idle threads/ semaphore threads

leafaninottawa · March 7, 2018

windows 10 alienware x51 tower is plagued by idle threads and semaphore threads, unkillable in the task manager, runs the CPU at 49% constantly slowing it down considerably, any help would be greatly appreciated

Aura · March 7, 2018

Hi leafaninottawa

Are you renting that computer by any chance?

leafaninottawa · March 8, 2018

Was not a rental, was buy to own paid off tho all mine!!! Lol please help this is a nuisance and I’m tired of sitting around and waiting on this pc to do what I tell it to do

Aura · March 8, 2018

Quote

Was not a rental, was buy to own paid off tho all mine!!!

Sorry, just to make sure I fully understand, you were paying that computer in installment (like, a certain sum every week/month) until you finally bought it?

leafaninottawa · March 8, 2018

Not sure how that matters, but yes that’s correct, it’s paid off! Can we get back to helping with the real issue here please??? Lol

Aura · March 9, 2018

Actually, I'm asking this because in your case, it matters. Here's what's happening:

https://forums.malwarebytes.com/topic/216326-idle-threads-semaphore-problem/?do=findComment&comment=1220545

Basically, you should contact the company you got it from, and ask them if they can use the killswitch to disable the software, and maybe uninstall it remotely.

leafaninottawa · March 9, 2018

so really there's nothing I can do on my part to relieve me of this nuisance??

leafaninottawa · March 9, 2018

this is now my second PC from this company, and my last burning out was the reasoning to get what I have now....be a shame if this burnt out like the last!!!

Aura · March 9, 2018

What company did you buy that computer from? We might be able to remove that software if we get in the Windows RE.

leafaninottawa · March 9, 2018

Easy home lol

leafaninottawa · March 9, 2018

I fought with this software right before it killed my last pc, worked it so damn hard that, that specific model’s downfall plagued me ?

Aura · March 9, 2018

The software they use is installed really deep within the system. I have no idea of how your system will behave if we forcelly remove it. We have a couple of options.

We try to remove their software within the Windows RE and see what happens. It might brick the current Windows installation.
You reinstall Windows on your system (format the drive, reinstall from scratch)
You go to EasyHome, and ask them to remove the software, since they put it there in the first place, but now you own the computer.

leafaninottawa · March 9, 2018

My copy of 10 was an upgrade, I can make a boot disc, and then format / reinstall from there?

Aura · March 9, 2018

Well, it appears that the problem is bigger than I initially thought. Apparently, this is the "software" that is currently installed on your computer.

http://www.pcrentalagent.com/esiteWay/Installing.htm

No matter what you do, it can only be removed by using that "Wand", which I guess EasyHome have.

davidlmo · March 9, 2018

Wow - That is some really nasty stuff!

gonzo · March 9, 2018

A user who has paid off the rental and has paperwork to prove it should be able to sue them out of business. At the very least, carefully (and truthfully) use some social media tactics to help them get zero business in the future. Protecting their investment is one thing. Holding people hostage forever is something else. This all assumes that what they state on that web page is not all FUD.

I could be wrong (and please do not assume that I am right), that any hardware addition could be circumvented followed by a BIOS upgrade. If this is Alienware, it is from Dell. They make all software upgrades (including BIOS upgrades) available on their website. AGAIN, do not make assumptions. Investigate, or have someone who is knowledgeable that you trust investigate. A solution may be available once facts can replace fears and assumptions.

Aura · March 9, 2018

In addition to what gonzo said, let's see if there's something we can try in your situation.

Farbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.

Download the right version of FRST for your system:
- FRST 32-bit
- FRST 64-bit
  Note: Only the right version will run on your system, the other will throw an error message. So if you don't know what your system's version is, simply download both of them, and the one that works is the one you should be using.
Move the executable (FRST.exe or FRST64.exe) on your Desktop
Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds
Make sure the Addition.txt box is checked
Click on the Scan button
On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files
Copy and paste the content of both FRST.txt and Addition.txt in your next reply

leafaninottawa · March 9, 2018

Before I do this I’m gonna take it back to easyhome and have this rectified! If not, I’m taking legal action, and I’m guaranteeing there’s more people in the country being held hostage like this!

Aura · March 9, 2018

I'm sure there is. You're the 2nd person I get this week with this issue. Please let us know how it goes!

