Jump to content

Resource is in USE

RyanT

By RyanT
in Resolved Malware Removal Logs

 Share

Recommended Posts

RyanT

RyanT

Posted
Posted

I was browsing the forums trying to fix my laptop and it has windows 8.1 installed and also a virus. I came across a thread from March, 27th 2017 and followed some steps in there. I have downloaded a recovery tool and cant seem to figure out how to use it. I cannot run any anti virus program, restore from point, start in advanced options. I am able to bring up CMD prompt but not as a troubleshooting.

I will post my notepad log from FRST.

Thanks 

Ryan

Continue with the following:

 

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type  e:\frst64 or e:\frst depending on your version. Press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

Link to post
Share on other sites
  • Staff
Malwarebytes

Malwarebytes

Posted
  • Staff
Posted

***This is an automated reply***

Hi,

Thanks for posting in the Malware Removal for Windows Help forum. Being infected is not fun and can be very frustrating to resolve, but don't worry because we have a team of experts here help you!!

Note: Please be patient. When the site is busy it can take up to 48 hours before a malware removal helper can assist you. If no one has replied to your new topic after 48 hours please contact a Moderator or Administrator to let them know.

 

First, if you haven't done so, please run a Threat Scan with the latest version of Malwarebytes. This may resolve your malware infection issue without the need for additional support. Click "Reveal Hidden Contents" below for details:

Spoiler

Malwarebytes can detect and remove most malware with no further actions required for free.

If you do not have Malwarebytes, please download it here and install. Be sure to post back the log as shown below.

  1. Open Malwarebytes for Windows
  2. To the left, click Scan > Scan Types.
    image.png
  3. Select Threat Scan. Threat Scan is the most thorough and recommended scan method available.
    image.png
  4. Click Start Scan

Next, if you're still experiencing issues after running Malwarebytes, then technical logs will be required to assist you. Click "Reveal Hidden Contents" below and follow the instructions to run the Farbar Recovery Scan Tool:

Spoiler

Don't use any temporary file cleaners unless requested - this can cause data loss and make a recovery difficult.

Please download the Farbar Recovery Scan Tool here and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  1. Double-click to run it. When the tool opens click Yes to the disclaimer.
  2. Press the Scan button.
    _frst_scan.jpg.d10e66dc03e35ede4fdcba12b
  3. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  4. The first time the tool is run, it also makes another log (Addition.txt). If you've run it before it may not and you may need to select it manually.

Finally, attach the Malwarebytes Threat Scan, FRST.txt and Additional.txt logs to your reply and Follow this topic to get notified when an expert has replied. Click "Reveal Hidden Contents" below for details.

Note: If you are unable to attach files, please copy and past the contents of the requested files in your Reply instead. 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

_mb_attach.jpg.a0465aaafd6cae688aa38ab16

 

After posting your new post, make sure you click the Follow button near the top right of this page, and select the option "An email when new content is posted Change how the notification is sent" so that you're alerted by email when someone has replied to your post.

_mb_follow.jpg.7868cc281f66ac22e919c2c48

_mb_follow_options.jpg.dcb79fc10aa35beb0

Please Note the Following:

  • One of our expert helpers will give you one-on-one assistance when one becomes available.
  • Refrain from making any further changes to your computer (such as Install/Uninstall programs, using special fix tools, delete files, edit the registry, etc...) unless advised by a malware removal helper. Doing so can result in system changes which may hinder the attempts by a helper to clean your machine.
  • Do not 'bump' or add a reply to your topic once it is started. Topics which appear to have replies are considered to have a  helper assisting them and may be overlooked, resulting in a longer waiting period for help
  • If you're using Peer 2 Peer software such as uTorrent or similar, please completely disable it from running while being assisted here.

Troubleshooting Tips

Link to post
Share on other sites
RyanT

RyanT

Posted
  • Author
Posted

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.04.2018
Ran by aaron (administrator) on JOEL (24-04-2018 17:01:21)
Running from F:\
Loaded Profiles: aaron (Available Profiles: aaron)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(HP) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\tprdpw64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(© 2015 Microsoft Corporation) C:\Users\aaron\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.6160\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.10016\Battle.net Helper.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.10016\Battle.net Helper.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-25] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17652344 2017-06-26] (Logitech Inc.)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT-KB890830.exe [136971704 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Malwarebytes TrayApp] => C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [Plumbytes Anti-Malware] => "C:\Program Files\Plumbytes Software\Plumbytes Anti-Malware\Plumbytes.exe" /tray
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [406664 2016-10-01] (Power Software Ltd)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [Zygor Guides Client] => C:\Users\aaron\AppData\Roaming\Zygor Guides Client\startup.bat [474 2017-07-14] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-04-06] (DivX, LLC)
HKLM-x32\...\Run: [cpx] => "C:\Users\aaron\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <==== ATTENTION
HKLM-x32\...\Run: [svcvmx] => "C:\Users\aaron\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup <==== ATTENTION
HKLM-x32\...\RunOnce: [Mipocerori] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\aaron\AppData\Roaming\Norolapafi"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-17] (Valve Corporation)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [BitTorrent] => C:\Users\aaron\AppData\Roaming\BitTorrent\BitTorrent.exe [2150088 2017-07-17] (BitTorrent Inc.)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [Chromium] => c:\users\aaron\appdata\local\chromium\application\chrome.exe [1035264 2016-03-17] (The Chromium Authors)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1070056 2018-04-22] (Blizzard Entertainment)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2016-08-16] ()
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7963552 2017-06-12] (SUPERAntiSpyware)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [Discord] => C:\Users\aaron\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [Google Update] => C:\Users\aaron\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-08-11] (Google Inc.)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Run: [BingSvc] => C:\Users\aaron\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\MountPoints2: F - "F:\setup.exe" 
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\MountPoints2: {1f3b5ab8-8ce1-11e6-8277-3ca82aad1c77} - "G:\autorun.exe" 
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\MountPoints2: {6117dd51-35a6-11e7-829f-3ca82aad1c77} - "F:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\MountPoints2: {6117de15-35a6-11e7-829f-3ca82aad1c77} - "F:\HTC_Sync_Manager_PC.exe" 
Startup: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoFuriousPk.lnk [2016-10-25]
ShortcutTarget: AutoFuriousPk.lnk -> C:\Users\aaron\furiouspk_cache108\AutoFuriousPk.jar ()
Startup: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoMoparscape.lnk [2016-11-02]
ShortcutTarget: AutoMoparscape.lnk -> C:\Users\aaron\MoparScape\AutoMoparscape.jar ()
Startup: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-04-18]
ShortcutTarget: Twitch.lnk -> C:\Users\aaron\AppData\Roaming\Curse Client\Bin\Twitch.exe (Twitch Interactive, Inc.)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AB69428D-092D-4E49-AC93-83497007F397}: [DhcpNameServer] 208.180.42.68 208.180.42.100
Tcpip\..\Interfaces\{CABD3029-2E00-455F-A5C7-A700F01A9037}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-2196296041-421747137-628272808-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-2196296041-421747137-628272808-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-eb02ae4d&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-eb02ae4d&q={searchTerms}
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-a7095f59&q={searchTerms}
SearchScopes: HKLM -> {B87C10B6-06B2-4EF3-8235-5F0B5FD287B5} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-eb02ae4d&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-eb02ae4d&q={searchTerms}
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-a7095f59&q={searchTerms}
SearchScopes: HKLM-x32 -> {B87C10B6-06B2-4EF3-8235-5F0B5FD287B5} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2196296041-421747137-628272808-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-eb02ae4d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2196296041-421747137-628272808-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-eb02ae4d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2196296041-421747137-628272808-1002 -> {B87C10B6-06B2-4EF3-8235-5F0B5FD287B5} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-17] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-2196296041-421747137-628272808-1002: @tools.google.com/Google Update;version=3 -> C:\Users\aaron\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-2196296041-421747137-628272808-1002: @tools.google.com/Google Update;version=9 -> C:\Users\aaron\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-11] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> msn.com
CHR NewTab: Default ->  Not-active:"chrome-extension://gjplonfbhkbkoiphjgafcpenodglphdj/html/home.html"
CHR Profile: C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default [2018-04-24]
CHR Extension: (Slides) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-18]
CHR Extension: (Docs) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-18]
CHR Extension: (Google Drive) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-03]
CHR Extension: (YouTube) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-03]
CHR Extension: (Sheets) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-18]
CHR Extension: (MSN Homepage) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2018-03-25]
CHR Extension: (Tables) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-07-16]
CHR Extension: (Google Docs Offline) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-03]
CHR Extension: (Chrome Adware Removal) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjplonfbhkbkoiphjgafcpenodglphdj [2018-01-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-22]
CHR Extension: (Gmail) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-03]
CHR Extension: (Chrome Media Router) - C:\Users\aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-12]
CHR HKLM\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2196296041-421747137-628272808-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2196296041-421747137-628272808-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2196296041-421747137-628272808-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2196296041-421747137-628272808-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"drmkpro64" => service could not be unlocked. <==== ATTENTION

