Have Goppel... please help!

[darkside00]

I have a case of the goppel. I have included a scan report of my latest Malwarebytes virus scan.  I have tried numerous ways to 

get rid of the virus - to no avail. Please help me...

Use_This_Goppel_Sux.txt

[nasdaq]

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs  for my review.

Wait for further instructions.

[darkside00]

Thank you for your time and help. It is greatly appreciated.

Below are the 2 FarBar scan logs

Addition.txt

FRST.txt

[darkside00]

Thank you for your time and help. It is greatly appreciated.

Below are the 2 FarBar scan logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by The Darkside (administrator) on DESKTOP-MU05H1A (26-07-2018 18:33:42)
Running from C:\Users\The Darkside\Desktop\FarBar
Loaded Profiles: The Darkside (Available Profiles: The Darkside)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(TOSHIBA CORPORATION) C:\Windows\System32\wdavkzlsvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxEM.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\68.0.3440.11\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Red Software) C:\Program Files\PDFescape Desktop\creator-ws.exe
(EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Paltiosoft Inc.) C:\Program Files (x86)\SoftDenchi\UCManSvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\68.0.3440.11\remoting_host.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
() C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAppWire.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.766\SSScheduler.exe
(Mega Limited) C:\Users\The Darkside\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3925504 2016-08-09] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-14] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [708904 2018-05-09] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [1112960 2018-03-14] (McAfee Inc.)
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Run: [uTorrent] => C:\Users\The Darkside\AppData\Roaming\uTorrent\uTorrent.exe [1984184 2018-06-27] (BitTorrent Inc.)
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-08] (Valve Corporation)
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Run: [Chromium] => c:\users\the darkside\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Run: [elicited] => "C:\Program Files (x86)\Nuova\Carbide.exe" edaz
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\MountPoints2: E - "E:\Setup.exe" 
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\MountPoints2: {504a84c2-5b9a-11e8-8e15-5413793fc796} - "E:\Setup.exe" 
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\MountPoints2: {504a852f-5b9a-11e8-8e15-5413793fc796} - "F:\Setup.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-07-18]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.766\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-03-10]
ShortcutTarget: MEGAsync.lnk -> C:\Users\The Darkside\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\psupsu.lnk [2018-06-14]
ShortcutTarget: psupsu.lnk -> C:\Program Files (x86)\cherubini\Maximises.exe ()
Startup: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-06-17]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{59fae246-32a0-40d2-b024-7fdd8afcbf37}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{798342d2-6f4c-46a5-8c4a-29ab03ddedbe}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{e98513c5-aac3-4ddd-9acf-2fdc6b9da67a}: [DhcpNameServer] 172.3.1.171