leafaninottawa · March 9, 2018

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by AlienGamerEH (09-03-2018 09:46:28)
Running from C:\Users\AlienGamerEH\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2018-02-22 06:04:13)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4151391936-2637048794-3085849956-500 - Administrator - Disabled)
AlienGamerEH (S-1-5-21-4151391936-2637048794-3085849956-1001 - Administrator - Enabled) => C:\Users\AlienGamerEH
DefaultAccount (S-1-5-21-4151391936-2637048794-3085849956-503 - Limited - Disabled)
Guest (S-1-5-21-4151391936-2637048794-3085849956-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4151391936-2637048794-3085849956-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4151391936-2637048794-3085849956-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware)
Alienware Command Center (HKLM\...\{EE0AF3EC-E4C8-4B0C-9ED6-2C51B27DD0A0}) (Version: 3.0.26.0 - Alienware Corp.) Hidden
Alienware Command Center (HKLM-x32\...\InstallShield_{EE0AF3EC-E4C8-4B0C-9ED6-2C51B27DD0A0}) (Version: 3.0.26.0 - Alienware Corp.)
Alienware Customer Surveys (HKLM-x32\...\{9AAA35D1-B21D-4610-BBAE-18FE2D00C3E0}) (Version: 1.11.4124 - Dell Inc.)
Alienware Digital Delivery (HKLM-x32\...\{C0C47F85-F48F-4709-9150-3FA62FA2DEAF}) (Version: 2.6.1000.0 - Dell Products, LP)
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.8.3036 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{9C775BB6-1453-45EB-8C78-A5CC5199113D}) (Version: 16.77.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.77.3.23060 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CreaderUpdate (HKLM-x32\...\{8A795EA0-DCEA-4D46-9E26-B34D74D55DCA}) (Version: 1.00.000 - LAUNCH)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
dr.fone toolkit for iOS (Version 8.5.0) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 8.5.0.54 - Wondershare Technology Co.,Ltd.)
DriverIntall (HKLM-x32\...\{BDDB702E-4865-49FD-9129-7999A88A3831}) (Version: 1.00.0000 - cnlaunch) Hidden
DriverIntall (HKLM-x32\...\InstallShield_{BDDB702E-4865-49FD-9129-7999A88A3831}) (Version: 1.00.0000 - cnlaunch)
Dropbox (HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
EaseUS MobiSaver (HKLM-x32\...\EaseUS MobiSaver_is1) (Version: - EaseUS)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.21.1 - SCS Software)
Facebook Gameroom 1.3.1.3 (HKLM-x32\...\{7E155A45-DE1A-46E0-A6B2-10FE1D8501FC}) (Version: 1.3.1.3 - Facebook)
FMW 1 (HKLM\...\{273A8690-0AA7-4325-95ED-238F69490C0E}) (Version: 1.227.9 - AVG Technologies) Hidden
FoneLab 8.5.36 (HKLM-x32\...\{CA7ED0B0-3CD4-4254-A9D2-2D7F78C5E3C5}_is1) (Version: 8.5.36 - Aiseesoft Studio)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
LaunchDIY_Update (HKLM-x32\...\{E651B3B6-6379-4FB5-BDC1-9E7BCFA20ABC}) (Version: 1.00.002 - LAUNCH)
LibreOffice 5.2.3.3 (HKLM-x32\...\{30605C95-A3A0-4A08-AD58-9AE7ABA47B70}) (Version: 5.2.3.3 - The Document Foundation)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MechWarrior Online (HKLM-x32\...\{1A14AC87-9585-4AC5-BA5D-0A3A4C6AF7D4}) (Version: 1.6.1.0 - Piranha Games Inc.) Hidden
MechWarrior Online (HKLM-x32\...\{9f17023b-d04f-432b-b08a-3bb4c3a7ed3c}) (Version: 1.6.0.0 - Piranha Games Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9029.2167 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSI ODD Monitor (HKLM-x32\...\{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.6 - Micro-Star Int'l Co., Ltd.) Hidden
MSI ODD Monitor (HKLM-x32\...\InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.6 - Micro-Star Int'l Co., Ltd.)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
ReiBoot (HKLM-x32\...\ReiBoot) (Version: - Tenorshare, Inc.)
Roblox Player for AlienGamerEH (HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9C4F3AF4-21D8-43BD-A69C-517BB96012CF}) (Version: 2.12.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinX DVD Author 6.3.7 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warships (HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-11-13] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-02-07] (Cyberlink)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-02-07] (Cyberlink)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2018-01-22] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-12-23] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-11-13] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4151391936-2637048794-3085849956-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-4151391936-2637048794-3085849956-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-4151391936-2637048794-3085849956-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2015-01-08] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04ACFFB6-810F-4359-91F8-DEDB34F7EF1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0592556A-5797-46F0-AE97-3E4275F4D70D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1A701D84-DDCB-4A0F-A3B6-5C7B42D6F6A8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1A97D29E-DB98-4A54-A681-3AD6B96FEC3A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {25D9C75E-5407-41D1-AB0D-E77CF131168B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2642C1BD-06FD-41EE-B789-A6971E4D187D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {26A5E551-6E87-415B-A5BB-8C5FA11BCA4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28FD5DF4-15C8-4846-9B88-378A134D3F84} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {30AEFC67-F451-41D0-9107-9E3C062295CE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {322D6DA2-8DA3-4657-BA6B-47E1B5F8D405} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {3D1B8B0E-6642-4134-B72D-F76D88BE4544} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4520FBF3-1D6B-4DB2-9506-1D23597C2239} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4CE4033A-BEB9-45F8-9ACE-085A50C2E917} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {505ED17B-D914-44C2-81E3-CAD9A5C2FD95} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5680FE11-A0B3-44F8-9A76-34673C245555} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {61F655F8-95BD-4DB3-8ED4-1E46AFDA3A7B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62CD5F12-2156-440D-BE8B-E128153E58A2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {646A6FEA-79B1-4108-A70B-CFE7D047F4D9} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe
Task: {652A2A8D-3711-41F9-B0E1-D54559D0DBCF} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {716413DF-51B2-4C99-9B48-B2236E45631E} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2018-01-22] (AVG Technologies CZ, s.r.o.)
Task: {761C185F-4AFC-40D7-A209-BE184C376204} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14] (Google Inc.)
Task: {77C52AC0-FC10-43FA-9BC3-14B76734CE67} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7A14CA65-B2A2-4788-B4F3-D25BEFE56933} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {89657CEF-1131-4EB4-A484-C103C3EE478D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8B3454B0-E5CB-4BEA-9D5F-DC36E6E6A619} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8CC764A0-B47D-4174-9FED-261CA4736C55} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {952ECA47-E3D2-4276-BBA6-678D6F22392B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {99CC4313-2BE2-426F-B7EC-F92BE2F74BFB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {9AD9716F-7D47-4451-AD76-06C32440B3E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-14] (Google Inc.)
Task: {9E4DB2E9-F2F2-4743-98AA-ABCD13007A82} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {9F07877B-840A-4DE6-93FF-B356722AB929} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-21] (Adobe Systems Incorporated)
Task: {A0AD93EE-B1F6-47DC-84E8-E04FC439B668} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A444E306-C112-40B0-98FD-20C2E350B87B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A45031B4-CE64-45E6-A290-E46EE19ED9FE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4C33CA6-31FF-4199-907F-5695566CF2CB} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-11-13] (AVG Technologies CZ, s.r.o.)
Task: {AD54EE50-5921-4BD8-877E-3A83EF43194B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe
Task: {B4E62351-B816-4276-8722-D87883E92C8A} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-02-27] (AVG Technologies CZ, s.r.o.)
Task: {B80B82BB-EF32-41FC-82B7-78EA124485F8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B8541BDC-C229-498C-9F4F-02E7897007D0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAEE117B-20B4-49EA-94A2-D757CE74E18B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C10F07FE-3A13-4973-8219-DC5D3116EDF8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {C7305E93-8B36-41C8-BF5B-122136C99118} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C981AC83-3EC0-4C8D-BB3E-8D12212230E9} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {CA209243-FFD3-4C33-8101-CF53D720C344} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CADA04C9-27BA-4AFF-9D71-F8B387745025} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {CDC707FF-9195-4149-9F0A-29FDCDDB740F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-01] (Microsoft Corporation)