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-08-13] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [400656 2017-06-04] (EasyAntiCheat Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 hpsrv; C:\WINDOWS\system32\Hpservice.exe [31568 2017-07-14] (HP)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-06-26] (Logitech Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-05-25] (Realtek Semiconductor)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [258152 2017-05-25] (Synaptics Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare)
S3 CLVSVC9f935222; "C:\WINDOWS\system32\cmd.exe" /c START "" "C:\Users\aaron\AppData\Local\Celavimus\ClientBin\CelavimusClientHelper.exe" 58154 cevo
S2 Dataup; C:\Users\TEMP\AppData\Local\ntuserlitelist\dataup\dataup.exe [X] <==== ATTENTION
S2 windowsmanagementservice; C:\Users\aaron\AppData\Local\npiapod\tobxlfk\ct.exe [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aacaogqv; C:\WINDOWS\system32\drivers\aacaogqv.sys [72816 2017-10-17] (Microsoft Corporation)
S1 abscylce; C:\WINDOWS\system32\drivers\abscylce.sys [72816 2017-10-23] (Microsoft Corporation)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54080 2017-07-14] (HP)
S1 afpawqgq; C:\WINDOWS\system32\drivers\afpawqgq.sys [72816 2017-10-22] (Microsoft Corporation)
S1 afvbatbg; C:\WINDOWS\system32\drivers\afvbatbg.sys [63456 2017-10-27] (Microsoft Corporation)
S1 ahyrhjse; C:\WINDOWS\system32\drivers\ahyrhjse.sys [72816 2017-10-14] (Microsoft Corporation)
S1 aikowttg; C:\WINDOWS\system32\drivers\aikowttg.sys [72816 2017-10-18] (Microsoft Corporation)
S1 aiojzryx; C:\WINDOWS\system32\drivers\aiojzryx.sys [72816 2017-10-16] (Microsoft Corporation)
R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [11944 2017-05-25] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 aofpmkzc; C:\WINDOWS\system32\drivers\aofpmkzc.sys [72816 2017-10-21] (Microsoft Corporation)
S1 arsgadpt; C:\WINDOWS\system32\drivers\arsgadpt.sys [72816 2017-10-21] (Microsoft Corporation)
S1 arvtoxmv; C:\WINDOWS\system32\drivers\arvtoxmv.sys [72816 2017-10-18] (Microsoft Corporation)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4307192 2017-05-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [118848 2017-05-25] (Advanced Micro Devices)
S1 aydodzcl; C:\WINDOWS\system32\drivers\aydodzcl.sys [72816 2017-10-18] (Microsoft Corporation)
S1 azoghfvu; C:\WINDOWS\system32\drivers\azoghfvu.sys [72816 2017-10-16] (Microsoft Corporation)
S1 bafouovl; C:\WINDOWS\system32\drivers\bafouovl.sys [72816 2017-10-16] (Microsoft Corporation)
S1 bdqxzrjl; C:\WINDOWS\system32\drivers\bdqxzrjl.sys [72816 2017-10-22] (Microsoft Corporation)
S1 belwcwad; C:\WINDOWS\system32\drivers\belwcwad.sys [63456 2017-10-25] (Microsoft Corporation)
S1 bhfpjado; C:\WINDOWS\system32\drivers\bhfpjado.sys [72816 2017-10-20] (Microsoft Corporation)
S1 bnkuviko; C:\WINDOWS\system32\drivers\bnkuviko.sys [63456 2017-10-26] (Microsoft Corporation)
S1 bnkuxeoz; C:\WINDOWS\system32\drivers\bnkuxeoz.sys [72816 2017-10-21] (Microsoft Corporation)
S1 boryfmat; C:\WINDOWS\system32\drivers\boryfmat.sys [72816 2017-10-23] (Microsoft Corporation)
S1 boucpbqa; C:\WINDOWS\system32\drivers\boucpbqa.sys [72816 2017-10-22] (Microsoft Corporation)
S1 buccbnqa; C:\WINDOWS\system32\drivers\buccbnqa.sys [72816 2017-10-23] (Microsoft Corporation)
S1 buzrvbzg; C:\WINDOWS\system32\drivers\buzrvbzg.sys [72816 2017-10-17] (Microsoft Corporation)
S1 bvcudnzc; C:\WINDOWS\system32\drivers\bvcudnzc.sys [63456 2017-10-26] (Microsoft Corporation)
S1 bvfqzlph; C:\WINDOWS\system32\drivers\bvfqzlph.sys [72816 2017-10-16] (Microsoft Corporation)
S1 bxrpkarv; C:\WINDOWS\system32\drivers\bxrpkarv.sys [72816 2017-10-18] (Microsoft Corporation)
S1 byamcnie; C:\WINDOWS\system32\drivers\byamcnie.sys [72816 2017-10-18] (Microsoft Corporation)
S1 cbxwkcbn; C:\WINDOWS\system32\drivers\cbxwkcbn.sys [72816 2017-10-16] (Microsoft Corporation)
S1 cixxfqxz; C:\WINDOWS\system32\drivers\cixxfqxz.sys [72816 2017-10-21] (Microsoft Corporation)
S1 cjybvzyp; C:\WINDOWS\system32\drivers\cjybvzyp.sys [72816 2017-10-17] (Microsoft Corporation)
S1 clbetpiq; C:\WINDOWS\system32\drivers\clbetpiq.sys [72816 2017-10-22] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S1 cmwjekry; C:\WINDOWS\system32\drivers\cmwjekry.sys [72816 2017-10-21] (Microsoft Corporation)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S1 cnzndior; C:\WINDOWS\system32\drivers\cnzndior.sys [72816 2017-10-23] (Microsoft Corporation)
S1 covlxdei; C:\WINDOWS\system32\drivers\covlxdei.sys [72816 2017-10-20] (Microsoft Corporation)
S1 cuilsurt; C:\WINDOWS\system32\drivers\cuilsurt.sys [72816 2017-10-22] (Microsoft Corporation)
S1 czdtvepy; C:\WINDOWS\system32\drivers\czdtvepy.sys [63456 2017-10-25] (Microsoft Corporation)
S1 czesrpke; C:\WINDOWS\system32\drivers\czesrpke.sys [72816 2017-10-18] (Microsoft Corporation)
S1 dazaafdg; C:\WINDOWS\system32\drivers\dazaafdg.sys [63456 2017-10-26] (Microsoft Corporation)
S1 dbukxzwg; C:\WINDOWS\system32\drivers\dbukxzwg.sys [72816 2017-10-17] (Microsoft Corporation)
S1 dbxgthfx; C:\WINDOWS\system32\drivers\dbxgthfx.sys [72816 2017-10-18] (Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 djwmrrlr; C:\WINDOWS\system32\drivers\djwmrrlr.sys [63456 2017-10-27] (Microsoft Corporation)
S1 dkxrztyt; C:\WINDOWS\system32\drivers\dkxrztyt.sys [63456 2017-10-24] (Microsoft Corporation)
S1 dpoirtjg; C:\WINDOWS\system32\drivers\dpoirtjg.sys [63456 2017-10-25] (Microsoft Corporation)
S1 drcdqkce; C:\WINDOWS\system32\drivers\drcdqkce.sys [72816 2017-10-16] (Microsoft Corporation)
S1 dzpfkeeq; C:\WINDOWS\system32\drivers\dzpfkeeq.sys [63456 2017-10-27] (Microsoft Corporation)
S1 edupanbo; C:\WINDOWS\system32\drivers\edupanbo.sys [72816 2017-10-21] (Microsoft Corporation)
S1 eggytluj; C:\WINDOWS\system32\drivers\eggytluj.sys [63456 2017-10-24] (Microsoft Corporation)
S1 ehgkxzjw; C:\WINDOWS\system32\drivers\ehgkxzjw.sys [72816 2017-10-22] (Microsoft Corporation)
S1 ehprnlxg; C:\WINDOWS\system32\drivers\ehprnlxg.sys [72816 2017-10-22] (Microsoft Corporation)
S1 ehsdaghf; C:\WINDOWS\system32\drivers\ehsdaghf.sys [63456 2017-10-24] (Microsoft Corporation)
S1 ejfxmwlp; C:\WINDOWS\system32\drivers\ejfxmwlp.sys [72816 2017-10-17] (Microsoft Corporation)
S1 elgoihfe; C:\WINDOWS\system32\drivers\elgoihfe.sys [63456 2017-10-27] (Microsoft Corporation)
S1 emgfojev; C:\WINDOWS\system32\drivers\emgfojev.sys [72816 2017-10-19] (Microsoft Corporation)
S1 emqovjyj; C:\WINDOWS\system32\drivers\emqovjyj.sys [72816 2017-10-22] (Microsoft Corporation)
S1 eozqxegp; C:\WINDOWS\system32\drivers\eozqxegp.sys [72816 2017-10-22] (Microsoft Corporation)
S1 ewnykbkt; C:\WINDOWS\system32\drivers\ewnykbkt.sys [72816 2017-10-20] (Microsoft Corporation)
S1 exknclak; C:\WINDOWS\system32\drivers\exknclak.sys [72816 2017-10-20] (Microsoft Corporation)
S1 ezsgpkyy; C:\WINDOWS\system32\drivers\ezsgpkyy.sys [72816 2017-10-18] (Microsoft Corporation)
S1 fgxkcdcg; C:\WINDOWS\system32\drivers\fgxkcdcg.sys [72816 2017-10-17] (Microsoft Corporation)
S1 fhdfnvlz; C:\WINDOWS\system32\drivers\fhdfnvlz.sys [63456 2017-10-26] (Microsoft Corporation)
S1 firnqwsp; C:\WINDOWS\system32\drivers\firnqwsp.sys [63456 2017-10-25] (Microsoft Corporation)
S1 fpeysrjm; C:\WINDOWS\system32\drivers\fpeysrjm.sys [63456 2017-10-26] (Microsoft Corporation)
S1 fqjqcjju; C:\WINDOWS\system32\drivers\fqjqcjju.sys [72816 2017-10-16] (Microsoft Corporation)
S1 ftqcmebl; C:\WINDOWS\system32\drivers\ftqcmebl.sys [72816 2017-10-16] (Microsoft Corporation)
S1 fvapquog; C:\WINDOWS\system32\drivers\fvapquog.sys [63456 2017-10-25] (Microsoft Corporation)
S1 fysdxqql; C:\WINDOWS\system32\drivers\fysdxqql.sys [72816 2017-10-17] (Microsoft Corporation)
S1 fyximbku; C:\WINDOWS\system32\drivers\fyximbku.sys [72816 2017-10-18] (Microsoft Corporation)
S1 gajkmxgk; C:\WINDOWS\system32\drivers\gajkmxgk.sys [72816 2017-10-21] (Microsoft Corporation)
S1 gbtkoguw; C:\WINDOWS\system32\drivers\gbtkoguw.sys [72816 2017-10-20] (Microsoft Corporation)
S1 gdigkstl; C:\WINDOWS\system32\drivers\gdigkstl.sys [72816 2017-10-16] (Microsoft Corporation)
S1 ghlcloof; C:\WINDOWS\system32\drivers\ghlcloof.sys [63456 2017-10-24] (Microsoft Corporation)
S1 gmoblrqa; C:\WINDOWS\system32\drivers\gmoblrqa.sys [63456 2017-10-26] (Microsoft Corporation)
S1 gmztjhcz; C:\WINDOWS\system32\drivers\gmztjhcz.sys [72816 2017-10-16] (Microsoft Corporation)
S1 guewdbru; C:\WINDOWS\system32\drivers\guewdbru.sys [72816 2017-10-22] (Microsoft Corporation)
S1 gycctmes; C:\WINDOWS\system32\drivers\gycctmes.sys [72816 2017-10-22] (Microsoft Corporation)
S1 gzvmmank; C:\WINDOWS\system32\drivers\gzvmmank.sys [72816 2017-10-20] (Microsoft Corporation)
S1 hfuffoqj; C:\WINDOWS\system32\drivers\hfuffoqj.sys [72816 2017-10-17] (Microsoft Corporation)
S1 hggozwqp; C:\WINDOWS\system32\drivers\hggozwqp.sys [63456 2017-10-25] (Microsoft Corporation)
S1 hgzzvxmt; C:\WINDOWS\system32\drivers\hgzzvxmt.sys [63456 2017-10-24] (Microsoft Corporation)
S1 hhnkftzr; C:\WINDOWS\system32\drivers\hhnkftzr.sys [72816 2017-10-20] (Microsoft Corporation)
S1 hicdgsrp; C:\WINDOWS\system32\drivers\hicdgsrp.sys [72816 2017-10-19] (Microsoft Corporation)
S1 hlojvzpy; C:\WINDOWS\system32\drivers\hlojvzpy.sys [72816 2017-10-22] (Microsoft Corporation)
S1 hluqyyli; C:\WINDOWS\system32\drivers\hluqyyli.sys [72816 2017-10-21] (Microsoft Corporation)
S1 hnvxqhsh; C:\WINDOWS\system32\drivers\hnvxqhsh.sys [63456 2017-10-25] (Microsoft Corporation)
S1 hofsfyfe; C:\WINDOWS\system32\drivers\hofsfyfe.sys [72816 2017-10-22] (Microsoft Corporation)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [41280 2017-07-14] (HP)
S1 htnbpfby; C:\WINDOWS\system32\drivers\htnbpfby.sys [72816 2017-10-18] (Microsoft Corporation)
S1 hucmzyln; C:\WINDOWS\system32\drivers\hucmzyln.sys [72816 2017-10-22] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-25] (REALiX(tm))
S1 hygartny; C:\WINDOWS\system32\drivers\hygartny.sys [72816 2017-10-18] (Microsoft Corporation)
S1 ibzqwvil; C:\WINDOWS\system32\drivers\ibzqwvil.sys [72816 2017-10-19] (Microsoft Corporation)
S1 ifbojeys; C:\WINDOWS\system32\drivers\ifbojeys.sys [72816 2017-10-20] (Microsoft Corporation)
S1 ifxqdvgv; C:\WINDOWS\system32\drivers\ifxqdvgv.sys [72816 2017-10-19] (Microsoft Corporation)
S1 ihugfstn; C:\WINDOWS\system32\drivers\ihugfstn.sys [63456 2017-10-25] (Microsoft Corporation)
S1 ilcecdox; C:\WINDOWS\system32\drivers\ilcecdox.sys [72816 2017-10-16] (Microsoft Corporation)
S1 inuuhiug; C:\WINDOWS\system32\drivers\inuuhiug.sys [72816 2017-10-23] (Microsoft Corporation)
S1 inuyfpvr; C:\WINDOWS\system32\drivers\inuyfpvr.sys [72816 2017-10-21] (Microsoft Corporation)
S1 iqotlszw; C:\WINDOWS\system32\drivers\iqotlszw.sys [72816 2017-10-19] (Microsoft Corporation)
S1 isbxffbr; C:\WINDOWS\system32\drivers\isbxffbr.sys [72816 2017-10-19] (Microsoft Corporation)
S1 ivzwlzrh; C:\WINDOWS\system32\drivers\ivzwlzrh.sys [72816 2017-10-17] (Microsoft Corporation)
S1 jaltmubf; C:\WINDOWS\system32\drivers\jaltmubf.sys [72816 2017-10-17] (Microsoft Corporation)
S1 jbruourh; C:\WINDOWS\system32\drivers\jbruourh.sys [72816 2017-10-19] (Microsoft Corporation)
S1 jjpmhvfy; C:\WINDOWS\system32\drivers\jjpmhvfy.sys [72816 2017-10-22] (Microsoft Corporation)
S1 jpctgnht; C:\WINDOWS\system32\drivers\jpctgnht.sys [63456 2017-10-27] (Microsoft Corporation)
S1 jqklfvcz; C:\WINDOWS\system32\drivers\jqklfvcz.sys [72816 2017-10-19] (Microsoft Corporation)
S1 jtfjfifm; C:\WINDOWS\system32\drivers\jtfjfifm.sys [72816 2017-10-20] (Microsoft Corporation)
S1 juxfyuio; C:\WINDOWS\system32\drivers\juxfyuio.sys [72816 2017-10-24] (Microsoft Corporation)
S1 juyzvojm; C:\WINDOWS\system32\drivers\juyzvojm.sys [72816 2017-10-16] (Microsoft Corporation)
S1 jvqfslgs; C:\WINDOWS\system32\drivers\jvqfslgs.sys [63456 2017-10-25] (Microsoft Corporation)
S1 jxjrjbwv; C:\WINDOWS\system32\drivers\jxjrjbwv.sys [72816 2017-10-18] (Microsoft Corporation)
S1 kgmiunjc; C:\WINDOWS\system32\drivers\kgmiunjc.sys [72816 2017-10-19] (Microsoft Corporation)
S1 kjyisypb; C:\WINDOWS\system32\drivers\kjyisypb.sys [72816 2017-10-16] (Microsoft Corporation)
S1 knlujibp; C:\WINDOWS\system32\drivers\knlujibp.sys [63456 2017-10-25] (Microsoft Corporation)
S1 knpullxn; C:\WINDOWS\system32\drivers\knpullxn.sys [72816 2017-10-20] (Microsoft Corporation)
S1 krfirjho; C:\WINDOWS\system32\drivers\krfirjho.sys [72816 2017-10-21] (Microsoft Corporation)
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45208 2016-08-29] (Logitech Inc.)
S1 lagkadih; C:\WINDOWS\system32\drivers\lagkadih.sys [72816 2017-10-17] (Microsoft Corporation)
S1 lbuzmowu; C:\WINDOWS\system32\drivers\lbuzmowu.sys [72816 2017-10-18] (Microsoft Corporation)
S1 lgaubeqa; C:\WINDOWS\system32\drivers\lgaubeqa.sys [72816 2017-10-21] (Microsoft Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2016-08-29] (Logitech Inc.)
S1 lhwuiial; C:\WINDOWS\system32\drivers\lhwuiial.sys [72816 2017-10-17] (Microsoft Corporation)
S1 lpknsxrh; C:\WINDOWS\system32\drivers\lpknsxrh.sys [72816 2017-10-18] (Microsoft Corporation)
S1 lvrztkfi; C:\WINDOWS\system32\drivers\lvrztkfi.sys [63456 2017-10-24] (Microsoft Corporation)
S1 lxelflka; C:\WINDOWS\system32\drivers\lxelflka.sys [72816 2017-10-21] (Microsoft Corporation)
S1 mdwvqadm; C:\WINDOWS\system32\drivers\mdwvqadm.sys [72816 2017-10-23] (Microsoft Corporation)
S1 mgkuxdna; C:\WINDOWS\system32\drivers\mgkuxdna.sys [72816 2017-10-23] (Microsoft Corporation)
S1 mmpoqtmx; C:\WINDOWS\system32\drivers\mmpoqtmx.sys [63456 2017-10-25] (Microsoft Corporation)
S1 mskwffhf; C:\WINDOWS\system32\drivers\mskwffhf.sys [63456 2017-10-26] (Microsoft Corporation)
S1 mtdmskbf; C:\WINDOWS\system32\drivers\mtdmskbf.sys [72816 2017-10-17] (Microsoft Corporation)
S1 nbsjimwq; C:\WINDOWS\system32\drivers\nbsjimwq.sys [72816 2017-10-19] (Microsoft Corporation)
S1 ndfwnrgs; C:\WINDOWS\system32\drivers\ndfwnrgs.sys [63456 2017-10-24] (Microsoft Corporation)
S1 ndsbwuwp; C:\WINDOWS\system32\drivers\ndsbwuwp.sys [72816 2017-10-21] (Microsoft Corporation)
S1 nhrntuzd; C:\WINDOWS\system32\drivers\nhrntuzd.sys [72816 2017-10-20] (Microsoft Corporation)
S1 njmyazux; C:\WINDOWS\system32\drivers\njmyazux.sys [72816 2017-10-17] (Microsoft Corporation)
S1 njxoepjp; C:\WINDOWS\system32\drivers\njxoepjp.sys [72816 2017-10-23] (Microsoft Corporation)
S1 nmgqlvda; C:\WINDOWS\system32\drivers\nmgqlvda.sys [72816 2017-10-20] (Microsoft Corporation)