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001 -> DefaultScope {E00761B2-8116-4229-8633-D0D34E40FF0B} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=86311427&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC3etIwhNUeuz%2FHXEnKaUr0E%2FswXUFZcA899S94pQmZckhw0Le8ndx1x6zSaYx%2FJiymNTOrn6sf%2FcyOn7oxQZGDkbturS8NR9rhQSq7ZrCFgw5V6gIBI9cVtfrhR%2F%2Bg68WNPtSeFZfbnn3rHuCx9zVycI8ZLpP%2F%2FuNWeS0Jr8970YuQUEftCBfpfsUWvOQCRkYEFz5OE5iJIv0nfS98StrjxIjre23LEq%2BXLy5TxrejQqg%3D%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001 -> {E00761B2-8116-4229-8633-D0D34E40FF0B} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-06-14] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-07-19] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-06-14] (AO Kaspersky Lab)
BHO-x32: PDFescape Desktop Helper -> {9AF15867-1D90-423B-9853-E99761714165} -> C:\Program Files (x86)\PDFescape Desktop\creator-ie-helper.dll [2017-07-13] (Red Software)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-06-14] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - PDFescape Desktop Toolbar - {A6D4ADF0-4C82-4712-B9B8-69EE9CF06462} - C:\Program Files (x86)\PDFescape Desktop\creator-ie-plugin.dll [2017-07-13] (Red Software)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-06-14] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001 -> Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-06-14] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-04] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: aqgz7e26.default
FF ProfilePath: C:\Users\The Darkside\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\aqgz7e26.default [2018-05-01]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-06-14]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: PDFescape Desktop -> C:\Program Files (x86)\PDFescape Desktop\np-previewer.dll [2017-07-13] (Red Software)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://kmmnfehhdmficdolgbdodegombokfjec/1.html"
CHR DefaultSearchURL: Default -> hxxps://s1.construct.net/images/v422/siteicons/favicon.ico
CHR DefaultSearchKeyword: Default -> SearchXYZ
CHR Profile: C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default [2018-07-26]
CHR Extension: (Slides) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-29]
CHR Extension: (YouTube) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-29]
CHR Extension: (Adobe Acrobat) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-14]
CHR Extension: (Sheets) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Chrome Remote Desktop) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-29]
CHR Extension: (Avast Online Security) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-06-16]
CHR Extension: (Get Construct 3 - Construct 3 Manual) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\jflnpeolhgcnanoljonjcigenodjabej [2018-05-03]
CHR Extension: (SearchXYZ) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmmnfehhdmficdolgbdodegombokfjec [2017-12-16]
CHR Extension: (Kaspersky Protection) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-29]
CHR Extension: (Chrome Media Router) - C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-12]
CHR Profile: C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-04-23]
CHR Profile: C:\Users\The Darkside\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-08]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\CurrentControlSet\Services\kpslmw <==== ATTENTION (Rootkit!)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1388920 2018-05-09] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)
R2 AESMService; c:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3723400 2016-04-14] (Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S4 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\68.0.3440.11\remoting_host.exe [72536 2018-05-31] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-07-13] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-05-02] (Dell Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [124568 2018-04-20] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9872688 2018-07-04] (EnigmaSoft Limited)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
S4 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2018-06-14] (AO Kaspersky Lab)
S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [314368 2018-03-06] (AnchorFree Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.766\McCHSvc.exe [405392 2018-07-11] (McAfee, Inc.)
S3 PDFescape Desktop; C:\Program Files\PDFescape Desktop\ws.exe [2343728 2017-07-13] (Red Software)
R2 PDFescape Desktop Creator; C:\Program Files\PDFescape Desktop\creator-ws.exe [757552 2017-07-13] (Red Software)
S2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [46632 2017-04-17] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-06-29] (Realtek Semiconductor)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [538416 2018-07-04] (EnigmaSoft Limited)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
R2 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [281232 2016-09-05] (Paltiosoft Inc.) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [882496 2018-03-06] (Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-30] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-30] (Microsoft Corporation)
S2 Dell Hardware Support; "C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\DSAPI.exe" [X]