Task: {D26CA592-C897-4C85-869B-927FDBC7F31F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-01] (Microsoft Corporation)
Task: {D33852CA-C423-4FD3-AC01-697759769829} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E206930B-D939-443E-BF43-456EB47D8EA7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {E7C4ECB2-A11B-4254-8520-7BC90DA973F6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {E7CE2F71-A981-4344-A9D2-3CF6FE79E734} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {ECB6050B-1EED-402B-8686-244B9ACDCB1D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF62269D-A795-4E81-B886-6C8C9588251C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2E2DE24-09C8-4820-BAC9-27862800F5B6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {F365DE6C-571F-4B97-B178-88BE6EF6442A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F7F02293-7E38-4A65-83B0-3538AB5D429F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F82A1E81-D92D-42DF-A61D-B2DCB5174372} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {F9E91EB6-15B3-4AA1-B15E-6D680926290E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-01] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-01-26 08:38 - 2017-12-19 10:17 - 000981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-03 12:30 - 2012-01-26 21:49 - 002751808 _____ () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
2018-02-22 03:11 - 2018-02-22 03:11 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-27 08:50 - 2018-02-27 08:50 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-02-27 08:50 - 2018-02-27 08:50 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-02-27 08:50 - 2018-02-27 08:51 - 021824000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-02-27 08:50 - 2018-02-27 08:50 - 002529792 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-27 08:50 - 2018-02-27 08:50 - 000649216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-12-11 11:05 - 2017-12-11 11:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-12-11 11:05 - 2017-12-11 11:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2016-01-26 08:38 - 2017-12-19 10:17 - 002187336 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2017-10-13 13:45 - 2017-06-14 09:53 - 000087208 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
2018-03-01 01:54 - 2018-03-01 02:00 - 000477696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-03-01 01:54 - 2018-03-01 01:59 - 059575808 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 02:20 - 2017-09-30 02:22 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-02-21 12:56 - 2018-02-21 13:10 - 000010240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-03-01 01:54 - 2018-03-01 01:59 - 003741184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-12-14 14:57 - 2017-12-14 15:01 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-03-01 01:54 - 2018-03-01 02:00 - 015986688 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-03-01 01:54 - 2018-03-01 01:59 - 003592704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-03-01 01:54 - 2018-03-01 01:54 - 003231232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-03-01 01:54 - 2018-03-01 02:00 - 001369088 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-21 12:40 - 2018-02-21 12:41 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-01 01:54 - 2018-03-01 01:55 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-02-21 12:56 - 2018-02-21 13:10 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-03-01 01:54 - 2018-03-01 02:01 - 000628736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-03-01 01:54 - 2018-03-01 02:01 - 000152064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-03-01 21:58 - 2018-03-01 21:58 - 000015872 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.0_x64__8wekyb3d8bbwe\Maps.exe
2018-03-01 21:58 - 2018-03-01 21:58 - 016588800 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.0_x64__8wekyb3d8bbwe\Maps.dll
2016-07-16 09:30 - 2016-07-16 09:30 - 000258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2018-03-06 12:36 - 2018-03-06 12:36 - 000017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.23.10572.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
2018-03-06 12:36 - 2018-03-06 12:36 - 016893440 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.23.10572.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.dll
2018-02-27 08:50 - 2018-02-27 08:50 - 005257096 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1802.1.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-07-16 22:29 - 2016-07-16 22:29 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.23.10572.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2013-06-25 15:18 - 2013-06-25 15:18 - 000110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-10-14 23:00 - 2017-10-14 22:59 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2013-10-03 12:18 - 2013-01-23 18:57 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-10-13 13:45 - 2017-06-14 09:53 - 001016488 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\Framework.dll
2017-10-13 13:45 - 2017-06-14 09:54 - 000026792 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\Utility.dll
2017-10-13 13:45 - 2017-06-14 09:53 - 002765992 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\iosdevice.dll
2017-10-13 13:45 - 2017-06-14 09:54 - 000090792 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\zlib1.dll
2017-10-13 13:45 - 2017-06-14 09:54 - 000575040 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\SQLite3.dll
2017-10-13 13:45 - 2017-06-14 09:54 - 001000104 _____ () C:\Program Files (x86)\Aiseesoft Studio\FoneLab\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2017-10-13 13:04 - 000000861 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AlienGamerEH\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{1ef4c746-848b-4742-9c09-e82fea172cfc}.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Users^AlienGamerEH^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Alienware Survey => c:\Program Files (x86)\Alienware Customer Surveys\AlienSurvey.exe /boot
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Power2GoExpress8 => "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run: => "AVGUI.exe"
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\StartupApproved\Run: => "World of Warships"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{419B6DC7-BA99-4EB8-AD15-FCAFB58050C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{77C57A13-0EA6-4B8C-9547-570C4172123A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BD99EE83-0F93-4AB1-8237-A71895753A92}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [UDP Query User{54F033ED-5E1C-4C34-B799-1976B8A98982}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{6A8D0417-9070-46FF-A260-695816B98037}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{44339AB2-4AE5-403A-A9E3-7B76BF5FFCB8}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{901B5E5A-8113-49B9-8A56-707D3130932B}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C8C24264-520A-4584-96A2-3C0364112218}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{444D4F9A-9F3B-44D8-9D3C-72C14557B3D0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5E6ECF9C-E8BB-4161-BDA1-138A2EA66C8B}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{BA57C3A5-AE01-4424-84AB-C9B2B47F3023}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{657DCA2B-A689-44B6-9C9E-39410DF31948}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [UDP Query User{19B467A2-30AE-4EB2-84DE-3F8CC55F333B}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{E7C22208-9C1B-4329-85EF-232F56E77C50}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{93C3B9E0-2316-4D0E-A170-D36BAB6DA405}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{7D567211-72BA-4BC2-8DFF-4BA0D68FF9E1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{943069D4-F51B-4B2D-AD79-B840BE42E479}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{40EF8EA6-26E1-4DC9-82B9-CE709D5EE9FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EE7B23DA-4243-4C53-A2FE-E7FA7C6DD50F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{417347B5-0E01-4F47-995E-EC546C5FD451}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4D3F96AF-50BF-413C-8F75-2B3237488FBD}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FDCDD4E2-A042-4CB6-A4DC-6C8D5C74F106}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{88612AE5-49C0-4EEC-B857-5E8F8E0ED715}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AF1B1F5F-8852-4ACB-9C5B-02D1CC59C341}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FC853702-BA01-46D4-8AE4-95D730C66701}] => (Allow) C:\Users\AlienGamerEH\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{E9B8013B-5265-47DA-A675-F24DC090215C}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{9CB29900-AACA-4721-87A1-BEEC7BE2C5F8}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{67BED191-1091-4376-83A5-DEC1F8B35F6B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