S1 nmyebkxf; C:\WINDOWS\system32\drivers\nmyebkxf.sys [72816 2017-10-18] (Microsoft Corporation)
S1 npqwltle; C:\WINDOWS\system32\drivers\npqwltle.sys [72816 2017-10-21] (Microsoft Corporation)
S1 nqdyhzhj; C:\WINDOWS\system32\drivers\nqdyhzhj.sys [72816 2017-10-19] (Microsoft Corporation)
S1 nqmyoxum; C:\WINDOWS\system32\drivers\nqmyoxum.sys [72816 2017-10-18] (Microsoft Corporation)
S1 nwtcczjc; C:\WINDOWS\system32\drivers\nwtcczjc.sys [72816 2017-10-21] (Microsoft Corporation)
S1 nypclxso; C:\WINDOWS\system32\drivers\nypclxso.sys [63456 2017-10-27] (Microsoft Corporation)
S1 nyqupwsu; C:\WINDOWS\system32\drivers\nyqupwsu.sys [72816 2017-10-22] (Microsoft Corporation)
S1 oajaqgie; C:\WINDOWS\system32\drivers\oajaqgie.sys [72816 2017-10-16] (Microsoft Corporation)
S1 ocyamvmq; C:\WINDOWS\system32\drivers\ocyamvmq.sys [72816 2017-10-22] (Microsoft Corporation)
S1 ofwbtdly; C:\WINDOWS\system32\drivers\ofwbtdly.sys [63456 2017-10-26] (Microsoft Corporation)
S1 ogmjyfmx; C:\WINDOWS\system32\drivers\ogmjyfmx.sys [72816 2017-10-18] (Microsoft Corporation)
S1 ogtenken; C:\WINDOWS\system32\drivers\ogtenken.sys [72816 2017-10-16] (Microsoft Corporation)
S1 olbjjbkk; C:\WINDOWS\system32\drivers\olbjjbkk.sys [72816 2017-10-23] (Microsoft Corporation)
S1 ooxkuwkt; C:\WINDOWS\system32\drivers\ooxkuwkt.sys [63456 2017-10-24] (Microsoft Corporation)
S1 orlegxmt; C:\WINDOWS\system32\drivers\orlegxmt.sys [63456 2017-10-24] (Microsoft Corporation)
S1 otvkuefu; C:\WINDOWS\system32\drivers\otvkuefu.sys [72816 2017-10-23] (Microsoft Corporation)
S1 ougbeadq; C:\WINDOWS\system32\drivers\ougbeadq.sys [72816 2017-10-17] (Microsoft Corporation)
S1 ovmjiziz; C:\WINDOWS\system32\drivers\ovmjiziz.sys [72816 2017-10-23] (Microsoft Corporation)
S1 oymnihet; C:\WINDOWS\system32\drivers\oymnihet.sys [72816 2017-10-20] (Microsoft Corporation)
S1 oyrchbzo; C:\WINDOWS\system32\drivers\oyrchbzo.sys [72816 2017-10-23] (Microsoft Corporation)
S1 oztpkaul; C:\WINDOWS\system32\drivers\oztpkaul.sys [72816 2017-10-19] (Microsoft Corporation)
S1 pcvebtlg; C:\WINDOWS\system32\drivers\pcvebtlg.sys [63456 2017-10-25] (Microsoft Corporation)
S1 pgfiqchy; C:\WINDOWS\system32\drivers\pgfiqchy.sys [63456 2017-10-27] (Microsoft Corporation)
S1 pkaxtryn; C:\WINDOWS\system32\drivers\pkaxtryn.sys [72816 2017-10-21] (Microsoft Corporation)
S1 pkwiwjyq; C:\WINDOWS\system32\drivers\pkwiwjyq.sys [63456 2017-10-25] (Microsoft Corporation)
S1 ponivghb; C:\WINDOWS\system32\drivers\ponivghb.sys [72816 2017-10-19] (Microsoft Corporation)
S1 ppefdiyd; C:\WINDOWS\system32\drivers\ppefdiyd.sys [72816 2017-10-23] (Microsoft Corporation)
S1 pqfibasu; C:\WINDOWS\system32\drivers\pqfibasu.sys [72816 2017-10-23] (Microsoft Corporation)
S1 prbtdjtu; C:\WINDOWS\system32\drivers\prbtdjtu.sys [72816 2017-10-17] (Microsoft Corporation)
S1 pwoqjfxk; C:\WINDOWS\system32\drivers\pwoqjfxk.sys [63456 2017-10-26] (Microsoft Corporation)
S1 qawdxcei; C:\WINDOWS\system32\drivers\qawdxcei.sys [63456 2017-10-26] (Microsoft Corporation)
S1 qdbwkwzb; C:\WINDOWS\system32\drivers\qdbwkwzb.sys [63456 2017-10-25] (Microsoft Corporation)
S1 qevqgiww; C:\WINDOWS\system32\drivers\qevqgiww.sys [72816 2017-10-21] (Microsoft Corporation)
S1 qgdasloj; C:\WINDOWS\system32\drivers\qgdasloj.sys [72816 2017-10-23] (Microsoft Corporation)
S1 qkaymjns; C:\WINDOWS\system32\drivers\qkaymjns.sys [63456 2017-10-26] (Microsoft Corporation)
S1 qvogqmhu; C:\WINDOWS\system32\drivers\qvogqmhu.sys [72816 2017-10-22] (Microsoft Corporation)
S1 qvqvnqlr; C:\WINDOWS\system32\drivers\qvqvnqlr.sys [72816 2017-10-17] (Microsoft Corporation)
S1 rdydvwts; C:\WINDOWS\system32\drivers\rdydvwts.sys [72816 2017-10-17] (Microsoft Corporation)
S1 rejhjfwz; C:\WINDOWS\system32\drivers\rejhjfwz.sys [72816 2017-10-21] (Microsoft Corporation)
S1 rfeuvsen; C:\WINDOWS\system32\drivers\rfeuvsen.sys [72816 2017-10-18] (Microsoft Corporation)
S1 rfotcdnj; C:\WINDOWS\system32\drivers\rfotcdnj.sys [72816 2017-10-16] (Microsoft Corporation)
S1 rhvpzrsl; C:\WINDOWS\system32\drivers\rhvpzrsl.sys [72816 2017-10-18] (Microsoft Corporation)
S1 rivhgggw; C:\WINDOWS\system32\drivers\rivhgggw.sys [72816 2017-10-16] (Microsoft Corporation)
S1 rkmxukbu; C:\WINDOWS\system32\drivers\rkmxukbu.sys [63456 2017-10-24] (Microsoft Corporation)
S1 royohrkq; C:\WINDOWS\system32\drivers\royohrkq.sys [63456 2017-10-26] (Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [328920 2017-05-25] (Realtek Semiconductor Corp.)
S1 rtrieprz; C:\WINDOWS\system32\drivers\rtrieprz.sys [72816 2017-10-19] (Microsoft Corporation)
S1 rvbwwmnj; C:\WINDOWS\system32\drivers\rvbwwmnj.sys [63456 2017-10-26] (Microsoft Corporation)
S1 rvfroein; C:\WINDOWS\system32\drivers\rvfroein.sys [63456 2017-10-25] (Microsoft Corporation)
S1 rxnlycjf; C:\WINDOWS\system32\drivers\rxnlycjf.sys [72816 2017-10-19] (Microsoft Corporation)
S1 rxnmilpe; C:\WINDOWS\system32\drivers\rxnmilpe.sys [72816 2017-10-16] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 sfzcfnnh; C:\WINDOWS\system32\drivers\sfzcfnnh.sys [72816 2017-10-22] (Microsoft Corporation)
S1 sgjfodfw; C:\WINDOWS\system32\drivers\sgjfodfw.sys [72816 2017-10-23] (Microsoft Corporation)
S1 sihcfhfm; C:\WINDOWS\system32\drivers\sihcfhfm.sys [63456 2017-10-27] (Microsoft Corporation)
S1 sjdgfesp; C:\WINDOWS\system32\drivers\sjdgfesp.sys [72816 2017-10-18] (Microsoft Corporation)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [60008 2017-05-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S1 smrgakwt; C:\WINDOWS\system32\drivers\smrgakwt.sys [63456 2017-10-26] (Microsoft Corporation)
S1 sotfrxbg; C:\WINDOWS\system32\drivers\sotfrxbg.sys [63456 2017-10-26] (Microsoft Corporation)
S1 sowqvgsz; C:\WINDOWS\system32\drivers\sowqvgsz.sys [72816 2017-10-16] (Microsoft Corporation)
S1 sqhxffaf; C:\WINDOWS\system32\drivers\sqhxffaf.sys [72816 2017-10-19] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 sucuswdw; C:\WINDOWS\system32\drivers\sucuswdw.sys [63456 2017-10-25] (Microsoft Corporation)
S1 svrnpztl; C:\WINDOWS\system32\drivers\svrnpztl.sys [63456 2017-10-24] (Microsoft Corporation)
S1 tbkqzbsl; C:\WINDOWS\system32\drivers\tbkqzbsl.sys [72816 2017-10-19] (Microsoft Corporation)
S1 tcrbejjj; C:\WINDOWS\system32\drivers\tcrbejjj.sys [63456 2017-10-26] (Microsoft Corporation)
S1 tdupgpyk; C:\WINDOWS\system32\drivers\tdupgpyk.sys [72816 2017-10-16] (Microsoft Corporation)
S1 tefbmfwd; C:\WINDOWS\system32\drivers\tefbmfwd.sys [72816 2017-10-23] (Microsoft Corporation)
S1 tlejmukg; C:\WINDOWS\system32\drivers\tlejmukg.sys [72816 2017-10-16] (Microsoft Corporation)
S1 tokmeabr; C:\WINDOWS\system32\drivers\tokmeabr.sys [72816 2017-10-21] (Microsoft Corporation)
S1 tqbeampx; C:\WINDOWS\system32\drivers\tqbeampx.sys [63456 2017-10-24] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-04-22] ()
S1 tshejhxi; C:\WINDOWS\system32\drivers\tshejhxi.sys [72816 2017-10-18] (Microsoft Corporation)
S1 ttpnrdyy; C:\WINDOWS\system32\drivers\ttpnrdyy.sys [72816 2017-10-17] (Microsoft Corporation)
S1 twjabuas; C:\WINDOWS\system32\drivers\twjabuas.sys [63456 2017-10-24] (Microsoft Corporation)
S1 txfaibxw; C:\WINDOWS\system32\drivers\txfaibxw.sys [63456 2017-10-25] (Microsoft Corporation)
S1 tydetocp; C:\WINDOWS\system32\drivers\tydetocp.sys [72816 2017-10-24] (Microsoft Corporation)
S1 tydkblhc; C:\WINDOWS\system32\drivers\tydkblhc.sys [63456 2017-10-26] (Microsoft Corporation)
S1 typveatx; C:\WINDOWS\system32\drivers\typveatx.sys [63456 2017-10-26] (Microsoft Corporation)
S1 tyyqmmbb; C:\WINDOWS\system32\drivers\tyyqmmbb.sys [63456 2017-10-25] (Microsoft Corporation)
S1 ubuymrku; C:\WINDOWS\system32\drivers\ubuymrku.sys [72816 2017-10-21] (Microsoft Corporation)
S1 udzniodk; C:\WINDOWS\system32\drivers\udzniodk.sys [63456 2017-10-25] (Microsoft Corporation)
S1 ugkizrtr; C:\WINDOWS\system32\drivers\ugkizrtr.sys [63456 2017-10-26] (Microsoft Corporation)
S1 ugyijzqa; C:\WINDOWS\system32\drivers\ugyijzqa.sys [63456 2017-10-24] (Microsoft Corporation)
S1 ujrmemfe; C:\WINDOWS\system32\drivers\ujrmemfe.sys [72816 2017-10-21] (Microsoft Corporation)
S1 ukwohdrj; C:\WINDOWS\system32\drivers\ukwohdrj.sys [63456 2017-10-24] (Microsoft Corporation)
S1 ulzwxpbd; C:\WINDOWS\system32\drivers\ulzwxpbd.sys [72816 2017-10-20] (Microsoft Corporation)
S1 uppefcje; C:\WINDOWS\system32\drivers\uppefcje.sys [72816 2017-10-16] (Microsoft Corporation)
S1 upqkiska; C:\WINDOWS\system32\drivers\upqkiska.sys [72816 2017-10-23] (Microsoft Corporation)
S1 utzkdgoo; C:\WINDOWS\system32\drivers\utzkdgoo.sys [63456 2017-10-27] (Microsoft Corporation)
S1 uwnhlhij; C:\WINDOWS\system32\drivers\uwnhlhij.sys [72816 2017-10-19] (Microsoft Corporation)
S1 uyznpjew; C:\WINDOWS\system32\drivers\uyznpjew.sys [72816 2017-10-23] (Microsoft Corporation)
S1 vbgxkudg; C:\WINDOWS\system32\drivers\vbgxkudg.sys [63456 2017-10-25] (Microsoft Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S1 vgdlpdzn; C:\WINDOWS\system32\drivers\vgdlpdzn.sys [72816 2017-10-19] (Microsoft Corporation)
S1 vjqhtmpp; C:\WINDOWS\system32\drivers\vjqhtmpp.sys [63456 2017-10-26] (Microsoft Corporation)
S1 vsunaiir; C:\WINDOWS\system32\drivers\vsunaiir.sys [72816 2017-10-22] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S1 wfeenyje; C:\WINDOWS\system32\drivers\wfeenyje.sys [72816 2017-10-20] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [31656 2017-05-25] (HP)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2017-05-25] (HP)
S1 wnenprin; C:\WINDOWS\system32\drivers\wnenprin.sys [72816 2017-10-22] (Microsoft Corporation)
S1 wntcuhyy; C:\WINDOWS\system32\drivers\wntcuhyy.sys [72816 2017-10-20] (Microsoft Corporation)
S1 wqknszcm; C:\WINDOWS\system32\drivers\wqknszcm.sys [63456 2017-10-24] (Microsoft Corporation)
S1 wqpuwlpd; C:\WINDOWS\system32\drivers\wqpuwlpd.sys [63456 2017-10-24] (Microsoft Corporation)
S1 wrmlqose; C:\WINDOWS\system32\drivers\wrmlqose.sys [63456 2017-10-25] (Microsoft Corporation)
S1 xcmxprvy; C:\WINDOWS\system32\drivers\xcmxprvy.sys [72816 2017-10-22] (Microsoft Corporation)
S1 xcodscik; C:\WINDOWS\system32\drivers\xcodscik.sys [72816 2017-10-20] (Microsoft Corporation)
S1 xdhxfjjs; C:\WINDOWS\system32\drivers\xdhxfjjs.sys [63456 2017-10-25] (Microsoft Corporation)
S1 xeqkjmml; C:\WINDOWS\system32\drivers\xeqkjmml.sys [72816 2017-10-21] (Microsoft Corporation)
S1 xjzcyxky; C:\WINDOWS\system32\drivers\xjzcyxky.sys [63456 2017-10-26] (Microsoft Corporation)
S1 xkexlnmv; C:\WINDOWS\system32\drivers\xkexlnmv.sys [72816 2017-10-20] (Microsoft Corporation)
S1 xlopgjej; C:\WINDOWS\system32\drivers\xlopgjej.sys [72816 2017-10-20] (Microsoft Corporation)
S1 xmkjclhc; C:\WINDOWS\system32\drivers\xmkjclhc.sys [63456 2017-10-24] (Microsoft Corporation)
S1 xpugrnpg; C:\WINDOWS\system32\drivers\xpugrnpg.sys [72816 2017-10-20] (Microsoft Corporation)
S1 xtaapkbq; C:\WINDOWS\system32\drivers\xtaapkbq.sys [63456 2017-10-25] (Microsoft Corporation)
S1 xvildnyg; C:\WINDOWS\system32\drivers\xvildnyg.sys [72816 2017-10-20] (Microsoft Corporation)
S1 yeijdcjz; C:\WINDOWS\system32\drivers\yeijdcjz.sys [72816 2017-10-23] (Microsoft Corporation)
S1 yhyblcwc; C:\WINDOWS\system32\drivers\yhyblcwc.sys [72816 2017-10-19] (Microsoft Corporation)
S1 yqvizmwh; C:\WINDOWS\system32\drivers\yqvizmwh.sys [63456 2017-10-25] (Microsoft Corporation)
S1 yrhuxrtv; C:\WINDOWS\system32\drivers\yrhuxrtv.sys [63456 2017-10-26] (Microsoft Corporation)
S1 yrlwpxnf; C:\WINDOWS\system32\drivers\yrlwpxnf.sys [72816 2017-10-20] (Microsoft Corporation)
S1 ytehewex; C:\WINDOWS\system32\drivers\ytehewex.sys [72816 2017-10-17] (Microsoft Corporation)
S1 zchtdaxd; C:\WINDOWS\system32\drivers\zchtdaxd.sys [72816 2017-10-22] (Microsoft Corporation)
S1 zdandlsl; C:\WINDOWS\system32\drivers\zdandlsl.sys [72816 2017-10-18] (Microsoft Corporation)
S1 zfjbgdtx; C:\WINDOWS\system32\drivers\zfjbgdtx.sys [63456 2017-10-24] (Microsoft Corporation)
S1 zkcakxrf; C:\WINDOWS\system32\drivers\zkcakxrf.sys [72816 2017-10-18] (Microsoft Corporation)
S1 zldvonpl; C:\WINDOWS\system32\drivers\zldvonpl.sys [72816 2017-10-17] (Microsoft Corporation)
S1 zmqyprbn; C:\WINDOWS\system32\drivers\zmqyprbn.sys [72816 2017-10-17] (Microsoft Corporation)
S1 zrkbhqey; C:\WINDOWS\system32\drivers\zrkbhqey.sys [72816 2017-10-18] (Microsoft Corporation)
S1 ztrcgtpg; C:\WINDOWS\system32\drivers\ztrcgtpg.sys [72816 2017-10-17] (Microsoft Corporation)
S1 zujaqoit; C:\WINDOWS\system32\drivers\zujaqoit.sys [72816 2017-10-16] (Microsoft Corporation)
S1 zuvyrxrn; C:\WINDOWS\system32\drivers\zuvyrxrn.sys [72816 2017-10-19] (Microsoft Corporation)
S1 zvwoeiuk; C:\WINDOWS\system32\drivers\zvwoeiuk.sys [63456 2017-10-24] (Microsoft Corporation)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
S1 dettooab; \??\C:\WINDOWS\system32\drivers\dettooab.sys [X]
R5 drmkpro64;  <==== ATTENTION: Locked Service <==== ATTENTION
S1 sawyczqu; \??\C:\WINDOWS\system32\drivers\sawyczqu.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\WINDOWS\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-24 17:01 - 2018-04-24 17:01 - 000000000 ____D C:\FRST