S4 windowsmanagementservice; windowsmanagementservice [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4320176 2017-05-02] (Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [608656 2016-11-28] (Qualcomm)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 debutfilter; C:\WINDOWS\system32\DRIVERS\debutfilterx64.sys [34512 2018-04-29] ()
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corp.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66624 2016-08-12] (Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-05-20] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-10-07] (Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [61624 2018-07-04] (EnigmaSoft Limited)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-08-12] (Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2018-06-14] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [120008 2018-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-06-14] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1191616 2018-06-14] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [180984 2018-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1057992 2018-06-14] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-06-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-06-22] (AO Kaspersky Lab)
R3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236488 2018-06-14] (AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-06-14] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [258864 2018-06-14] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [109248 2018-06-14] (AO Kaspersky Lab)
S3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [177848 2018-06-14] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-06-14] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [141000 2018-06-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2018-06-14] (AO Kaspersky Lab)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [58792 2017-03-05] (Visicom Media Inc.)
R1 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-11] (Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (Visicom Media Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-09-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [436224 2016-12-15] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [53440 2018-05-29] ()
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-05-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-30] (Microsoft Corporation)
S3 dhknqu; system32\drivers\knquxa.sys [X]
S4 eghmzki; System32\drivers\zaixshro.sys [X]
R3 eilorv; system32\drivers\lorvyb.sys [X]
S3 fimpsv; system32\drivers\lpsvyc.sys [X]
S3 jmptwz; system32\drivers\pswzcg.sys [X]
S3 jnqtxa; system32\drivers\qtwadg.sys [X]
S3 mqtwzd; system32\drivers\twzcgj.sys [X]
S3 svycfi; system32\drivers\ybfilp.sys [X]
S3 uxadhk; system32\drivers\adgknq.sys [X]
S3 wadgkn; system32\drivers\dgjnqt.sys [X]
S3 wzdgjm; system32\drivers\dgjmqt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-26 18:33 - 2018-07-26 18:33 - 000000000 ____D C:\FRST
2018-07-26 18:32 - 2018-07-26 18:33 - 000000000 ____D C:\Users\The Darkside\Desktop\FarBar
2018-07-26 16:51 - 2018-07-26 16:53 - 000000000 ____D C:\Users\The Darkside\Downloads\Rent Control Master Early Test V1.7
2018-07-26 16:19 - 2018-07-26 16:19 - 000000000 ____D C:\Users\The Darkside\Downloads\UnexpectedAdventure-Chapter2-pc
2018-07-26 15:37 - 2018-07-26 15:37 - 1049722895 _____ C:\Users\The Darkside\Downloads\Rent Control Master Early Test V1.7.zip
2018-07-26 15:26 - 2018-07-26 15:26 - 540738975 _____ C:\Users\The Darkside\Downloads\UnexpectedAdventure-Chapter2-pc.zip
2018-07-26 13:54 - 2018-07-26 13:54 - 000000000 ____D C:\Users\The Darkside\Downloads\The_way
2018-07-26 13:51 - 2018-07-26 13:52 - 838000196 _____ C:\Users\The Darkside\Downloads\TheWay-12pc.zip
2018-07-26 10:33 - 2018-07-26 13:32 - 000000000 ____D C:\Users\The Darkside\Downloads\Houseoflove-1.4-pc
2018-07-26 10:28 - 2018-07-26 10:28 - 284934156 _____ C:\Users\The Darkside\Downloads\Houseoflove-1.4-pc.zip
2018-07-26 06:17 - 2017-12-26 08:49 - 000000000 ____D C:\Users\The Darkside\Downloads\An Ode To Pretty Girls
2018-07-26 05:47 - 2018-07-26 05:47 - 069737734 _____ C:\Users\The Darkside\Downloads\An Ode To Pretty Girls.rar
2018-07-25 23:55 - 2018-07-24 20:20 - 000000000 ____D C:\Users\The Darkside\Downloads\Brain Damaged v0.5n fix v1
2018-07-25 23:35 - 2018-07-26 02:47 - 000000000 ____D C:\Users\The Darkside\Downloads\GermanGirl-1.0-pc
2018-07-25 14:56 - 2018-07-25 14:56 - 000143184 ____N C:\WINDOWS\system32\Drivers\wmdvybfi.sys
2018-07-25 13:54 - 2017-10-16 07:36 - 000000000 ____D C:\Users\The Darkside\Downloads\InstantIncest.com
2018-07-25 09:15 - 2018-07-25 09:15 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-07-25 09:03 - 2018-07-25 09:03 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\RoyalCandy
2018-07-25 08:04 - 2018-07-25 08:04 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Kernis_not_existing_company
2018-07-25 08:01 - 2018-07-25 12:32 - 000000000 ____D C:\Users\The Darkside\Downloads\Starship-Inanna-6.0-pc
2018-07-25 08:01 - 2018-07-25 08:02 - 000000000 ____D C:\Users\The Darkside\Downloads\No_More_secrets
2018-07-25 06:42 - 2018-07-25 06:49 - 000000000 ____D C:\Users\The Darkside\Downloads\SummertimeSaga-0.16.0-pc