26-02-2018 08:20:07 Windows Update
05-03-2018 19:37:53 Scheduled Checkpoint
09-03-2018 00:57:06 Windows Modules Installer

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2018 03:45:07 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/08/2018 03:53:12 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/07/2018 03:45:07 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/06/2018 03:45:07 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/05/2018 03:45:06 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/04/2018 03:45:06 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/22/2018 02:12:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AlienwareAlienFXController.exe, version: 3.0.26.0, time stamp: 0x51716051
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x02cca39f
Faulting process id: 0x1d44
Faulting application start time: 0x01d3ac110c78b8ae
Faulting application path: C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
Faulting module path: unknown
Report Id: b0c73e16-9048-42b5-a7e3-75ad6c0e93c2
Faulting package full name:
Faulting package-relative application ID:

Error: (02/22/2018 02:12:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AlienwareAlienFXController.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at AlienLabs.AlienFX.Controller.LightsZoneController.getCommandsInBlackButFixedZones()
at AlienLabs.AlienFX.Controller.LightsZoneController.SetBlackVisualization()
at AlienLabs.AlienFX.Controller.ControllerMainForm.dimController_SetGoDarkStatus(Boolean)
at AlienLabs.AlienFX.Controller.Classes.DimControllerClass.OnTime(System.Object)
at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.TimerQueueTimer.CallCallback()
at System.Threading.TimerQueueTimer.Fire()
at System.Threading.TimerQueue.FireNextTimers()
at System.Threading.TimerQueue.AppDomainTimerCallback()