2018-04-24 16:45 - 2015-10-22 13:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2018-04-24 16:45 - 2015-10-22 13:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2018-04-24 16:45 - 2015-10-22 13:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2018-04-24 16:45 - 2015-10-22 13:43 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2018-04-24 16:45 - 2015-10-22 12:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2018-04-24 16:45 - 2015-10-22 12:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2018-04-24 16:45 - 2015-10-22 12:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2018-04-24 16:45 - 2015-10-22 12:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2018-04-24 16:45 - 2014-11-17 16:17 - 000672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2018-04-24 16:45 - 2014-11-14 02:54 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-04-24 16:44 - 2014-11-15 15:05 - 000801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-04-24 16:44 - 2014-11-15 02:29 - 000962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-04-24 16:44 - 2014-11-14 02:57 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-04-24 16:44 - 2014-11-14 01:03 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-04-24 16:44 - 2014-11-07 22:03 - 000733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2018-04-24 16:44 - 2014-11-07 21:58 - 004837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2018-04-24 16:44 - 2014-11-07 21:49 - 001154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2018-04-24 16:44 - 2014-11-04 22:12 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2018-04-24 16:44 - 2014-11-04 22:12 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2018-04-24 16:44 - 2014-11-04 22:06 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-04-24 16:44 - 2014-11-04 21:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2018-04-24 16:44 - 2014-11-04 21:39 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2018-04-24 16:44 - 2014-11-04 21:33 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-04-24 16:44 - 2014-11-04 21:14 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2018-04-24 16:44 - 2014-11-04 15:33 - 000058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2018-04-24 16:44 - 2014-10-20 21:59 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2018-04-24 16:44 - 2014-10-20 21:19 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2018-04-24 16:44 - 2014-10-20 20:50 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2018-04-24 16:44 - 2014-10-20 20:31 - 001574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-04-24 16:44 - 2014-10-20 20:31 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2018-04-24 16:44 - 2014-10-20 20:20 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-04-24 16:44 - 2014-10-17 00:56 - 000039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2018-04-24 16:36 - 2018-04-24 16:36 - 000181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2018-04-24 16:36 - 2018-04-24 16:36 - 000000000 ____D C:\Tweaking.com_Windows_Repair_Logs
2018-04-22 16:50 - 2018-04-22 16:50 - 000000870 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-04-22 16:50 - 2018-04-22 16:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-04-22 16:50 - 2018-04-22 16:50 - 000000000 ____D C:\Program Files\RogueKiller
2018-04-22 11:40 - 2018-04-22 11:40 - 001129816 _____ (Google Inc.) C:\Users\aaron\Downloads\ChromeSetup.exe
2018-04-21 22:43 - 2018-04-22 21:10 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-04-21 22:42 - 2018-04-22 16:50 - 000000000 ____D C:\ProgramData\RogueKiller
2018-04-21 22:39 - 2018-04-22 11:19 - 000000000 ____D C:\Users\aaron\Desktop\mbar
2018-04-21 22:39 - 2018-04-21 22:39 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-04-10 22:28 - 2018-03-23 09:50 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-04-10 22:28 - 2018-03-22 19:00 - 025742336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-10 22:28 - 2018-03-22 17:26 - 020287488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-10 22:28 - 2018-03-22 17:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-10 22:28 - 2018-03-22 17:15 - 005780480 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-10 22:28 - 2018-03-22 17:06 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-10 22:28 - 2018-03-22 16:52 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-10 22:28 - 2018-03-22 16:42 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-10 22:28 - 2018-03-22 16:37 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-10 22:28 - 2018-03-22 16:29 - 015282688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-10 22:28 - 2018-03-22 16:29 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-10 22:28 - 2018-03-22 16:29 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-10 22:28 - 2018-03-22 16:29 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-10 22:28 - 2018-03-22 16:27 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-10 22:28 - 2018-03-22 16:21 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-10 22:28 - 2018-03-22 16:20 - 013680128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-10 22:28 - 2018-03-22 16:20 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-10 22:28 - 2018-03-22 16:15 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-10 22:28 - 2018-03-22 16:15 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-10 22:28 - 2018-03-22 16:15 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-10 22:28 - 2018-03-22 16:14 - 002059776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-10 22:28 - 2018-03-22 16:04 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-10 22:28 - 2018-03-22 15:55 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-10 22:28 - 2018-03-22 15:52 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-10 22:28 - 2018-03-10 13:50 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-10 22:28 - 2018-03-09 17:20 - 007405392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-10 22:28 - 2018-03-09 17:20 - 001737592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-10 22:28 - 2018-03-09 17:20 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-10 22:28 - 2018-03-09 17:20 - 001536112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-10 22:28 - 2018-03-09 17:20 - 001500424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-10 22:28 - 2018-03-09 17:20 - 001371344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-10 22:28 - 2018-03-09 17:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-10 22:28 - 2018-02-16 11:51 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-04-10 22:28 - 2018-02-16 11:28 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-04-10 22:28 - 2018-02-16 11:24 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-04-10 22:28 - 2018-02-16 11:24 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-04-10 22:28 - 2018-02-16 10:37 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-04-10 22:28 - 2018-02-16 10:37 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-04-10 22:28 - 2018-02-10 15:08 - 001307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-04-10 22:28 - 2018-02-10 13:50 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-04-10 22:28 - 2018-02-10 13:40 - 002901504 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-04-10 22:28 - 2018-02-10 13:09 - 003757056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-04-10 22:28 - 2018-02-10 13:06 - 002295296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-04-10 22:28 - 2018-02-10 13:03 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-04-10 22:28 - 2018-02-10 12:52 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-04-10 22:28 - 2018-02-10 12:48 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-04-10 22:28 - 2018-02-10 12:35 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-04-10 22:28 - 2018-02-10 12:33 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-04-10 22:28 - 2018-02-10 03:06 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-04-10 22:28 - 2018-02-10 01:49 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-04-10 22:28 - 2018-02-09 21:25 - 001137872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-10 22:28 - 2018-02-09 13:44 - 000276304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-10 22:28 - 2018-02-09 13:21 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-10 22:28 - 2018-02-08 14:53 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-10 22:28 - 2018-02-08 13:49 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-10 22:28 - 2018-02-08 13:40 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-10 22:28 - 2018-02-03 02:04 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-04-10 22:28 - 2018-02-03 02:03 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-04-10 22:28 - 2018-02-01 14:51 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-04-10 22:28 - 2018-01-12 21:18 - 002452824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-04-10 22:28 - 2018-01-11 13:13 - 001695744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-04-10 22:28 - 2018-01-10 10:48 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-04-10 22:28 - 2018-01-02 03:56 - 000567656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-04-10 22:28 - 2018-01-02 03:56 - 000397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-04-10 22:28 - 2018-01-02 02:39 - 022374248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-04-10 22:28 - 2018-01-02 02:03 - 000341384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-04-10 22:28 - 2018-01-02 02:00 - 019790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-04-10 22:28 - 2018-01-02 01:58 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-04-10 22:28 - 2018-01-02 01:40 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-04-10 22:28 - 2018-01-02 01:38 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-04-10 22:28 - 2018-01-02 01:37 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-04-10 22:28 - 2018-01-02 01:28 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-04-10 22:28 - 2018-01-02 01:28 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2018-04-10 22:28 - 2018-01-02 01:18 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-04-10 22:28 - 2018-01-02 01:17 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2018-04-10 22:28 - 2018-01-02 01:06 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-04-10 22:28 - 2018-01-02 00:56 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-04-10 22:28 - 2018-01-02 00:51 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-04-10 22:28 - 2018-01-02 00:44 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-04-10 22:28 - 2018-01-02 00:34 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-04-10 22:28 - 2018-01-02 00:27 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-04-10 22:28 - 2017-12-14 19:26 - 000374096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-04-10 22:28 - 2017-12-14 17:39 - 000315736 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-04-10 22:28 - 2017-12-14 06:17 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-04-10 22:28 - 2017-12-10 09:58 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-04-10 22:28 - 2017-12-10 09:46 - 007079424 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2018-04-10 22:28 - 2017-12-10 09:24 - 005275136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2018-04-10 22:28 - 2017-12-10 09:06 - 007797760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-10 22:27 - 2018-03-22 15:53 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-10 22:27 - 2018-03-22 15:51 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-10 22:27 - 2018-03-09 20:16 - 001549136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-10 22:27 - 2018-03-09 20:16 - 000388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-10 22:27 - 2018-03-09 15:59 - 000121168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-10 22:27 - 2018-03-09 10:52 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-10 22:27 - 2018-03-09 10:52 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-10 22:27 - 2018-03-09 10:52 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-10 22:27 - 2018-03-09 10:52 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-10 22:27 - 2018-03-08 14:15 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2018-04-10 22:27 - 2018-03-08 14:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2018-04-10 22:27 - 2018-03-08 10:21 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-10 22:27 - 2018-03-07 19:46 - 000202576 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-10 22:27 - 2018-03-07 19:42 - 000174928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-10 22:27 - 2018-03-07 15:28 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-10 22:27 - 2018-03-07 14:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-10 22:27 - 2018-03-03 13:44 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-10 22:27 - 2018-03-03 13:04 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-10 22:27 - 2018-02-16 11:51 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-04-10 22:27 - 2018-02-10 16:24 - 000178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-04-10 22:27 - 2018-02-10 15:29 - 000274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-04-10 22:27 - 2018-02-10 15:29 - 000124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NV_AGP.SYS
2018-04-10 22:27 - 2018-02-10 15:29 - 000065888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ULIAGPKX.SYS
2018-04-10 22:27 - 2018-02-10 15:29 - 000062304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AGP440.sys
2018-04-10 22:27 - 2018-02-10 15:29 - 000021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-04-10 22:27 - 2018-02-10 15:29 - 000017240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