2018-07-25 00:58 - 2018-07-25 07:51 - 000000000 ____D C:\Users\The Darkside\Downloads\DarkSeedChronicles_1.3.0-PUBLIC-pc
2018-07-24 21:15 - 2018-07-24 21:15 - 000000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-07-24 21:02 - 2018-07-24 23:18 - 000000000 ____D C:\Users\The Darkside\Downloads\BattleoftheBulges-0.4-pc
2018-07-24 19:20 - 2018-07-24 19:20 - 000000000 ____D C:\Users\The Darkside\Downloads\Nephilium
2018-07-24 02:55 - 2018-07-24 06:01 - 000000000 ____D C:\Users\The Darkside\Downloads\TheIntoxicatingFlavorENG-0.1.7-pc
2018-07-24 02:10 - 2018-07-24 02:10 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Neo X City
2018-07-24 00:36 - 2018-07-24 01:49 - 000000000 ____D C:\Users\The Darkside\Downloads\LifewithMary-0.25-pc
2018-07-24 00:34 - 2018-07-24 00:34 - 000000000 ____D C:\Users\The Darkside\Downloads\REVOLT_v011_PC
2018-07-23 23:44 - 2018-07-23 23:45 - 361512627 _____ C:\Users\The Darkside\Downloads\REVOLT_v011_PC.zip
2018-07-23 22:09 - 2018-07-23 22:09 - 291702529 _____ C:\Users\The Darkside\Downloads\Quickie.zip
2018-07-23 21:18 - 2018-07-23 21:18 - 000014678 _____ C:\Users\The Darkside\Downloads\69877_AATOFL_alpha__V0.6.torrent
2018-07-22 23:49 - 2018-07-24 06:00 - 000000000 ____D C:\Users\The Darkside\Downloads\WelcomeToTemptation-0.3-pc
2018-07-22 23:48 - 2018-07-22 23:48 - 129238234 _____ C:\Users\The Darkside\Downloads\WelcomeToTemptation-0.3-pc.zip
2018-07-22 23:42 - 2018-07-22 23:42 - 1141704118 _____ C:\Users\The Darkside\Downloads\TheIntoxicatingFlavorENG-0.1.7-pc.zip
2018-07-22 23:18 - 2018-07-25 01:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Second_happiness-1.6-all
2018-07-22 21:45 - 2018-07-23 22:00 - 000000000 ____D C:\Users\The Darkside\Downloads\Cohabitation
2018-07-22 21:44 - 2018-07-22 21:47 - 000000000 ____D C:\Users\The Darkside\Downloads\seeds-of-chaos-0.2.34-pc
2018-07-22 15:15 - 2018-07-21 15:00 - 000000000 ____D C:\Users\The Darkside\Downloads\Living with Mia Act3 v1.2b - INCETON
2018-07-22 15:14 - 2018-07-22 15:14 - 404422257 _____ C:\Users\The Darkside\Downloads\Living with Mia Act3 v1.2b - INCETON.rar
2018-07-22 10:28 - 2018-07-22 10:28 - 228322853 _____ C:\Users\The Darkside\Downloads\seeds-of-chaos-0.2.34-dev-pc.zip
2018-07-22 09:30 - 2018-07-22 09:30 - 142227922 _____ C:\Users\The Darkside\Downloads\Inevitable_Relations_WebP-0.05a-pc.zip
2018-07-22 09:15 - 2018-07-22 09:15 - 206980345 _____ C:\Users\The Darkside\Downloads\Hornstown 1.43.zip
2018-07-22 09:09 - 2018-07-22 09:09 - 036149548 _____ C:\Users\The Darkside\Downloads\HardcorePink-03-06-2017-Patreon-Tier5-Extras.zip
2018-07-22 09:04 - 2018-07-22 09:04 - 129319026 _____ C:\Users\The Darkside\Downloads\The_Lake_House_Part1_MAX_PDF_0_0_1_0.pdf
2018-07-22 08:38 - 2018-07-22 08:38 - 000000000 ____D C:\Users\The Darkside\Downloads\GirlsInTheBigCity-pc
2018-07-22 07:04 - 2018-07-22 08:18 - 000000000 ____D C:\Users\The Darkside\Downloads\DreamsofDesire-TheLostMemories-CH1-ELITE-1.0-pc
2018-07-22 02:15 - 2018-07-22 02:17 - 000000000 ____D C:\Users\The Darkside\Downloads\EyeoftheStorm-Chapters_1_and_2-pc
2018-07-22 01:30 - 2018-07-22 03:47 - 000000000 ____D C:\Users\The Darkside\Downloads\SOS-TheStepmother-Ch.1-1.01-pc
2018-07-21 21:17 - 2018-07-21 21:18 - 000000000 ____D C:\Users\The Darkside\Downloads\The_Pleasuremancer-pc
2018-07-21 15:11 - 2018-07-21 23:44 - 000000000 ____D C:\Users\The Darkside\Downloads\LSD-Update-1.1-win
2018-07-21 14:52 - 2018-07-21 15:25 - 000000000 ____D C:\Users\The Darkside\Downloads\TorridTales-0.2.7-pc
2018-07-21 14:49 - 2018-07-21 14:49 - 000000000 ____D C:\Users\The Darkside\Downloads\Olympus_Comics
2018-07-21 14:40 - 2018-07-21 14:40 - 257770882 _____ C:\Users\The Darkside\Downloads\Olympus_Free-Pack.zip
2018-07-21 13:14 - 2018-07-21 13:14 - 047123899 _____ C:\Users\The Darkside\Downloads\tt_extras.7z
2018-07-21 09:24 - 2018-07-21 09:25 - 759881261 _____ C:\Users\The Darkside\Downloads\TorridTales-0.2.7-pc.zip
2018-07-21 09:19 - 2018-07-21 09:23 - 000000000 ____D C:\Users\The Darkside\Downloads\Man of the House [v0.7.9]
2018-07-21 09:07 - 2018-07-21 09:07 - 000000646 _____ C:\Users\The Darkside\Downloads\tt_i_patch.zip
2018-07-21 08:35 - 2018-07-21 08:46 - 000000000 ____D C:\Users\The Darkside\Downloads\Man of the House [v0.7.9] BUGFixed + IC Patch
2018-07-21 08:34 - 2018-07-21 08:34 - 000006305 _____ C:\Users\The Darkside\Downloads\137988_Man_of_the_House_v0.7.9_BUGFixed__IC_Patch (1).torrent
2018-07-21 08:13 - 2018-07-21 08:13 - 001216702 _____ C:\Users\The Darkside\Downloads\manofthehouse_savegames.zip
2018-07-21 08:08 - 2018-07-21 08:08 - 000243929 _____ C:\Users\The Darkside\Downloads\114490_Man_of_the_house_v0.7.5_extra_Ikarumod_V1.zip
2018-07-21 04:52 - 2018-07-21 04:52 - 000000747 _____ C:\Users\The Darkside\Downloads\137866_mapping_0.7.9.rar
2018-07-21 04:00 - 2018-07-21 04:00 - 000006305 _____ C:\Users\The Darkside\Downloads\137988_Man_of_the_House_v0.7.9_BUGFixed__IC_Patch.torrent
2018-07-21 02:50 - 2018-07-21 03:01 - 000000000 ____D C:\Users\The Darkside\Downloads\HolidayIslands-Episode1-V4-pc
2018-07-21 01:34 - 2018-07-21 01:50 - 000000000 ____D C:\Users\The Darkside\Downloads\GAMBLING_LIFE-v1.0-pc
2018-07-20 15:33 - 2018-07-22 00:29 - 000000000 ____D C:\Users\The Darkside\Downloads\WoL04h
2018-07-20 06:05 - 2018-07-20 06:42 - 000000000 ____D C:\Users\The Darkside\Downloads\OnemorechanceChapterI-0.4-pc