System errors:
=============
Error: (03/07/2018 08:02:13 AM) (Source: DCOM) (EventID: 10016) (User: ALIENWAREEH590)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user AlienWareEH590\AlienGamerEH SID (S-1-5-21-4151391936-2637048794-3085849956-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/07/2018 07:28:42 AM) (Source: DCOM) (EventID: 10016) (User: ALIENWAREEH590)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user AlienWareEH590\AlienGamerEH SID (S-1-5-21-4151391936-2637048794-3085849956-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/28/2018 02:31:32 PM) (Source: DCOM) (EventID: 10016) (User: ALIENWAREEH590)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user AlienWareEH590\AlienGamerEH SID (S-1-5-21-4151391936-2637048794-3085849956-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/28/2018 08:31:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/28/2018 08:31:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/28/2018 08:31:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/28/2018 08:31:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/28/2018 08:31:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

CodeIntegrity:
===================================

Date: 2018-03-09 09:39:10.913
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-09 09:39:10.910
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-09 09:36:56.594
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-09 09:36:56.592
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-09 09:23:45.311
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-09 09:23:45.307
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-09 09:21:49.639
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-09 09:21:49.638
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 40%
Total physical RAM: 8106.96 MB
Available physical RAM: 4833.32 MB
Total Virtual: 16298.96 MB
Available Virtual: 12040.74 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:920.22 GB) (Free:509.85 GB) NTFS

\\?\Volume{588e50aa-f702-489c-b1d8-5afb6b6aab80}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.21 GB) FAT32
\\?\Volume{832bdbda-e074-4ec7-95f8-6f645a269769}\ (RECOVERY) (Fixed) (Total:10.2 GB) (Free:2.34 GB) NTFS
\\?\Volume{202a06ed-fd71-4c3d-b8a1-c151a8eea21b}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 932E241B)

Partition: GPT.
Partition 2: (Not Active) - (Size=464 MB) - (Type=00)