2018-04-10 22:27 - 2018-02-10 15:25 - 000533856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-04-10 22:27 - 2018-02-10 15:06 - 000356184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-04-10 22:27 - 2018-02-10 13:26 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-04-10 22:27 - 2018-02-10 13:20 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-04-10 22:27 - 2018-02-10 13:01 - 000617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-04-10 22:27 - 2018-02-10 12:59 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-04-10 22:27 - 2018-02-10 12:54 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-04-10 22:27 - 2018-02-10 12:46 - 002412544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-04-10 22:27 - 2018-02-10 12:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-04-10 22:27 - 2018-02-10 12:43 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-04-10 22:27 - 2018-02-10 12:30 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-04-10 22:27 - 2018-02-10 12:29 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-04-10 22:27 - 2018-02-09 21:29 - 000531632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-10 22:27 - 2018-02-08 14:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-10 22:27 - 2018-02-08 14:18 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-04-10 22:27 - 2018-02-08 14:03 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-04-10 22:27 - 2018-02-08 13:42 - 001001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-10 22:27 - 2018-02-08 13:42 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-10 22:27 - 2018-02-08 13:38 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-10 22:27 - 2018-02-08 13:37 - 002779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-04-10 22:27 - 2018-02-08 13:27 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-10 22:27 - 2018-02-08 13:24 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-04-10 22:27 - 2018-02-08 13:03 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-10 22:27 - 2018-02-08 13:03 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-10 22:27 - 2018-02-08 12:57 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-04-10 22:27 - 2018-02-02 16:42 - 003320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-04-10 22:27 - 2018-02-02 15:24 - 003610112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-04-10 22:27 - 2018-01-26 15:04 - 001115648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-04-10 22:27 - 2018-01-25 10:19 - 000995272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-04-10 22:27 - 2018-01-25 10:14 - 000922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-04-10 22:27 - 2018-01-12 17:42 - 000376664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-04-10 22:27 - 2018-01-12 14:31 - 004690944 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-04-10 22:27 - 2018-01-12 14:18 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2018-04-10 22:27 - 2018-01-12 13:35 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-04-10 22:27 - 2018-01-12 13:26 - 000393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2018-04-10 22:27 - 2018-01-11 14:39 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2018-04-10 22:27 - 2018-01-11 14:39 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2018-04-10 22:27 - 2018-01-11 14:34 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-04-10 22:27 - 2018-01-11 14:28 - 001562624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-04-10 22:27 - 2018-01-11 14:19 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-04-10 22:27 - 2018-01-11 14:19 - 000032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-04-10 22:27 - 2018-01-11 14:10 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2018-04-10 22:27 - 2018-01-11 14:10 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2018-04-10 22:27 - 2018-01-11 14:04 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-04-10 22:27 - 2018-01-11 13:56 - 000504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-04-10 22:27 - 2018-01-11 13:55 - 002003456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-04-10 22:27 - 2018-01-11 13:42 - 002923520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-04-10 22:27 - 2018-01-11 13:07 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-04-10 22:27 - 2018-01-09 02:06 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2018-04-10 22:27 - 2018-01-09 01:32 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2018-04-10 22:27 - 2018-01-09 01:19 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-04-10 22:27 - 2018-01-09 00:59 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-04-10 22:27 - 2018-01-02 04:00 - 000590680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-04-10 22:27 - 2018-01-02 04:00 - 000242520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-04-10 22:27 - 2018-01-02 04:00 - 000214392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-10 22:27 - 2018-01-02 03:56 - 002530400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-04-10 22:27 - 2018-01-02 03:56 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-04-10 22:27 - 2018-01-02 02:39 - 002013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-04-10 22:27 - 2018-01-02 02:39 - 000354648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-04-10 22:27 - 2018-01-02 02:38 - 002176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-04-10 22:27 - 2018-01-02 02:38 - 001662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-04-10 22:27 - 2018-01-02 02:38 - 001063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-04-10 22:27 - 2018-01-02 02:37 - 000685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-04-10 22:27 - 2018-01-02 02:35 - 000989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-04-10 22:27 - 2018-01-02 02:05 - 000164296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-04-10 22:27 - 2018-01-02 02:01 - 001902328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-04-10 22:27 - 2018-01-02 01:59 - 001565520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-04-10 22:27 - 2018-01-02 01:59 - 001213784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-04-10 22:27 - 2018-01-02 01:48 - 000507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-04-10 22:27 - 2018-01-02 01:39 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-04-10 22:27 - 2018-01-02 01:39 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-04-10 22:27 - 2018-01-02 01:39 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-04-10 22:27 - 2018-01-02 01:38 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-04-10 22:27 - 2018-01-02 01:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2018-04-10 22:27 - 2018-01-02 01:38 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-04-10 22:27 - 2018-01-02 01:37 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-04-10 22:27 - 2018-01-02 01:34 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-04-10 22:27 - 2018-01-02 01:31 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-04-10 22:27 - 2018-01-02 01:19 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2018-04-10 22:27 - 2018-01-02 00:57 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-04-10 22:27 - 2018-01-02 00:45 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2018-04-10 22:27 - 2018-01-02 00:34 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-04-10 22:27 - 2018-01-02 00:33 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-04-10 22:27 - 2018-01-02 00:33 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-04-10 22:27 - 2018-01-02 00:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-04-10 22:27 - 2018-01-02 00:32 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-04-10 22:27 - 2018-01-02 00:29 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-04-10 22:27 - 2018-01-02 00:29 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-04-10 22:27 - 2018-01-02 00:25 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-04-10 22:27 - 2018-01-02 00:23 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-04-10 22:27 - 2018-01-02 00:22 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-04-10 22:27 - 2018-01-02 00:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-04-10 22:27 - 2018-01-02 00:18 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-04-10 22:27 - 2018-01-02 00:17 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-04-10 22:27 - 2018-01-02 00:17 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-04-10 22:27 - 2018-01-02 00:16 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-04-10 22:27 - 2018-01-02 00:13 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-04-10 22:27 - 2018-01-02 00:11 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2018-04-10 22:27 - 2018-01-02 00:11 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-04-10 22:27 - 2018-01-02 00:09 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-04-10 22:27 - 2018-01-02 00:09 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-04-10 22:27 - 2018-01-02 00:09 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-04-10 22:27 - 2018-01-02 00:08 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-04-10 22:27 - 2018-01-02 00:07 - 001265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-04-10 22:27 - 2018-01-02 00:07 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-04-10 22:27 - 2018-01-02 00:06 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-04-10 22:27 - 2018-01-02 00:05 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-04-10 22:27 - 2018-01-01 23:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-04-10 22:27 - 2018-01-01 23:57 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2018-04-10 22:27 - 2018-01-01 23:56 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-04-10 22:27 - 2018-01-01 23:55 - 003548160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-04-10 22:27 - 2017-12-29 04:21 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-04-10 22:27 - 2017-12-10 08:59 - 005270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-04-10 22:27 - 2017-12-05 12:56 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2018-04-10 22:27 - 2017-12-05 12:52 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-04-10 22:27 - 2017-12-05 12:45 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-04-10 22:27 - 2017-12-05 12:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-04-10 22:27 - 2017-12-05 12:32 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-04-10 22:27 - 2017-12-05 12:10 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2018-04-10 22:27 - 2017-12-05 12:02 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2018-04-10 22:27 - 2017-12-05 11:58 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2018-04-10 22:27 - 2017-12-05 11:24 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-04-10 22:27 - 2017-11-24 17:58 - 002608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-04-10 22:27 - 2017-11-24 17:56 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-04-10 22:27 - 2017-11-24 17:46 - 002170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-04-10 22:27 - 2017-11-24 17:44 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-04-10 22:27 - 2014-11-08 00:00 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2018-04-10 22:27 - 2014-11-07 23:56 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2018-04-10 22:27 - 2014-11-07 23:56 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2018-04-10 22:27 - 2014-11-07 23:56 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2018-04-10 22:27 - 2014-11-07 23:24 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2018-04-10 22:27 - 2014-11-07 23:13 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2018-04-10 22:27 - 2014-11-07 23:13 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2018-04-10 22:27 - 2014-11-07 23:13 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2018-04-10 22:27 - 2014-11-07 22:48 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2018-04-10 22:27 - 2014-11-04 02:27 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2018-04-10 22:11 - 2018-03-16 14:51 - 000144000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-10 22:11 - 2018-03-14 09:23 - 001993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-10 22:11 - 2018-03-14 09:23 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-10 22:11 - 2018-03-14 09:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-10 22:11 - 2018-03-14 09:23 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-10 22:11 - 2018-03-14 09:23 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-10 22:11 - 2018-03-14 09:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2018-04-10 22:11 - 2018-03-14 09:23 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-10 22:11 - 2018-03-14 09:23 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-10 22:11 - 2018-03-14 09:23 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-25 17:41 - 2018-03-25 17:41 - 000039378 _____ C:\Users\aaron\Downloads\LOS SANTO CASE FILE (1).xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-24 17:01 - 2014-03-18 05:53 - 000766940 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-24 17:01 - 2013-08-22 09:36 - 000000000 ____D C:\WINDOWS\Inf
2018-04-24 17:00 - 2016-12-08 19:49 - 000000000 ____D C:\Users\aaron\Documents\Youcam
2018-04-24 16:59 - 2017-10-17 18:07 - 000000000 ____D C:\Users\aaron\AppData\Roaming\Skype
2018-04-24 16:57 - 2017-10-17 18:04 - 000000000 ___RD C:\Users\aaron\OneDrive
2018-04-24 16:57 - 2017-02-05 10:39 - 000000000 ____D C:\Users\aaron\AppData\Local\Battle.net
2018-04-24 16:57 - 2017-02-05 10:38 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-04-24 16:55 - 2013-08-22 10:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-24 16:53 - 2015-06-16 21:40 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-04-24 16:53 - 2013-08-22 09:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-04-24 16:51 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-04-24 16:51 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-04-24 16:46 - 2013-08-22 11:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-24 16:37 - 2017-07-16 22:48 - 000000000 ____D C:\Users\aaron\AppData\Local\ntuserlitelist
2018-04-24 13:00 - 2017-07-23 21:00 - 000000520 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 619ae62e-3020-49b4-8294-925156b20587.job
2018-04-24 02:00 - 2017-07-23 21:00 - 000000520 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task cd79afed-3238-4cbe-9049-541aece6e23f.job
2018-04-22 20:32 - 2016-07-21 12:39 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2196296041-421747137-628272808-1002
2018-04-22 19:23 - 2017-07-29 17:55 - 000000000 ____D C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plumbytes Anti-Malware
2018-04-22 11:20 - 2016-11-14 14:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-22 02:20 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\rescache
2018-04-21 21:50 - 2013-08-22 10:44 - 000354160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-21 21:45 - 2016-08-09 18:58 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-21 21:45 - 2013-08-22 11:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-04-11 04:08 - 2016-08-09 07:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 04:02 - 2017-10-11 04:51 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 04:02 - 2016-08-09 07:22 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-06 03:59 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-06 03:59 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-02 21:01 - 2017-06-16 08:40 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-02 21:01 - 2017-06-16 08:40 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-11-02 23:27 - 2016-11-02 23:27 - 000000000 _____ () C:\Users\aaron\.mongorc.js
2017-07-04 00:28 - 2017-07-04 00:28 - 000018104 _____ () C:\Users\aaron\AppData\Roaming\Kapobi
2017-04-20 06:48 - 2017-04-20 06:48 - 000450048 _____ () C:\Users\aaron\AppData\Roaming\Kohanec.exe
2017-07-12 00:32 - 2017-07-12 00:32 - 000020180 _____ () C:\Users\aaron\AppData\Roaming\Norolapafi
2016-10-12 00:36 - 2017-07-12 00:27 - 000000451 _____ () C:\Users\aaron\AppData\Roaming\WB.CFG
2017-05-17 11:32 - 2017-05-17 11:32 - 000125952 _____ () C:\Users\aaron\AppData\Local\report
2017-03-28 17:12 - 2017-03-28 17:12 - 000007606 _____ () C:\Users\aaron\AppData\Local\Resmon.ResmonCfg
2016-10-26 22:42 - 2016-10-26 22:44 - 000000173 _____ () C:\Users\aaron\AppData\Local\uts.ini