2018-07-20 01:28 - 2018-07-20 01:31 - 000000000 ____D C:\Users\The Darkside\Downloads\Harem_Hotel-v0.2.1-pc
2018-07-20 01:28 - 2018-07-20 01:28 - 1340925847 _____ C:\Users\The Darkside\Downloads\Harem_Hotel-v0.2.1-pc.zip
2018-07-19 22:41 - 2018-07-20 00:18 - 000000000 ____D C:\Users\The Darkside\Downloads\TheTyrant-0.4.2-win
2018-07-19 22:41 - 2018-07-19 22:41 - 2492044004 _____ C:\Users\The Darkside\Downloads\TheTyrant-0.4.2-win.zip
2018-07-19 21:11 - 2018-07-19 21:22 - 000000000 ____D C:\Users\The Darkside\Downloads\TheManifest-v.0141-win
2018-07-19 20:04 - 2018-07-19 20:04 - 469397898 _____ C:\Users\The Darkside\Downloads\TheManifest-v.0141-win.zip
2018-07-19 19:38 - 2018-07-19 19:38 - 000443944 _____ C:\Users\The Darkside\Downloads\1a3acfd2-89b9-479a-81fb-baea689b1b0c.tmp
2018-07-19 19:37 - 2018-07-19 19:39 - 000000000 ____D C:\Users\The Darkside\Downloads\PervertedHotel-1.37-win
2018-07-19 18:26 - 2018-07-19 18:26 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-07-19 18:26 - 2018-07-19 18:26 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-07-19 18:26 - 2018-07-19 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-07-19 08:15 - 2018-07-19 18:49 - 000000000 ____D C:\Users\The Darkside\Downloads\BT_The_Manor_0.061_NoRTP
2018-07-19 08:15 - 2018-07-19 08:15 - 100638373 _____ C:\Users\The Darkside\Downloads\BT_The_Manor_0.061_NoRTP.rar
2018-07-19 00:26 - 2018-07-19 00:55 - 000000000 ____D C:\Users\The Darkside\Downloads\BastardGirls-0.1.1-pc
2018-07-18 21:18 - 2018-07-18 21:19 - 1041325314 _____ C:\Users\The Darkside\Downloads\Fleeting Iris v0.87.7z
2018-07-18 20:16 - 2018-07-18 20:16 - 656644024 _____ C:\Users\The Darkside\Downloads\SL-0.10-Extra Scenes Edition (PC).zip
2018-07-18 20:07 - 2018-07-18 20:07 - 000002011 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2018-07-18 20:07 - 2018-07-18 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-07-18 20:06 - 2018-07-22 19:23 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-07-18 17:56 - 2018-07-18 18:47 - 000000000 ____D C:\Users\The Darkside\Downloads\Intimate_relations-0.45-pc
2018-07-18 16:32 - 2018-07-18 16:32 - 503436909 _____ C:\Users\The Darkside\Downloads\Intimate_relations-0.45-pc.zip
2018-07-18 15:47 - 2018-07-18 15:50 - 000000000 ____D C:\Users\The Darkside\Downloads\FreeloadingFamily-0.9-pc
2018-07-18 15:47 - 2018-07-18 15:47 - 347333891 _____ C:\Users\The Darkside\Downloads\FreeloadingFamily-0.9-pc - Gallery Fully Unlocked.zip
2018-07-16 22:45 - 2018-07-16 22:45 - 000002390 _____ C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-16 15:28 - 2018-07-16 15:28 - 000000000 ____D C:\Users\The Darkside\Downloads\Private Community Win 0.0.65
2018-07-15 21:15 - 2018-07-24 21:43 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\uTorrent
2018-07-15 21:09 - 2018-07-15 21:13 - 1415345561 _____ C:\Users\The Darkside\Downloads\Timestamps 0.4.2 (1).zip
2018-07-15 21:09 - 2018-07-15 21:11 - 000000000 ____D C:\Users\The Darkside\Downloads\TS_4.2
2018-07-15 20:48 - 2018-07-15 21:09 - 1415345561 _____ C:\Users\The Darkside\Downloads\Timestamps 0.4.2.zip
2018-07-14 23:48 - 2018-07-14 23:48 - 333225333 _____ C:\Users\The Darkside\Downloads\Sylvia_MB_201806-win.zip
2018-07-14 23:15 - 2018-07-14 23:15 - 013124876 _____ C:\Users\The Darkside\Downloads\InheritanceA17CHEAT.zip
2018-07-14 04:13 - 2018-07-14 04:15 - 000000000 ____D C:\Users\The Darkside\Downloads\LewdIsland-day5-pc
2018-07-14 04:13 - 2018-07-14 04:13 - 362385323 _____ C:\Users\The Darkside\Downloads\LewdIsland-day5-pc.zip
2018-07-14 04:08 - 2018-07-14 04:42 - 000000000 ____D C:\Users\The Darkside\Downloads\HighRiseClimb-0.305-pc
2018-07-14 03:26 - 2018-07-14 03:27 - 1729815078 _____ C:\Users\The Darkside\Downloads\HighRiseClimb-0.305-pc.zip
2018-07-13 23:56 - 2018-07-14 01:22 - 000000000 ____D C:\Users\The Darkside\Downloads\DP-0.4-pc
2018-07-13 22:58 - 2018-07-13 22:58 - 270262213 _____ C:\Users\The Darkside\Downloads\Star_Channel_34-pc-c1d3e2ddF5xz4.zip
2018-07-13 22:00 - 2018-07-13 22:03 - 000000000 ____D C:\Users\The Darkside\Downloads\SanguineRose-2.2.0-pc
2018-07-13 22:00 - 2018-07-13 22:00 - 522508059 _____ C:\Users\The Darkside\Downloads\SanguineRose-2.2.0-pc.zip
2018-07-13 18:17 - 2018-07-13 18:19 - 000000000 ____D C:\Users\The Darkside\Downloads\MythicManor-0.5.0-pc
2018-07-13 14:26 - 2018-07-13 14:35 - 000000000 ____D C:\Users\The Darkside\Downloads\LancasterBoardingHouse-1.4-pc
2018-07-12 22:35 - 2018-07-12 22:35 - 2898414117 _____ C:\Users\The Darkside\Downloads\Mercenary-Episode2-V1-Win-En.rar
2018-07-12 21:25 - 2018-07-12 21:25 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\VincenzoM
2018-07-12 21:17 - 2018-07-12 21:17 - 242626036 _____ C:\Users\The Darkside\Downloads\Puzzled Life 3.5 IC.rar
2018-07-12 20:45 - 2018-07-12 20:47 - 000000000 ____D C:\Users\The Darkside\Downloads\HighSchoolCrushSimulator-0.3-pc
2018-07-12 20:45 - 2018-07-12 20:45 - 000001329 _____ C:\Users\The Darkside\Downloads\HSCS - Cheats.zip
2018-07-12 14:37 - 2018-07-07 16:46 - 000000000 ____D C:\Users\The Darkside\Downloads\Chloe18V031Patrons
2018-07-11 17:50 - 2018-07-11 17:50 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Viktor Black
2018-07-11 17:39 - 2018-07-11 17:39 - 000002237 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-07-11 16:56 - 2018-07-11 17:18 - 000000000 ____D C:\Users\The Darkside\Downloads\StrangeNights_0.02a-v0.02a-pc