==================== End of Addition.txt ============================

leafaninottawa · March 9, 2018

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by AlienGamerEH (administrator) on ALIENWAREEH590 (09-03-2018 09:45:00)
Running from C:\Users\AlienGamerEH\Desktop
Loaded Profiles: AlienGamerEH (Available Profiles: AlienGamerEH & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Windows\System32\idle-Threads.exe
() C:\Windows\System32\semaphore-Threads.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\avg\Antivirus\AVGSvc.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\avg\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Tenorshare Co,Ltd) C:\Program Files (x86)\ReiBoot\TenorshareReibootService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\avg\Framework\Common\avgsvca.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\avg\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
() C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\avg\Antivirus\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\avg\Framework\Common\avguix.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.0_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Corporation) C:\Windows\System32\PickerHost.exe
() C:\Program Files\WindowsApps\Microsoft.BingNews_4.23.10572.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401880 2016-12-23] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-04-19] (Alienware)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803664 2016-06-07] (NVIDIA Corporation)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-01-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [302744 2017-11-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-01-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2187336 2017-12-19] ()
HKLM-x32\...\Run: [FoneLabAppService] => C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe [87208 2017-06-14] ()
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\Run: [World of Warships] => C:\Games\World_of_Warships\WargamingGameUpdater.exe [3140384 2018-01-25] (Wargaming.net)
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\RunOnce: [Uninstall 17.005.0107.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AlienGamerEH\AppData\Local\Microsoft\OneDrive\17.005.0107.0008\amd64"
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\...\RunOnce: [Uninstall 17.005.0107.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\AlienGamerEH\AppData\Local\Microsoft\OneDrive\17.005.0107.0008"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{53663fa9-ca69-46ba-bd92-72f127728dbd}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9e18f87c-1f1c-40ec-be13-6511a89f0803}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{dac4db1b-70db-403a-ba33-190d1efbda63}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{eca3d8ec-ed6a-4c64-9c04-6321bdf61f4d}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-ca-e
HKU\S-1-5-21-4151391936-2637048794-3085849956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={4F06CAE4-256B-44F1-93D9-CEE58E1C42CF}&mid=847781a306ad47cd92caa90c821a8e1c-99935a038e48fcd677e957f0a57e594120eef127&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116avz&pr=fr&d=2016-01-26 08:39:10&v=4.3.6.255&pid=wtu&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> {061BE077-1F4D-47D1-AF30-D3E364FB23EF} URL =
SearchScopes: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={4F06CAE4-256B-44F1-93D9-CEE58E1C42CF}&mid=847781a306ad47cd92caa90c821a8e1c-99935a038e48fcd677e957f0a57e594120eef127&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116avz&pr=fr&d=2016-01-26 08:39:10&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001 -> {061BE077-1F4D-47D1-AF30-D3E364FB23EF} URL =
SearchScopes: HKU\S-1-5-21-4151391936-2637048794-3085849956-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={4F06CAE4-256B-44F1-93D9-CEE58E1C42CF}&mid=847781a306ad47cd92caa90c821a8e1c-99935a038e48fcd677e957f0a57e594120eef127&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116avz&pr=fr&d=2016-01-26 08:39:10&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-01] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2017-12-19] (AVG)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2017-12-19] (AVG)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-21] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-21] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.ca/
CHR StartupUrls: Default -> "hxxp://www.google.ca/"
CHR Profile: C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default [2018-03-09]
CHR Extension: (Google Slides) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-03] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-12] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-14]
CHR Extension: (Google Sheets) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Google Wallet) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-17] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\AlienGamerEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U2 .Net Crypt; C:\WINDOWS\System32\mutex-threads.exe [5365224 2016-09-11] ()
U2 .Net Main; C:\WINDOWS\System32\idle-threads.exe [8126440 2016-10-19] ()
U2 .Net Security; C:\WINDOWS\System32\latch-threads.exe [6096872 2016-09-11] ()
U2 .Net Semaphore; C:\WINDOWS\System32\semaphore-threads.exe [1878504 2016-10-19] ()
R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [14352 2013-04-19] (Alienware)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [282536 2017-11-13] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7600584 2017-11-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-01-25] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962800 2018-02-22] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-02-01] (CyberLink)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-06-14] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-23] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [83512 2012-11-20] (Micro-Star Int'l Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
R2 TenorshareReibootService; C:\Program Files (x86)\ReiBoot\TenorshareReibootService.exe [33208 2017-09-28] (Tenorshare Co,Ltd)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5614592 2018-01-22] (AVG Technologies CZ, s.r.o.)
R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1365064 2017-12-19] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for iOS\Library\DriverInstaller\DriverInstall.exe [119008 2017-06-28] (Wondershare)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-12-19] ()
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [176000 2017-11-13] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166624 2017-11-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [314640 2017-11-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192584 2017-11-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336896 2017-11-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51336 2017-11-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39424 2017-11-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [140704 2017-11-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102792 2017-11-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76832 2017-11-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1018648 2017-11-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [447800 2017-11-15] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [196392 2017-11-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [356880 2017-11-13] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\WINDOWS\System32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-09-21] (Disc Soft Ltd)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2016-08-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NTIOLib_X64; C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys [14136 2012-11-20] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R0 scssifilter; C:\WINDOWS\System32\Drivers\scssifilter64.sys [55272 2016-08-14] (Microsoft Corporation)
R0 tpci; C:\WINDOWS\System32\Drivers\tpci64.sys [55272 2016-08-14] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-07-26] (AVG Netherlands B.V.)
R0 usbmp3; C:\WINDOWS\System32\Drivers\usbmp364.sys [48104 2016-08-14] ()
R0 usbvox; C:\WINDOWS\System32\Drivers\usbvox64.sys [80872 2016-08-14] ()
R0 usbwav; C:\WINDOWS\System32\Drivers\usbwav64.sys [66024 2016-08-14] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-09 09:45 - 2018-03-09 09:46 - 000024634 _____ C:\Users\AlienGamerEH\Desktop\FRST.txt
2018-03-09 09:44 - 2018-03-09 09:45 - 000000000 ____D C:\FRST
2018-03-09 09:42 - 2018-03-09 09:43 - 002403328 _____ (Farbar) C:\Users\AlienGamerEH\Desktop\FRST64.exe
