU\S-1-5-21-46816778-57343354-1960291723-1000\...\StartupApproved\Run: => "chicagoans" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{945D0509-2D2C-40F9-A00D-C108B2ED06D8}C:\users\qwerty45\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\qwerty45\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{926D7698-8EFF-4640-BD1E-2B19B79D8031}C:\users\qwerty45\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\qwerty45\appdata\roaming\spotify\spotify.exe FirewallRules: [{B953947A-13A1-4802-9BD7-CD6FA363C5CE}] => (Allow) LPort=8317 FirewallRules: [{3EE2E7CC-2BC1-4C24-AC8A-BA3983FCBACD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{C4BE876A-F01C-43D2-94A8-3BA940543E0F}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{B7598162-6477-4E3B-B36C-0643E719ADB9}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe FirewallRules: [{C0230BA6-8447-469E-95F6-8FD03B85F8B5}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe FirewallRules: [{AE70206F-009F-47E2-A03F-8E789DB1C01D}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe FirewallRules: [{82B42763-B8A1-4A9A-B108-44939B65D140}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe FirewallRules: [{FE933922-3458-4733-A1F1-EBB0056C4054}] => (Allow) LPort=443 FirewallRules: [{809FA8C6-3F84-4EF0-88F4-06E7841EE0A4}] => (Allow) LPort=443 FirewallRules: [{86F1EA63-73FB-406B-93AD-1F811A61554D}] => (Allow) LPort=37674 FirewallRules: [{ADD9ABBB-6BBF-40D1-8D70-BF5FD597769F}] => (Allow) LPort=37674 FirewallRules: [{3B66A809-E8BE-4B8C-93C7-275B4C4BB14F}] => (Allow) LPort=37675 FirewallRules: [{0CB64445-CA01-4B2B-8F35-C4D02417C9F0}] => (Allow) C:\Users\Qwerty45\AppData\Local\Temp\7zS4142\setup\hpznui40.exe FirewallRules: [{DB78D0BA-F1A0-48AD-B169-CD7CB49047A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{319446BE-F0D4-4AC2-8A3F-7A7DB883FCEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{EE853505-7C9F-4F8C-8891-DE783274C109}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{0B2AB488-C5A5-4772-9F31-FF1E4E1E379D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{9FB9CDE4-8579-49C8-A81D-89F7923B7675}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{F70377C9-DD74-4024-8D81-0B85BEA64C61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{95C6028D-E9A0-4A25-B80C-20F18152EA01}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{4C08DE53-365D-4B74-AA82-EE6102F8FF8D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{FF9BAE26-BE32-4ADD-9F13-9CF53CBA70C9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{AF4F0E96-A53E-4A42-B26C-5957789B09D0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{54806090-E4B8-4E8F-94F6-D032478E4F12}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{6BC0FEEC-DCF1-4127-B896-A74078F63D22}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{18DB864A-D15B-4FF5-B866-C1464C9CF187}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{5009DAB6-DF0B-405D-A1C9-0457372589E9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{ADACEF2E-8977-466C-B664-05DC7BE9A2D4}] => (Allow) C:\Users\Qwerty45\AppData\Local\Temp\7zSFFEA.tmp\SymNRT.exe FirewallRules: [{F5AF263F-CC1D-4A2E-9698-0CB05A6B7662}] => (Allow) C:\Users\Qwerty45\AppData\Local\Temp\7zSFFEA.tmp\SymNRT.exe FirewallRules: [{0AF973F1-F8B9-49FF-9197-06D9CF696787}] => (Allow) C:\Users\Qwerty45\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{FC631D23-AF4A-43A8-B6BD-83CA54A35A37}] => (Allow) C:\Users\Qwerty45\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{5D7BF45F-324D-4965-A407-4F8433504C9C}] => (Allow) C:\Users\Qwerty45\AppData\Local\Temp\7zSB156.tmp\SymNRT.exe FirewallRules: [{2C92C927-263B-44A8-8BF9-4B842F737FC3}] => (Allow) C:\Users\Qwerty45\AppData\Local\Temp\7zSB156.tmp\SymNRT.exe FirewallRules: [{C7553E8D-690E-4B78-A34B-98D86E23AC14}] => (Allow) C:\Users\Qwerty45\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{B514358E-1248-4C21-BB8D-C6D8B185787D}] => (Allow) C:\Users\Qwerty45\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{44EE3369-3A9C-456B-9B5D-2AF7023B5BC6}] => (Allow) LPort=10255 FirewallRules: [{8B3FBEDB-60B6-4156-8964-F9B1869C3C35}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{DA1456A2-7987-4FA0-8082-5EE3901D9B7B}] => (Allow) LPort=2869 FirewallRules: [{D6181CA6-806B-43C9-B0F9-63BD10988E2C}] => (Allow) LPort=1900 FirewallRules: [{66D93A01-98EC-4DFD-B3F2-7B5B7433557B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{2D81A8DE-FA2F-41A2-A158-64FEFD1B295A}] => (Allow) %ProgramFiles% (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe FirewallRules: [{922074AB-CFFD-456D-8700-16A42F308B61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{BDD2D085-309B-4F48-8D5C-A9734687483B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1AD72442-6E3A-49DB-8AD7-9412F8D80F1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6A9A21AE-C648-4E31-A088-CB05FFB0F047}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A1827AA6-EBE6-4D12-960C-9E1DE2248D99}] => (Allow) C:\Program Files\Avid\Pro Tools\AvidVideoEngine.exe FirewallRules: [TCP Query User{B1DCF615-073E-40F7-B6E5-E4E39C7F4A55}C:\program files (x86)\avid\application manager\avidappmanhelper.exe] => (Allow) C:\program files (x86)\avid\application manager\avidappmanhelper.exe FirewallRules: [UDP Query User{542CA5E8-BCA7-46DC-9939-C7BD3F7022F1}C:\program files (x86)\avid\application manager\avidappmanhelper.exe] => (Allow) C:\program files (x86)\avid\application manager\avidappmanhelper.exe FirewallRules: [{ACE2C3DB-1978-4752-9312-C3F039ADC86C}] => (Allow) C:\Program Files (x86)\Tg\belushi.exe FirewallRules: [{C5121901-CAD0-4060-A499-96670C61321F}] => (Allow) C:\Program Files (x86)\Midsize\belushi.exe FirewallRules: [{E65DDD6E-8CE3-4312-8760-39E3453FD063}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{9276238B-355C-4AB0-AA38-4891F7BB602F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 21-08-2017 03:09:34 Scheduled Checkpoint 29-08-2017 14:06:17 Scheduled Checkpoint 29-08-2017 20:19:22 AFTER REIMAGE ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: HP Photosmart D110 Description: HP Photosmart D110 Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Hewlett-Packard Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (08/30/2017 10:19:50 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (08/30/2017 09:49:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WXLFSTEALTH) Description: Activation of app 9E2F88E3.Twitter_wgeqdkkx372wm!x554f661dyd360y462cy8743yf8a99b7d41dbx failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/30/2017 04:19:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: DTLite.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException at DTClient.ViewModel.Wizards.Base.DTWizardBase.CanClose() at System.Linq.Enumerable.All[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>) at DTClient.BaseWindow.RequestClose(Boolean, Boolean) at DTClient.BaseApp.Application_SessionEnding(System.Object, System.Windows.SessionEndingCancelEventArgs) at System.Windows.Application.OnSessionEnding(System.Windows.SessionEndingCancelEventArgs) at System.Windows.Application.WmQueryEndSession(IntPtr, IntPtr ByRef) at System.Windows.Application.AppFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) Error: (08/30/2017 12:47:55 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (08/30/2017 03:14:32 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (08/30/2017 03:12:53 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (08/30/2017 01:08:41 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (08/30/2017 12:12:14 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (08/30/2017 12:02:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WXLFSTEALTH) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/29/2017 11:42:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: WXLFSTEALTH) Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (08/30/2017 10:36:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The 9fb84e2b0df14682486e50657f354d01 service failed to start due to the following error: The system cannot find the path specified. Error: (08/30/2017 10:33:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The -- service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (08/30/2017 10:33:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the -- service to connect. Error: (08/30/2017 10:26:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Downloaded Maps Manager service hung on starting. Error: (08/30/2017 10:20:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The msidntfs service failed to start due to the following error: Access is denied. Error: (08/30/2017 10:19:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (08/30/2017 10:19:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The PCCUJobMgr service failed to start due to the following error: The requested resource is in use. Error: (08/30/2017 10:19:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The N360 service failed to start due to the following error: The requested resource is in use. Error: (08/30/2017 10:19:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The 9fb84e2b0df14682486e50657f354d01 service failed to start due to the following error: The system cannot find the path specified. Error: (08/30/2017 10:19:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. CodeIntegrity: =================================== Date: 2017-08-13 14:36:27.966 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:36:27.963 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:32:19.748 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:32:19.746 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:28:24.485 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:28:24.481 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:28:24.397 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:28:24.393 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:28:24.079 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-08-13 14:28:24.074 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz Percentage of memory in use: 40% Total physical RAM: 8098.68 MB Available physical RAM: 4852.04 MB Total Virtual: 8610.68 MB Available Virtual: 5061.2 MB ==================== Drives ================================ Drive c: (TI106240W0D) (Fixed) (Total:681.25 GB) (Free:207.84 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (Nexus 2) (CDROM) (Total:3.21 GB) (Free:0 GB) UDF Drive f: (IDK) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 1F0FF995) Partition 1: (Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Not Active) - (Size=681.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=867 MB) - (Type=27) Partition 4: (Not Active) - (Size=15.1 GB) - (Type=17) ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 00107179) Partition 1: (Active) - (Size=1.9 GB) - (Type=0C) ==================== End of Addition.txt ============================
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.