2018-07-11 15:33 - 2018-07-11 15:33 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-11 15:24 - 2018-07-11 16:31 - 000000000 ____D C:\Users\The Darkside\Downloads\IndecentDesires-Chapter3-pc
2018-07-11 13:25 - 2018-07-11 13:50 - 000000000 ____D C:\Users\The Darkside\Downloads\WhereTheHeartIs-0.07a-pc
2018-07-11 00:26 - 2018-07-11 00:28 - 000000000 ____D C:\Users\The Darkside\Downloads\TheWay-pc
2018-07-10 23:44 - 2018-07-10 23:44 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\SFMFuntime
2018-07-10 21:40 - 2018-07-11 01:17 - 000001178 _____ C:\Users\The Darkside\Desktop\DAZ Studio 4.10 (64-bit).lnk
2018-07-10 19:35 - 2018-07-10 19:35 - 000008864 _____ C:\Users\The Darkside\Downloads\121815_Universal_Cheat_Mod_V9.rar
2018-07-10 18:54 - 2018-07-10 20:04 - 000000000 ____D C:\Users\The Darkside\Downloads\SuperPowered_v0.26.03-win
2018-07-10 18:13 - 2018-07-10 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADRIFT
2018-07-10 18:13 - 2018-07-10 18:13 - 000000000 ____D C:\Program Files (x86)\ADRIFT
2018-07-10 18:08 - 2018-07-10 18:08 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Downloaded Installations
2018-07-10 18:07 - 2018-07-10 18:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Adrift
2018-07-10 14:40 - 2018-07-10 14:47 - 000000000 ____D C:\Users\The Darkside\Downloads\MLS_0.3.5_win
2018-07-10 14:25 - 2018-07-10 14:25 - 431072520 _____ C:\Users\The Darkside\Downloads\MLS_0.3.5_win+w.rar
2018-07-10 02:15 - 2018-07-10 13:32 - 000000000 ____D C:\Users\The Darkside\Downloads\SWINGERFAMILY-0.05a-market
2018-07-10 01:40 - 2018-07-10 01:40 - 000003144 _____ C:\WINDOWS\System32\Tasks\SmartByte Telemetry
2018-07-10 01:39 - 2018-07-10 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rivet Networks
2018-07-10 01:38 - 2018-07-10 01:40 - 000000000 ____D C:\ProgramData\RivetNetworks
2018-07-10 01:38 - 2018-07-10 01:38 - 000000000 ____D C:\Program Files\Rivet Networks
2018-07-09 23:12 - 2018-07-18 23:15 - 000000000 ____D C:\Users\The Darkside\AppData\Local\User Data
2018-07-09 23:12 - 2018-07-09 23:12 - 000000000 ____D C:\Users\The Darkside\AppData\Local\nwjs
2018-07-09 21:15 - 2018-07-05 13:43 - 003253345 _____ C:\Users\The Darkside\Downloads\Willy D savegames 022.exe
2018-07-09 21:15 - 2018-07-04 10:12 - 000093259 _____ C:\Users\The Darkside\Downloads\Adventures of willy D Walktrough 022.txt
2018-07-09 21:02 - 2018-07-09 21:12 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Adventures of Willy D 022
2018-07-09 15:23 - 2018-07-09 20:30 - 000000000 ____D C:\Users\The Darkside\Downloads\HaremCollector_v0352
2018-07-09 11:41 - 2018-07-09 11:41 - 515521498 _____ C:\Users\The Darkside\Downloads\HaremCollector_v0352.exe
2018-07-09 07:38 - 2018-07-09 07:38 - 000000000 ____D C:\Users\The Darkside\.designer
2018-07-09 05:46 - 2018-07-09 05:46 - 000000000 ____D C:\Users\The Darkside\Downloads\Blorb
2018-07-09 05:12 - 2018-07-09 05:14 - 000000000 ____D C:\Users\The Darkside\Downloads\ParadiseFallsEpisode2-1.0-pc
2018-07-09 02:54 - 2018-07-09 02:57 - 000000000 ____D C:\Users\The Darkside\Downloads\SCP_1.0.6
2018-07-09 02:16 - 2018-07-09 02:16 - 000000000 ____D C:\Users\The Darkside\Downloads\SCP Gmod Backup Copy
2018-07-09 00:34 - 2018-07-09 00:34 - 254602737 _____ C:\Users\The Darkside\Downloads\TheBarWetDreams-v10ENG-win.zip
2018-07-08 22:20 - 2018-07-08 22:22 - 1663613436 _____ C:\Users\The Darkside\Downloads\WaifuAcademy-0.4.1b-pc.zip
2018-07-08 12:45 - 2018-07-09 15:26 - 000000000 ____D C:\Users\The Darkside\Downloads\Romancingthekingdom-.60-win
2018-07-08 12:45 - 2018-07-08 12:45 - 1250681002 _____ C:\Users\The Darkside\Downloads\Romancingthekingdom-.60-win.zip
2018-07-08 04:57 - 2018-07-08 05:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Hp10
2018-07-08 04:52 - 2018-07-08 04:53 - 1225520858 _____ C:\Users\The Darkside\Downloads\HouseParty0102x64135.zip
2018-07-07 23:06 - 2018-07-09 20:51 - 000000000 ____D C:\Users\The Darkside\Downloads\Willy D version 022
2018-07-07 23:04 - 2018-07-04 10:13 - 000018531 _____ C:\Users\The Darkside\Downloads\Willy D version 022.torrent
2018-07-06 22:33 - 2018-07-07 16:33 - 000000000 ____D C:\Users\The Darkside\Downloads\Melody-0.03b-pc
2018-07-06 22:23 - 2018-07-06 22:23 - 916866532 _____ C:\Users\The Darkside\Downloads\Melody-003b-pcExtrasIncluded.zip
2018-07-06 18:05 - 2018-07-06 18:05 - 055851007 _____ C:\Users\The Darkside\Downloads\Online Girl 1.0a16.zip
2018-07-06 13:36 - 2018-07-06 20:24 - 000000000 ____D C:\Users\The Darkside\Downloads\seeds-of-chaos-0.2.33-pc
2018-07-05 23:17 - 2018-07-07 23:12 - 000000000 ____D C:\Users\The Darkside\Downloads\Harem_Hotel-v0.2-pc
2018-07-05 18:08 - 2018-07-05 18:39 - 000000000 ____D C:\Users\The Darkside\Downloads\NLWMD-0.1.0b-pc
2018-07-05 11:54 - 2018-07-05 11:54 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceGen Modeller 3.1.lnk
2018-07-05 11:54 - 2018-07-05 11:54 - 000000000 ____D C:\Program Files (x86)FACEGEN
2018-07-05 11:43 - 2006-06-24 23:18 - 000000000 ____D C:\Users\The Darkside\Desktop\FaceGen v3.1.2
2018-07-05 11:30 - 2018-07-05 11:30 - 000000000 ____D C:\Users\The Darkside\Desktop\ICLONE
2018-07-05 07:39 - 2018-07-05 07:39 - 152829721 _____ C:\Users\The Darkside\Downloads\Daughter For Dessert Ch.10.zip
2018-07-05 07:25 - 2018-07-05 07:25 - 065831619 _____ C:\Users\The Darkside\Downloads\NLWMD-010b-pc.7z