2018-02-26 07:50 - 2018-02-26 07:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-02-26 07:47 - 2018-02-26 07:47 - 000000000 ___RD C:\Users\AlienGamerEH\3D Objects
2018-02-26 07:46 - 2018-02-26 07:46 - 000000020 ___SH C:\Users\AlienGamerEH\ntuser.ini
2018-02-22 14:12 - 2018-02-22 14:12 - 000000351 _____ C:\prefs.js
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\Documents\AlienFX
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\AppData\Roaming\Intel Corporation
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\AppData\Local\Packages
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\AppData\Local\NVIDIA
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\AppData\Local\CEF
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\AppData\Local\AVG Web TuneUp
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default\AppData\Local\Aiseesoft Studio
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\Documents\AlienFX
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Intel Corporation
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\AppData\Local\Packages
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\AppData\Local\NVIDIA
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\AppData\Local\CEF
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\AppData\Local\AVG Web TuneUp
2018-02-22 14:12 - 2018-02-22 14:12 - 000000000 ____D C:\Users\Default User\AppData\Local\Aiseesoft Studio
2018-02-22 14:09 - 2018-02-22 14:09 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-02-22 14:09 - 2018-02-22 14:09 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2018-02-22 03:20 - 2018-03-06 07:37 - 000000000 ____D C:\Windows.old
2018-02-22 03:15 - 2018-02-22 03:20 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-02-22 03:15 - 2018-02-22 03:15 - 000000000 ___DL C:\Users\Public\Recorded TV (1)
2018-02-22 03:15 - 2018-02-22 03:15 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2018-02-22 03:13 - 2018-02-22 03:15 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-02-22 03:13 - 2018-02-22 03:13 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-02-22 03:11 - 2018-02-22 03:11 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-22 03:11 - 2018-02-22 03:11 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-22 03:11 - 2018-02-22 03:11 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-02-22 03:11 - 2018-02-22 03:11 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-02-22 03:11 - 2018-02-22 03:11 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2018-02-22 03:11 - 2018-02-22 03:11 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2018-02-22 03:11 - 2018-02-22 03:11 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-02-22 03:11 - 2018-02-22 03:11 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-22 03:11 - 2018-02-22 03:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-22 03:05 - 2018-02-22 03:05 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-02-22 03:05 - 2018-02-22 03:05 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-02-22 03:05 - 2018-02-22 03:05 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-02-22 03:05 - 2018-02-22 03:05 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-02-22 03:05 - 2018-02-22 03:05 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-02-22 03:05 - 2018-02-22 03:05 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\WINDOWS\system32\msmq
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\Program Files\MSBuild
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-02-22 03:05 - 2018-02-22 03:05 - 000000000 ____D C:\inetpub
2018-02-22 01:02 - 2018-03-09 03:10 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2018-02-22 01:02 - 2018-03-07 07:56 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4151391936-2637048794-3085849956-1001
2018-02-22 01:02 - 2018-02-27 17:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-22 01:02 - 2018-02-26 08:15 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-22 01:02 - 2018-02-26 07:16 - 000004282 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-02-22 01:02 - 2018-02-22 01:02 - 000003804 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2018-02-22 01:02 - 2018-02-22 01:02 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-22 01:02 - 2018-02-22 01:02 - 000003322 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-02-22 01:02 - 2018-02-22 01:02 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-22 01:02 - 2018-02-22 01:02 - 000003006 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2018-02-22 01:02 - 2018-02-22 01:02 - 000002972 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2018-02-22 01:02 - 2018-02-22 01:02 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-22 01:02 - 2018-02-22 01:02 - 000002038 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2018-02-22 01:02 - 2018-02-22 01:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-02-22 01:02 - 2018-02-22 01:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2018-02-22 01:02 - 2018-02-22 01:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-02-22 01:00 - 2018-02-22 01:02 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-02-22 01:00 - 2018-02-22 01:02 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-02-22 00:38 - 2018-02-22 00:38 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-22 00:35 - 2018-02-26 08:22 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Local\Packages
2018-02-22 00:35 - 2018-02-22 00:35 - 000000000 ____D C:\ProgramData\USOShared
2018-02-22 00:34 - 2018-02-26 07:47 - 000000000 ____D C:\Users\AlienGamerEH
2018-02-22 00:34 - 2018-02-22 00:55 - 000000000 ____D C:\Users\DefaultAppPool
2018-02-22 00:29 - 2018-02-27 17:39 - 001026410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-22 00:28 - 2017-10-27 11:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-02-22 00:27 - 2017-11-09 05:39 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-02-22 00:27 - 2017-11-09 05:39 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-02-22 00:27 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-02-22 00:24 - 2018-03-09 09:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-22 00:24 - 2018-02-22 00:46 - 000476464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-21 20:53 - 2018-01-09 16:44 - 000108584 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-02-21 16:16 - 2018-03-07 08:02 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-21 11:54 - 2018-02-21 11:54 - 008007680 _____ ( ) C:\WINDOWS\system32\Microsoft.mshtml.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-09 09:37 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-09 07:11 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-09 03:22 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-09 03:22 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-09 01:59 - 2015-01-16 15:34 - 000000124 ____R C:\WINDOWS\system32\masteraclbini.enu
2018-03-09 01:59 - 2014-11-18 15:59 - 000001952 __RSH C:\WINDOWS\system32\masteraclini.enu
2018-03-07 08:02 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-07 07:56 - 2017-02-27 18:06 - 000002436 _____ C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-07 07:56 - 2016-07-16 21:52 - 000000000 ___RD C:\Users\AlienGamerEH\OneDrive
2018-03-01 04:19 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-01 04:17 - 2013-10-03 12:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-28 01:13 - 2015-01-17 17:20 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 01:13 - 2015-01-17 17:20 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 17:52 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-27 17:36 - 2016-09-22 13:50 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Local\ConnectedDevicesPlatform
2018-02-27 17:35 - 2017-07-21 17:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-27 17:35 - 2016-09-22 03:31 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2018-02-27 17:35 - 2016-09-22 03:31 - 000000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2018-02-27 17:35 - 2016-07-16 21:47 - 000000000 __SHD C:\Users\AlienGamerEH\IntelGraphicsProfiles
2018-02-27 17:35 - 2013-10-03 12:30 - 000000000 ____D C:\Program Files (x86)\AlienRespawn
2018-02-27 17:34 - 2017-07-21 17:12 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-27 17:33 - 2016-07-16 21:10 - 000147728 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys
2018-02-27 17:32 - 2016-09-09 10:34 - 000000000 _____ C:\WINDOWS\system32\reAgentcNow.off
2018-02-27 17:30 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-02-26 08:16 - 2016-03-24 14:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 07:48 - 2016-07-16 21:47 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Local\TileDataLayer