Some files in TEMP:
====================
2017-10-17 18:17 - 2017-10-17 18:18 - 001118360 _____ (© 2015 Microsoft Corporation) C:\Users\aaron\AppData\Local\Temp\BSvcProcessor.exe
2017-10-17 18:17 - 2017-10-17 18:17 - 000170128 _____ (© 2015 Microsoft Corporation) C:\Users\aaron\AppData\Local\Temp\BSvcUpdater.exe
2018-04-21 22:42 - 2018-03-09 17:20 - 001737592 _____ (Microsoft Corporation) C:\Users\aaron\AppData\Local\Temp\dllnt_dump.dll
2018-04-22 10:01 - 2018-04-22 10:03 - 064108904 _____ (SweetLabs,Inc.) C:\Users\aaron\AppData\Local\Temp\oct1260.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\ndistpr64.sys -> Access Denied <======= ATTENTION

LastRegBack: 2018-04-23 04:14

==================== End of FRST.txt ============================

Link to post
Share on other sites
RyanT

RyanT

Posted
  • Author
Posted

dditional scan result of Farbar Recovery Scan Tool (x64) Version: 23.04.2018
Ran by aaron (24-04-2018 17:03:49)
Running from F:\
Windows 8.1 (Update) (X64) (2016-07-21 16:32:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

aaron (S-1-5-21-2196296041-421747137-628272808-1002 - Administrator - Enabled) => C:\Users\aaron
Administrator (S-1-5-21-2196296041-421747137-628272808-500 - Administrator - Disabled)
Guest (S-1-5-21-2196296041-421747137-628272808-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
911 - First Responders (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.03.001 - )
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing Search Engine (HKLM-x32\...\{803F68FF-D0BF-B97F-613F-C9FFB1BF1A7F}) (Version:  - )
BitTorrent (HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{585A6A74-1DED-8DA0-32F1-F5EFA485DFB1}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{A0649E20-C57C-DCFA-AE1B-1CE1CB9D98A8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{35F79A5D-00E2-8C19-D929-2E85DEA4252D}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{2CEBB6AA-EC39-DFF2-1F5B-9A98301C4DAB}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{F05F0B6E-9999-55D0-C323-D06DF0E2B59F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{CBABB5FD-BD69-8969-729A-5659E11D9518}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{98527BF3-A8E0-B8CF-7297-436B714FC576}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{D6CD1B25-53E6-C2F8-FA99-F89138A9C86F}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{487C3865-3005-F04A-FBA4-F4239E02A847}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{D80AD200-548C-B62B-32AE-BF3CD7AA7EA2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{D21BFF5C-51AA-4C15-1C91-6A1087FDC373}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{04F0FFCB-D9A5-2332-2697-CA47C0424AF2}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{47F2FFDC-3D6A-CED6-0B54-6E7082D5B29B}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5608D1B6-6483-9FA3-7297-C2CFC3FCE747}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{1FCA484A-5A9E-9C91-F050-257D1F311A0C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{D8FB03AE-A326-0C12-AC47-B898FE73FA94}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F7876D2E-CDCD-CE53-0E88-995B57A94B58}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{3BAB5AC8-EF35-FED0-BCEB-9306D05EDE1C}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{746E086C-023A-A79C-DBE1-062E773FF6C8}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{1C44BB26-1941-DB44-D5E8-C455F89EE6E6}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE7F26CB-6E91-7673-7130-80C36FBF13DE}) (Version: 2016.0226.1531.27895 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CEVO CS:GO Client Beta version 2.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 2.0 - )
Construction Simulator 2015 (HKLM-x32\...\Construction Simulator 2015_is1) (Version:  - )
CoreVorbis Audio Decoder (remove only) (HKLM-x32\...\CoreVorbis Audio Decoder) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3906 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Discord (HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Discord) (Version: 0.0.298 - Discord Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.238 - DivX, LLC)
Driver Booster 4.2 (HKLM-x32\...\Driver Booster_is1) (Version: 4.2.0 - IObit)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farming Simulator 17 (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - )
FarmVille 2 (HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Pokki_34e8f5c0c9e5744bf2cdb514283762dd0524776b) (Version: 1.0.4.55785 - Pokki)
Google Chrome (HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.1.0.001 - HTC Corporation)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.08 - Softex Inc.) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kane's Wrath 1.2 (HKLM-x32\...\Command & Conquer 3: Kane's Wrath_is1) (Version:  - HWMasters.com)
League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.13225.3 - Linksys LLC)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.87 (HKLM\...\Logitech Gaming Software) (Version: 8.87.116 - Logitech Inc.)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MongoDB 3.2.10 2008R2Plus SSL (64 bit) (HKLM\...\{E6D95615-0D72-4123-B516-1FEE40C8E07A}) (Version: 3.2.10 - MongoDB)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\OpenIV) (Version: 2.9.907 - .black/OpenIV Team)
Plumbytes Anti-Malware 2017 (HKLM\...\Plumbytes Anti-Malware 2017) (Version:  - Plumbytes Software)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.29092 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
RogueKiller version 12.12.13.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.13.0 - Adlice Software)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.5.1 - IObit)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.37 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
The Sims 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts)
Tiberium Wars 1.09 (HKLM-x32\...\Command & Conquer 3: Tiberium Wars_is1) (Version:  - HWMasters.com)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.50 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.1 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\aaron\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2196296041-421747137-628272808-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\aaron\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-19] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-02-21] (Cyberlink)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-10-01] (Power Software Ltd)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-05-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-05-02] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-02-21] (Cyberlink)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-19] (Igor Pavlov)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-10-01] (Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-02-26] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2016-10-01] (Power Software Ltd)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-05-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-05-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0378FEB7-0155-439E-9AFA-61DCF336D838} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {0C97DDF6-3477-4B94-B9FB-5330E1AAB529} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {0F881E68-0468-42B2-90F9-7DDCF724AB61} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-04-05] (DivX, LLC)
Task: {1B16D68D-5C5F-4276-98F0-6809C0688600} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {23627CF3-F07A-455A-9460-27B4C6507C50} - \{0A780C47-7D0A-7A7E-7911-7E0D090B110D} -> No File <==== ATTENTION
Task: {263DF39C-D950-4BFF-9A06-9CBC763C69DF} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit)
Task: {26B371E6-FAFA-4032-9E14-066F1B83868A} - System32\Tasks\SUPERAntiSpyware Scheduled Task 619ae62e-3020-49b4-8294-925156b20587 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {3F5519E0-3D67-4CE7-B632-B88923A3F72A} - System32\Tasks\{0D01E1E0-9035-47ED-9C49-5A1FA7C01E97} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\aaron\AppData\Roaming\Nox\bin\Nox_unload.exe
Task: {438080A8-DB5F-4FE9-8A06-446A3FB8FBF3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {450C7AE5-4865-4F42-A90A-E299C5E53777} - \{334D3A95-AECE-D9C7-097A-5FAA1483AA0C} -> No File <==== ATTENTION
Task: {6421074A-C1DA-4FB4-93F0-782D0AAAF311} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2017-03-31] (Advanced Micro Devices, Inc.)
Task: {68A3106E-736B-4314-8946-6D37F7A4384A} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {6CAC7836-E401-46DB-86E8-19576E7DDD94} - System32\Tasks\SUPERAntiSpyware Scheduled Task cd79afed-3238-4cbe-9049-541aece6e23f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {6D4B9A1D-E287-4588-917F-B71804B8B32C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {7E7258C6-970B-4FD0-B166-146632F229AD} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-04-10] (IObit)
Task: {8E78F7E2-28D4-4814-A3C8-18F8B4C96BA4} - System32\Tasks\4819341b733e14ff7e09ff7647017e28 => sc start 4819341b733e14ff7e09ff7647017e28 <==== ATTENTION
Task: {916AE4FA-B551-402F-A2B7-787E4F2D5993} - System32\Tasks\Driver Booster SkipUAC (aaron) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {9A53667B-5112-4566-AF0B-79B828865EB8} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {A6B42CC9-196A-4765-9C3B-EA653154AA77} - \{420D7E41-82DA-1633-DBFA-75B70B6F13F1} -> No File <==== ATTENTION
Task: {B0D66243-02BE-4996-8630-8A0CF15D6803} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2196296041-421747137-628272808-1002Core => C:\Users\aaron\AppData\Local\Google\Update\GoogleUpdate.exe [2017-08-11] (Google Inc.)
Task: {D1C70D18-ECA4-4959-8FC1-62369C7707B2} - \AGProxyCheck -> No File <==== ATTENTION
Task: {D796E66D-D47D-44E1-8F4A-031D52A67A8A} - \{5DD8F788-724E-63DD-E6AA-1B4AD1C6C5B0} -> No File <==== ATTENTION
Task: {E1F8C710-205A-4F57-8EA4-82556A4A2149} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2196296041-421747137-628272808-1002UA => C:\Users\aaron\AppData\Local\Google\Update\GoogleUpdate.exe [2017-08-11] (Google Inc.)
Task: {E4C8D033-DA7E-4F1A-B172-A5E7C31ABE72} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {F295934F-5BA0-4755-B165-C4871324C96E} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {F356CBE3-A7CF-4FE4-8CCD-A6800B692CAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {F883EB9F-218A-447C-AAF8-86031607C4EE} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2017-04-19] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 619ae62e-3020-49b4-8294-925156b20587.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task cd79afed-3238-4cbe-9049-541aece6e23f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Сhrоmium.lnk -> C:\Users\aaron\AppData\Local\chromium\Application\chrome.bat ()
Shortcut: C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\aaron\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat (No File)
Shortcut: C:\Users\aaron\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\aaron\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\aaron\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Сhrоmium.lnk -> C:\Users\aaron\AppData\Local\chromium\Application\chrome.bat ()
Shortcut: C:\Users\aaron\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File)