2018-07-05 02:39 - 2018-07-05 02:39 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\GreonoGames
2018-07-05 00:40 - 2016-05-23 00:57 - 000000000 ____D C:\Users\The Darkside\Downloads\VIRTUAL LUST
2018-07-05 00:02 - 2018-07-05 00:02 - 198541817 _____ C:\Users\The Darkside\Downloads\VIRTUAL LUST.rar
2018-07-04 23:55 - 2017-03-27 01:16 - 082999340 _____ C:\Users\The Darkside\Downloads\ATTV3.zip
2018-07-04 22:26 - 2018-07-04 22:26 - 323078218 _____ C:\Users\The Darkside\Downloads\Occultus-0.44-pc.zip
2018-07-04 18:29 - 2018-07-04 18:29 - 000000564 _____ C:\native log.txt
2018-07-04 15:40 - 2018-07-04 18:29 - 000000016 _____ C:\spyhunter.fix
2018-07-04 15:37 - 2018-07-04 15:37 - 000000000 ___HD C:\ygeQZbyhCpyJt4aa
2018-07-04 06:43 - 2018-07-04 06:43 - 000061624 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2018-07-04 06:43 - 2018-07-04 06:43 - 000001057 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2018-07-04 06:43 - 2018-07-04 06:43 - 000000000 ____D C:\sh5ldr
2018-07-04 06:43 - 2018-07-04 06:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2018-07-04 06:43 - 2018-07-04 06:43 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2018-07-04 06:42 - 2018-07-04 06:42 - 000000000 ____D C:\Program Files\EnigmaSoft
2018-07-04 06:41 - 2018-07-04 06:41 - 005930728 _____ (EnigmaSoft Limited) C:\Users\The Darkside\Desktop\SpyHunter-Installer (1).exe
2018-07-04 06:39 - 2018-07-04 06:40 - 002487488 _____ (Kaspersky Lab) C:\Users\The Darkside\Desktop\startup.exe
2018-07-04 04:47 - 2018-07-24 23:40 - 000000000 ____D C:\Users\The Darkside\Desktop\goppelReports
2018-07-04 04:38 - 2018-07-04 06:56 - 000000814 _____ C:\Users\The Darkside\Desktop\Install Kaspersky Total Security version 18.0.0.405.lnk
2018-07-04 04:38 - 2018-07-04 06:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-07-04 03:33 - 2018-07-04 04:00 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-07-04 03:22 - 2018-07-04 05:11 - 000000000 ____D C:\WINDOWS\pss
2018-07-04 02:21 - 2018-07-04 05:32 - 000007605 _____ C:\Users\The Darkside\AppData\Local\resmon.resmoncfg
2018-07-04 01:54 - 2018-07-04 01:54 - 005930728 _____ (EnigmaSoft Limited) C:\Users\The Darkside\Desktop\SpyHunter-Installer.exe
2018-07-04 01:20 - 2018-07-04 01:20 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\The Darkside\Desktop\rkill64-12203.exe
2018-07-04 01:18 - 2018-07-04 01:18 - 007387624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\The Darkside\Desktop\avg_antivirus_free_setup.exe
2018-07-04 01:07 - 2018-07-04 01:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Lily of the Valley v0.9
2018-07-03 11:17 - 2018-07-04 00:37 - 000000001 _____ C:\3pvnidjfhioq822
2018-07-03 04:44 - 2018-07-03 04:57 - 1758437744 _____ C:\Users\The Darkside\Downloads\LCK_CRAIGOS.7z
2018-07-02 06:07 - 2018-07-05 23:41 - 000000000 ____D C:\Users\The Darkside\Downloads\2sides
2018-07-02 06:07 - 2018-07-02 06:07 - 516359137 _____ C:\Users\The Darkside\Downloads\Two Sides - v0.08 - WIN 86x.7z
2018-07-01 15:18 - 2018-07-04 04:11 - 000000000 ____D C:\Users\The Darkside\Downloads\SisterSisterSisterChapter12SE-1.0-pc
2018-07-01 14:39 - 2018-07-03 05:11 - 000000000 ____D C:\Users\The Darkside\Downloads\Babysitter-0.1.3.-win
2018-07-01 14:37 - 2018-07-01 15:17 - 3889395339 _____ C:\Users\The Darkside\Downloads\SisterSisterSisterChapter12SE-1.0-pc.zip
2018-07-01 14:32 - 2018-07-01 14:32 - 010933264 _____ C:\Users\The Darkside\Desktop\bitdefender_windows_ac232bbe-ad4d-4ab6-8f3d-828e0c52ef17.exe
2018-07-01 14:25 - 2018-07-01 14:26 - 010933264 _____ C:\Users\The Darkside\Desktop\bitdefender_windows_dba47e0e-dc99-4bfc-ba40-c2d0fe7cb9c4.exe
2018-07-01 14:15 - 2018-07-01 14:15 - 565014108 _____ C:\Users\The Darkside\Downloads\Babysitter-013-win.zip
2018-06-28 12:53 - 2018-06-28 13:03 - 000000000 ____D C:\Users\The Darkside\Downloads\FallenDoll(Beta1.23)
2018-06-28 04:46 - 2018-06-28 04:46 - 000000000 ____D C:\Users\The Darkside\AppData\Local\FaceGen
2018-06-28 04:46 - 2018-06-28 04:46 - 000000000 ____D C:\ProgramData\FaceGen
2018-06-28 03:35 - 2018-07-09 12:20 - 000000000 ____D C:\Users\The Darkside\Desktop\FG_New
2018-06-28 03:19 - 2018-06-28 03:19 - 000001197 _____ C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceGen Artist Pro.lnk
2018-06-28 03:19 - 2018-06-28 03:19 - 000001077 _____ C:\Users\The Darkside\Desktop\FaceGen Artist Pro.lnk
2018-06-28 03:18 - 2018-06-28 03:18 - 000000000 ____D C:\Program Files\FaceGen
2018-06-28 02:54 - 2018-06-28 02:54 - 000001915 _____ C:\Users\The Darkside\Downloads\Tangle_Up_V7_Walkthrough.rar
2018-06-27 07:06 - 2018-07-05 19:26 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\TechDemo
2018-06-27 07:05 - 2018-07-05 19:28 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\GameDemo
2018-06-27 06:15 - 2018-06-27 06:15 - 100920260 _____ C:\Users\The Darkside\Downloads\R&M_v1_2_6_(x86).zip
2018-06-27 05:03 - 2018-06-27 05:03 - 102973527 _____ C:\Users\The Darkside\Downloads\R&M_v1_2_6_(x64).zip
2018-06-27 00:27 - 2018-06-27 00:27 - 138661892 _____ C:\Users\The Darkside\Downloads\v4.5.7z
2018-06-27 00:21 - 2018-06-27 01:48 - 000000000 ____D C:\Users\The Darkside\Downloads\ANewHome-0.65-pc
2018-06-27 00:21 - 2018-06-27 00:21 - 480799463 _____ C:\Users\The Darkside\Downloads\ANewHome-0.65-pc.zip
2018-06-26 12:39 - 2018-06-27 07:09 - 000000000 ____D C:\Users\The Darkside\Downloads\ActingLessons-0.3.0-pc