2018-02-26 07:47 - 2016-04-27 01:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-26 01:47 - 2017-12-08 14:11 - 000000000 ____D C:\WINDOWS\system32\mutantW
2018-02-22 14:09 - 2017-10-14 23:54 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2018-02-22 14:09 - 2017-10-14 23:54 - 000002498 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2018-02-22 04:56 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-02-22 03:22 - 2017-09-29 08:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-02-22 03:20 - 2017-12-30 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-02-22 03:20 - 2017-10-26 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinX DVD Author
2018-02-22 03:20 - 2017-10-13 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS MobiSaver
2018-02-22 03:20 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-02-22 03:20 - 2017-09-29 08:49 - 000000000 ____D C:\WINDOWS\Setup
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\IME
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\schemas
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Help
2018-02-22 03:20 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-22 03:20 - 2017-07-29 13:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-22 03:20 - 2017-07-21 17:11 - 000000000 ____D C:\Program Files\Intel
2018-02-22 03:20 - 2017-07-21 17:11 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-22 03:20 - 2017-06-14 15:37 - 000000000 ____D C:\Program Files\UNP
2018-02-22 03:20 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-22 03:20 - 2016-11-30 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
2018-02-22 03:20 - 2016-11-11 03:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2018-02-22 03:20 - 2016-10-31 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2018-02-22 03:20 - 2016-06-19 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2018-02-22 03:20 - 2015-12-06 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2018-02-22 03:20 - 2015-09-21 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-02-22 03:20 - 2015-06-12 08:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-02-22 03:20 - 2015-06-12 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2018-02-22 03:20 - 2015-05-23 07:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-22 03:20 - 2015-03-30 17:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2018-02-22 03:20 - 2015-03-12 16:32 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2018-02-22 03:20 - 2015-02-06 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2018-02-22 03:20 - 2015-02-06 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-02-22 03:20 - 2015-01-24 12:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vbox
2018-02-22 03:20 - 2015-01-24 12:35 - 000000000 ____D C:\WINDOWS\system32\vbox
2018-02-22 03:20 - 2015-01-17 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piranha Games
2018-02-22 03:20 - 2013-10-03 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2018-02-22 03:20 - 2013-10-03 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2018-02-22 03:20 - 2013-10-03 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienRespawn
2018-02-22 03:20 - 2013-10-03 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
2018-02-22 03:20 - 2013-10-03 12:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-02-22 03:20 - 2009-07-14 00:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-02-22 03:19 - 2017-09-29 03:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-02-22 03:16 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-22 03:16 - 2017-07-21 17:10 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-02-22 03:15 - 2017-10-18 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-02-22 03:15 - 2017-10-13 13:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2018-02-22 03:15 - 2017-07-21 17:10 - 000000000 ____D C:\Program Files\Realtek
2018-02-22 03:15 - 2016-03-24 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2018-02-22 03:15 - 2015-05-22 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAUNCH
2018-02-22 03:15 - 2015-03-12 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2018-02-22 03:15 - 2015-01-17 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-02-22 03:15 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\Microsoft Games
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2018-02-22 03:12 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Windows Defender
2018-02-22 03:12 - 2017-09-29 08:46 - 000000000 ____D C:\PerfLogs
2018-02-22 03:12 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-02-22 03:05 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-02-22 01:02 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-22 00:59 - 2016-07-16 21:16 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-02-22 00:59 - 2013-10-03 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2018-02-22 00:58 - 2017-11-17 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-22 00:58 - 2017-09-29 08:46 - 000000000 __RSD C:\WINDOWS\media
2018-02-22 00:53 - 2017-07-21 17:12 - 001015906 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-02-22 00:45 - 2017-10-24 16:24 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-02-22 00:45 - 2017-10-18 18:56 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ReiBoot
2018-02-22 00:45 - 2017-03-08 11:18 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2018-02-22 00:45 - 2016-08-08 22:02 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2018-02-22 00:45 - 2015-09-21 20:06 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2018-02-22 00:45 - 2015-05-23 07:37 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-22 00:45 - 2015-01-24 12:39 - 000000000 ____D C:\Users\AlienGamerEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-22 00:38 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-02-22 00:37 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-02-22 00:35 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-02-22 00:28 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-02-22 00:28 - 2017-07-21 17:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-22 00:28 - 2016-09-02 23:33 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-22 00:28 - 2013-10-03 12:30 - 000000000 ____D C:\Temp
2018-02-22 00:27 - 2017-07-21 17:11 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-02-22 00:27 - 2017-07-21 17:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-22 00:26 - 2017-07-21 17:11 - 001019725 _____ C:\WINDOWS\system32\Drivers\rtwavesskdy.dat
2018-02-22 00:26 - 2017-07-21 17:11 - 000397789 _____ C:\WINDOWS\system32\Drivers\rtwavesmapro.dat
2018-02-22 00:26 - 2017-07-21 17:11 - 000031095 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2018-02-22 00:26 - 2017-07-21 17:11 - 000017664 _____ C:\WINDOWS\system32\Drivers\rtwavesmaprocap.dat
2018-02-22 00:26 - 2017-07-21 17:11 - 000010945 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2018-02-22 00:25 - 2017-07-21 17:10 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-02-21 20:53 - 2017-10-10 21:16 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-21 20:53 - 2014-11-19 13:36 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-21 20:53 - 2014-11-19 13:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-21 14:40 - 2018-01-11 23:33 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories =======

2017-10-19 09:04 - 2017-10-19 09:04 - 000003584 _____ () C:\Users\AlienGamerEH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-16 23:36 - 2017-09-05 06:57 - 000007627 _____ () C:\Users\AlienGamerEH\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restored successfully

LastRegBack: 2018-03-04 01:31

==================== End of FRST.txt ============================

leafaninottawa · March 10, 2018

Anything yet? Workin hard? Lol easy home says they don’t put anything in their desktops but the laptops yes! but I’m fairly certain a CSR would say that

Aura · March 10, 2018

We'll try to remove their program via the Windows RE, however, I'm not sure of how this will affect your Windows installation. So before we start, I'll ask you to create a restore point that we can fall back on if things goes South.

https://support.microsoft.com/en-ca/help/4027538/windows-create-a-system-restore-point

For the next step, you'll need a USB Flash Drive. Do you have one?

leafaninottawa · March 10, 2018

I have a 60gb flash drive.

leafaninottawa · March 11, 2018

I have created the restore point, and am ready for the next step

idle threads/ semaphore threads

Recommended Posts

Link to post

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information