==================== Loaded Modules (Whitelisted) ==============

2014-03-01 22:38 - 2014-03-01 22:38 - 002110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 22:34 - 2014-03-01 22:34 - 000021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 22:34 - 2014-03-01 22:34 - 000035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 22:34 - 2014-03-01 22:34 - 000055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 22:52 - 2014-03-01 22:52 - 000367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 22:52 - 2014-03-01 22:52 - 000712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 000127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-05-10 19:31 - 2012-12-07 17:26 - 000167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2017-05-03 17:11 - 2017-05-03 17:11 - 000619008 ____N () C:\windows\system32\tprdpw64.exe
2014-03-01 22:41 - 2014-03-01 22:41 - 000065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2016-09-03 10:12 - 2016-06-08 18:12 - 000416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-09-03 10:12 - 2016-06-08 18:18 - 000709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-09-03 10:12 - 2016-06-08 18:15 - 000130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-09-03 10:12 - 2016-06-08 18:16 - 000025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-09-03 10:12 - 2016-06-08 18:16 - 000059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-09-03 10:12 - 2016-06-08 18:16 - 000194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-09-03 10:12 - 2016-06-08 18:17 - 000159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-09-03 10:12 - 2016-06-08 18:17 - 000158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-09-03 10:12 - 2016-06-08 18:16 - 000050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-09-03 10:12 - 2016-06-08 18:15 - 000032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-09-03 10:12 - 2016-06-08 18:07 - 000458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-09-03 10:12 - 2016-06-08 18:17 - 000188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2018-04-22 11:26 - 2018-04-22 11:26 - 067966440 _____ () C:\Program Files (x86)\Battle.net\Battle.net.10016\libcef.dll
2018-04-22 11:26 - 2018-04-22 11:26 - 000540336 _____ () C:\Program Files (x86)\Battle.net\Battle.net.10016\ortp.dll
2017-08-17 16:51 - 2017-08-17 16:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2018-04-22 11:26 - 2018-04-22 11:26 - 003384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.10016\libglesv2.dll
2018-04-22 11:26 - 2018-04-22 11:26 - 000133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.10016\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\aacaogqv.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\abscylce.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\afpawqgq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\afvbatbg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ahyrhjse.sys:changelist [998]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aikowttg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aiojzryx.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aofpmkzc.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\arsgadpt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\arvtoxmv.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\aydodzcl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\azoghfvu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bafouovl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bdqxzrjl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\belwcwad.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bhfpjado.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bnkuviko.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bnkuxeoz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\boryfmat.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\boucpbqa.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\buccbnqa.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\buzrvbzg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bvcudnzc.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bvfqzlph.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bxrpkarv.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\byamcnie.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cbxwkcbn.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cixxfqxz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cjybvzyp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clbetpiq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmwjekry.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cnzndior.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\covlxdei.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cuilsurt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\czdtvepy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\czesrpke.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dazaafdg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dbukxzwg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dbxgthfx.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\djwmrrlr.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dkxrztyt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dpoirtjg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\drcdqkce.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dzpfkeeq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\edupanbo.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\eggytluj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ehgkxzjw.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ehprnlxg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ehsdaghf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ejfxmwlp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\elgoihfe.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\emgfojev.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\emqovjyj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\eozqxegp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ewnykbkt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\exknclak.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ezsgpkyy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fgxkcdcg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fhdfnvlz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\firnqwsp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fpeysrjm.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fqjqcjju.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ftqcmebl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fvapquog.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fysdxqql.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fyximbku.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gajkmxgk.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbtkoguw.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gdigkstl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ghlcloof.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gmoblrqa.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gmztjhcz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\guewdbru.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gycctmes.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gzvmmank.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hfuffoqj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hggozwqp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hgzzvxmt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hhnkftzr.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hicdgsrp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hlojvzpy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hluqyyli.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hnvxqhsh.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hofsfyfe.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\htnbpfby.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hucmzyln.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hygartny.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibzqwvil.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ifbojeys.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ifxqdvgv.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ihugfstn.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ilcecdox.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\inuuhiug.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\inuyfpvr.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iqotlszw.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\isbxffbr.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ivzwlzrh.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jaltmubf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jbruourh.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jjpmhvfy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jpctgnht.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jqklfvcz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jtfjfifm.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\juxfyuio.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\juyzvojm.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jvqfslgs.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\jxjrjbwv.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kgmiunjc.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kjyisypb.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\knlujibp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\knpullxn.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\krfirjho.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lagkadih.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lbuzmowu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lgaubeqa.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lhwuiial.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lpknsxrh.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lvrztkfi.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\lxelflka.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mdwvqadm.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mgkuxdna.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mmpoqtmx.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mskwffhf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mtdmskbf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nbsjimwq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndfwnrgs.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ndsbwuwp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nhrntuzd.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\njmyazux.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\njxoepjp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nmgqlvda.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nmyebkxf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\npqwltle.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nqdyhzhj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nqmyoxum.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nwtcczjc.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nypclxso.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nyqupwsu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\oajaqgie.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ocyamvmq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ofwbtdly.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ogmjyfmx.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ogtenken.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\olbjjbkk.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ooxkuwkt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\orlegxmt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\otvkuefu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ougbeadq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ovmjiziz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\oymnihet.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\oyrchbzo.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\oztpkaul.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pcvebtlg.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pgfiqchy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pkaxtryn.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pkwiwjyq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ponivghb.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ppefdiyd.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pqfibasu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\prbtdjtu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pwoqjfxk.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\qawdxcei.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\qdbwkwzb.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\qevqgiww.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\qgdasloj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\qkaymjns.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\qvogqmhu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\qvqvnqlr.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdydvwts.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rejhjfwz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rfeuvsen.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rfotcdnj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rhvpzrsl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rivhgggw.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rkmxukbu.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\royohrkq.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rtrieprz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rvbwwmnj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rvfroein.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rxnlycjf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rxnmilpe.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sfzcfnnh.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sgjfodfw.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sihcfhfm.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sjdgfesp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\smrgakwt.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sotfrxbg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sowqvgsz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sqhxffaf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sucuswdw.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\svrnpztl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tbkqzbsl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcrbejjj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tdupgpyk.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tefbmfwd.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tlejmukg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tokmeabr.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tqbeampx.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tshejhxi.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ttpnrdyy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\twjabuas.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\txfaibxw.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tydetocp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tydkblhc.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\typveatx.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tyyqmmbb.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ubuymrku.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\udzniodk.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ugkizrtr.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ugyijzqa.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ujrmemfe.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ukwohdrj.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ulzwxpbd.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\uppefcje.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\upqkiska.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\utzkdgoo.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\uwnhlhij.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\uyznpjew.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vbgxkudg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vgdlpdzn.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vjqhtmpp.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vsunaiir.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wfeenyje.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wnenprin.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wntcuhyy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wqknszcm.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wqpuwlpd.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wrmlqose.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xcmxprvy.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xcodscik.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xdhxfjjs.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xeqkjmml.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xjzcyxky.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xkexlnmv.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xlopgjej.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xmkjclhc.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xpugrnpg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xtaapkbq.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xvildnyg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\yeijdcjz.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\yhyblcwc.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\yqvizmwh.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\yrhuxrtv.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\yrlwpxnf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ytehewex.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zchtdaxd.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zdandlsl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zfjbgdtx.sys:changelist [682]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zkcakxrf.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zldvonpl.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zmqyprbn.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zrkbhqey.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ztrcgtpg.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zujaqoit.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zuvyrxrn.sys:changelist [340]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\zvwoeiuk.sys:changelist [340]
AlternateDataStreams: C:\ProgramData\Temp:10894A2E [154]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2017-07-29 17:53 - 000000666 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2196296041-421747137-628272808-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\aaron\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: KingoSoftService => 2
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "SimplePass"
HKLM\...\StartupApproved\Run: => "OPBHOBroker"
HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "MRT"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "AccelerometerSysTrayApplet"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "AccelerometerSysTrayApplet"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Zygor Guides Client"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "Mipocerori"
HKLM\...\StartupApproved\Run32: => "Kupurahemadi"
HKLM\...\StartupApproved\Run32: => "Kifimecani"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\StartupFolder: => "AutoFuriousPk.lnk"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\StartupFolder: => "AutoMoparscape.lnk"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-2196296041-421747137-628272808-1002\...\StartupApproved\Run: => "TSMApplication"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0CFBB439-FBA5-4A31-A36F-462721F39B81}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{E2C6941C-218A-44D8-A89C-1AB2D66B9C91}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{E8601582-6298-4152-8A76-C60661D2C733}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{B2554296-65DC-4958-8EE7-C362C1C81623}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{14749614-36C1-41BD-96FD-D6822998095E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E96972FD-BFF3-42D2-A39C-DA98A7DDF2D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F0B9C52-1BED-4021-84F8-D6704CA2AD2E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89357BB3-0D3E-48E4-8089-32C5DAE81FD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{A2D1F867-A10C-4179-AFA7-14504C0EDBC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{1F865BB5-67B5-48F8-A3EA-78AE11783C66}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{832698CB-58DF-4269-B691-25A556D66A97}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{0585AA30-92D5-430C-B5FD-746E750D8A5D}] => (Allow) C:\Users\aaron\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{6D985123-52CB-4416-BA61-AECA45816F8B}] => (Allow) C:\Users\aaron\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B0C96ACD-99A6-448F-B213-9799F59E762D}] => (Allow) C:\Users\aaron\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1E914A1C-15F7-49BA-AD12-68D8AA02FF79}] => (Allow) C:\Users\aaron\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DB80B558-EAF6-4EBD-83EC-4167F0FF4AC2}] => (Allow) C:\Users\aaron\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{00CB6397-C494-4D27-9DD2-AEB47E36E89F}] => (Allow) C:\Users\aaron\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2049A03F-224F-437B-8CFB-598B2DD57FE6}] => (Allow) C:\Users\aaron\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{F7B9A384-FC52-43D2-A777-1FDD14187B27}C:\mongodb\server\3.2\bin\mongod.exe] => (Allow) C:\mongodb\server\3.2\bin\mongod.exe
FirewallRules: [UDP Query User{F845D8FC-1DC2-46FC-A3AE-108F0E8DF16F}C:\mongodb\server\3.2\bin\mongod.exe] => (Allow) C:\mongodb\server\3.2\bin\mongod.exe
FirewallRules: [{E0852846-1970-4EA4-B166-72EB937FB120}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CCA375D4-FC45-4508-B666-CCC540AD37F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C3D68098-7EFD-480A-B901-F525F49C45F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2C9A9C3F-33A6-4292-ABD8-A0D34486AC2D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{08A7BFCD-DF71-4000-B1C3-37FC8E823036}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Isle\TheIsle\Binaries\Win64\TheIsle_BE.exe
FirewallRules: [{2C15DB5D-A3FF-4276-B855-33785F6A6A0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Isle\TheIsle\Binaries\Win64\TheIsle_BE.exe
FirewallRules: [{38834403-D5F9-4C10-9AF0-60BBDE3D3648}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Isle\TheIsle\Binaries\Win64\TheIsle.exe
FirewallRules: [{5AB3C4B9-DDD3-49C5-ADB9-A5852154F526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Isle\TheIsle\Binaries\Win64\TheIsle.exe
FirewallRules: [TCP Query User{667CFC3A-3804-4949-9559-35AB3467F9D3}C:\program files (x86)\wizardworks\911 - first responders\em4.exe] => (Allow) C:\program files (x86)\wizardworks\911 - first responders\em4.exe
FirewallRules: [UDP Query User{023BD423-D2D6-4724-9E60-11D68541CBEC}C:\program files (x86)\wizardworks\911 - first responders\em4.exe] => (Allow) C:\program files (x86)\wizardworks\911 - first responders\em4.exe
FirewallRules: [{26BBFF37-9043-4B7D-8C1E-550AE2229890}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{EF4E5347-7442-4E71-B291-78304491EC75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{60ADC8B9-48AC-4321-93AD-6FC83C654FC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{E04814B9-AC96-41D2-B028-20B26BE91C09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{4D2C85C0-7ABD-43F5-A9CB-DDBF346BE302}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{08AF7EB6-85F3-4BE3-9106-C870B4FFE642}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{72864FA5-D84F-4217-87C5-08427832A221}C:\users\aaron\appdata\local\fivem\fivem.exe] => (Allow) C:\users\aaron\appdata\local\fivem\fivem.exe
FirewallRules: [UDP Query User{83144C54-3F58-43C3-841B-8F269518F871}C:\users\aaron\appdata\local\fivem\fivem.exe] => (Allow) C:\users\aaron\appdata\local\fivem\fivem.exe
FirewallRules: [TCP Query User{6EFE77F2-06CC-4D28-9A6E-769F40CE1D5D}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{9A7455B0-5926-4C7E-A0BC-A099CBD990D6}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Allow) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{3486FC38-2F39-462E-B19C-51E2046FEBC7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{832B2C6B-D961-4934-91C3-2BFD38589BD2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{ED87EEB6-3BEE-4F44-A952-14081E9686F4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{617C0CBE-DDF6-4374-84E1-2120018D4213}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{CF0FAEC0-EFE8-49BA-8D9B-4EB06D3017DF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{6119D6D5-F3DC-436A-93F7-4BD392F48667}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{C6EEC585-56BE-4F98-9CC2-A4DDE13C17F8}] => (Block) LPort=445
FirewallRules: [{20CCC906-1BAB-46E0-B797-4A523EDFF4B2}] => (Block) LPort=445
FirewallRules: [{47808034-F29A-4AE6-9F44-60D5210E3C3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{8D1938F7-302F-4AEF-9D6A-131638CC499B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [TCP Query User{58DB9280-0F00-4042-85FC-1FCA84E4E544}C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [UDP Query User{A0D28278-F773-4D10-B791-082A01DD2DCE}C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [TCP Query User{B945A410-973A-40E4-84BC-F6F83F69E51B}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [UDP Query User{F4AC5FF4-5DFC-4E37-982C-E6B4CABC0CE9}C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [{3A94450E-81D0-48D9-97A7-AEAC9A5B0D49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{34E218EE-B6F4-4001-B978-143530A7A761}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶停汥楬敬畈䡮牡停汥楬敬畈䡮牡攮數
FirewallRules: [{F095B0BF-35B9-426C-A04F-6A936140E121}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶停汥楬敬畈䡮牡停汥楬敬畈䡮牡⹟硥e
FirewallRules: [{F8243DF2-4911-448F-B577-417E741230A7}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶停汥楬敬畈䡮牡停汥楬敬畈䡮牡攮數
FirewallRules: [{7F64C119-6204-4DBF-BCC0-76B73BDA8436}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶停汥楬敬畈䡮牡停汥楬敬畈䡮牡⹟硥e
FirewallRules: [{FBA89824-8F68-4C12-ABF0-43FFE7F714F7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{6C65AFF3-E358-4E79-BCB8-A58EA6F7C353}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5844E764-7BEE-48E7-B9B8-EDD8B4C7CBA6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{90F5ADB0-24A5-4FFA-B6E5-7462B2AE1C5D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{25FC4D75-2FDE-4F1E-9FEE-001435C3EDA6}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [UDP Query User{6E391975-34A8-480E-86C2-D13F1F59C9E8}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{97A8DC1A-2815-4086-8650-210BAA7C4BED}C:\users\aaron\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\aaron\desktop\teamspeak3-server_win64\ts3server.exe
FirewallRules: [UDP Query User{EC4D9CA9-8B8B-4AC9-BA9E-0BB07AA37D82}C:\users\aaron\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\aaron\desktop\teamspeak3-server_win64\ts3server.exe
FirewallRules: [{16C3D4A2-F7BA-47E8-AF8C-0A0BB207BCF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{B2FF7BB3-4696-4820-8FEE-709F3BF9A1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{A041BB75-C398-4D21-A5EA-850DA4839890}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleMiner Z\CastleMinerZ.exe
FirewallRules: [{5FF09AEB-C8E7-4CF9-BDAF-C5C8B20FA483}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CastleMiner Z\CastleMinerZ.exe
FirewallRules: [TCP Query User{7A54AC2E-2DAA-4EF8-96F0-795885ACB4E4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{0E9BBF3A-5C2C-45D5-AF8A-421010324715}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{36E8D856-EFA6-494F-98CA-7657801A5375}] => (Allow) C:\Program Files (x86)\CnC3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat
FirewallRules: [TCP Query User{04FC3166-DDD7-4B4E-99E0-AAB2D4C394B6}C:\users\aaron\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\aaron\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{BFE31EF9-959D-4CD0-BE80-1E4B36B8CB1C}C:\users\aaron\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\aaron\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{08B7B931-6997-46FF-9101-B2ABF37EC69C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{799146CC-1790-4DA6-8058-60F05AD9D8AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{775E17DA-708E-4167-84FF-2DD615CC921E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A836DEB7-ABA6-432D-AE41-BFE852FE8027}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{44E99BF8-112E-4ADF-AE3E-B0DE81E1822A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EEC3F6C0-A769-486F-BE4B-9432233D4FD2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

==================== Restore Points =========================

08-04-2018 14:46:14 Scheduled Checkpoint
16-04-2018 02:53:11 Scheduled Checkpoint
23-04-2018 04:23:59 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: HID-compliant touch screen
Description: HID-compliant touch screen
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2018 04:58:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 6.3.9600.17489 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 790

Start Time: 01d3dc0ed1bc6d8e

Termination Time: 12

Application Path: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe

Report Id: 2d95df7c-4802-11e8-82d5-b7a7befcdd03

Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Error: (04/24/2018 04:57:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JOEL)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/24/2018 04:57:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fac

Start Time: 01d3dc0ec3da497e

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\wwahost.exe

Report Id: 0ba67283-4802-11e8-82d5-b7a7befcdd03

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.WindowsLive.Mail

Error: (04/24/2018 04:57:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: JOEL)
Description: App microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe+Microsoft.WindowsLive.Mail did not launch within its allotted time.

Error: (04/23/2018 07:41:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "aspnet_state" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/23/2018 07:41:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ASP.NET_64_2.0.50727" in DLL "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_perf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/23/2018 07:41:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ASP.NET_4.0.30319" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (04/23/2018 07:41:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ASP.NET" in DLL "C:\Windows\System32\aspnet_counters.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.


System errors:
=============
Error: (04/24/2018 05:01:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dataup Service service failed to start due to the following error: 
The system cannot find the file specified.

Error: (04/24/2018 04:58:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error: 
The requested resource is in use.

Error: (04/24/2018 04:58:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Management Service service failed to start due to the following error: 
The system cannot find the file specified.

Error: (04/24/2018 04:55:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error: 
The requested resource is in use.

Error: (04/24/2018 04:55:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dataup Service service failed to start due to the following error: 
The system cannot find the file specified.

Error: (04/24/2018 04:55:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SAS Core Service service failed to start due to the following error: 
The requested resource is in use.

Error: (04/24/2018 04:55:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error: 
The system cannot find the file specified.

Error: (04/24/2018 04:51:23 PM) (Source: DCOM) (EventID: 10010) (User: JOEL)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2017-10-27 08:25:45.471
Description: 
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Wonknod.A&threatid=2147688719&enterprise=0
Name: TrojanProxy:Win32/Wonknod.A
ID: 2147688719
Severity: Severe
Category: Trojan Proxy Server
Path: file:_C:\Users\aaron\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\tprdpw64.exe
Signature Version: AV: 1.255.147.0, AS: 1.255.147.0, NIS: 118.1.0.0
Engine Version: AM: 1.1.14305.0, NIS: 2.1.14202.0

Date: 2017-10-27 07:25:26.083
Description: 
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Wonknod.A&threatid=2147688719&enterprise=0
Name: TrojanProxy:Win32/Wonknod.A
ID: 2147688719
Severity: Severe
Category: Trojan Proxy Server
Path: file:_C:\Users\aaron\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\tprdpw64.exe
Signature Version: AV: 1.255.110.0, AS: 1.255.110.0, NIS: 118.1.0.0
Engine Version: AM: 1.1.14305.0, NIS: 2.1.14202.0

Date: 2017-10-27 06:24:59.826
Description: 
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Wonknod.A&threatid=2147688719&enterprise=0
Name: TrojanProxy:Win32/Wonknod.A
ID: 2147688719
Severity: Severe
Category: Trojan Proxy Server
Path: file:_C:\Users\aaron\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\tprdpw64.exe
Signature Version: AV: 1.255.110.0, AS: 1.255.110.0, NIS: 118.1.0.0
Engine Version: AM: 1.1.14305.0, NIS: 2.1.14202.0

Date: 2017-10-27 05:24:39.096
Description: 
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Wonknod.A&threatid=2147688719&enterprise=0
Name: TrojanProxy:Win32/Wonknod.A
ID: 2147688719
Severity: Severe
Category: Trojan Proxy Server
Path: file:_C:\Users\aaron\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\tprdpw64.exe
Signature Version: AV: 1.255.110.0, AS: 1.255.110.0, NIS: 118.1.0.0
Engine Version: AM: 1.1.14305.0, NIS: 2.1.14202.0

Date: 2017-10-27 04:24:18.247
Description: 
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=TrojanProxy:Win32/Wonknod.A&threatid=2147688719&enterprise=0
Name: TrojanProxy:Win32/Wonknod.A
ID: 2147688719
Severity: Severe
Category: Trojan Proxy Server
Path: file:_C:\Users\aaron\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\tprdpw64.exe
Signature Version: AV: 1.255.110.0, AS: 1.255.110.0, NIS: 118.1.0.0
Engine Version: AM: 1.1.14305.0, NIS: 2.1.14202.0

CodeIntegrity:
===================================

Date: 2017-04-18 10:30:16.746
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-18 10:30:15.937
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-03 13:28:16.016
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-03 13:28:15.703
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-03 13:28:15.000
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-03 13:28:14.688
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 23:04:23.261
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 23:04:22.823
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

Processor: AMD A8-5545M APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 24%
Total physical RAM: 7364.7 MB
Available physical RAM: 5574.27 MB
Total Virtual: 7876.7 MB
Available Virtual: 6145.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:903.18 GB) (Free:444.34 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:25.75 GB) (Free:2.58 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:1.88 GB) (Free:1.12 GB) FAT
Drive g: (KanesWrath) (CDROM) (Total:2.67 GB) (Free:0 GB) UDF

\\?\Volume{5dda46b3-533e-4dce-b870-669be5cd62ad}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.34 GB) NTFS
\\?\Volume{4883567e-82f1-4aa9-a3eb-9e154c3a2755}\ () (Fixed) (Total:0.79 GB) (Free:0.34 GB) NTFS
\\?\Volume{c5a91e18-b9d7-42ca-bbcb-d5453adf4ea4}\ () (Fixed) (Total:0.77 GB) (Free:0.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FF9D514A)

Partition: GPT.

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== End of Addition.txt ============================

Link to post
Share on other sites
Aura

Aura

Posted
Posted

Hi RyanT :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.

  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens
  • As long as I'm assisting you on Malwarebytes Forums, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against Malwarebytes Forums's rules
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread


This being said, it's time to clean-up some malware, so let's get started, shall we? :)

a6csRll.pngMalwarebytes Anti-Rootkit Beta

  • Download Malwarebytes Anti-Rootkit Beta and extract it to your desktop (MBAR will be launched shortly after the extraction)
  • Click on Next, and then on the Update button to let it update its database. Once the database has been successfully updated, click on Next
  • Make sure all the checkboxes are checked, then click on the Scan button, and let it completes its scan (this can take a while)
  • Once the scan is done, make sure that every item is checked, and click on the Cleanup button (a reboot might be required)
  • After that (and the reboot, if one was required), go back in the mbar folder and look for a text file called mbar-log-TODAY'S-DATE.txt
  • Copy/paste the content of that log in your next reply

Link to post
Share on other sites
Aura

Aura

Posted
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.