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-26 18:34 - 2018-06-14 19:55 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-07-26 18:26 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-26 16:49 - 2018-05-18 10:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-26 15:23 - 2018-05-18 11:22 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{497F5280-68C0-4D6A-8A18-B21C983A393F}
2018-07-26 13:32 - 2017-10-07 06:45 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\RenPy
2018-07-26 12:42 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-26 12:42 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-25 19:38 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-25 19:17 - 2018-06-14 16:37 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-07-25 18:24 - 2018-05-09 05:42 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-25 17:43 - 2018-05-18 11:22 - 000004238 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-07-25 15:03 - 2017-09-29 15:48 - 000000000 __SHD C:\Users\The Darkside\IntelGraphicsProfiles
2018-07-25 14:58 - 2018-05-18 11:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-25 14:57 - 2018-06-14 14:55 - 002890240 _____ (TOSHIBA CORPORATION) C:\WINDOWS\system32\wdavkzlsvc.exe
2018-07-25 14:56 - 2018-04-11 16:04 - 024903680 _____ C:\WINDOWS\system32\config\HARDWARE
2018-07-25 14:56 - 2018-04-11 16:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-07-25 14:23 - 2017-10-07 02:14 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\uTorrent
2018-07-25 09:15 - 2018-06-16 19:55 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1529196833
2018-07-25 09:15 - 2018-06-16 19:53 - 000000000 ____D C:\Program Files\Opera
2018-07-24 21:17 - 2018-05-18 11:08 - 000840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-24 21:17 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-24 19:22 - 2018-01-29 18:02 - 000000000 ____D C:\Users\The Darkside\AppData\Local\UnrealEngine
2018-07-23 23:19 - 2018-01-11 15:44 - 000000000 ____D C:\Users\The Darkside\Downloads\Quickie
2018-07-23 20:59 - 2018-04-11 03:42 - 000000000 ____D C:\Users\The Darkside\.gimp-2.8
2018-07-23 18:01 - 2018-05-18 10:51 - 000000000 ____D C:\Users\The Darkside
2018-07-22 09:25 - 2018-02-11 22:29 - 000000000 ____D C:\Users\The Darkside\Downloads\Daugh For Dess
2018-07-22 07:18 - 2017-11-18 13:33 - 000000000 ____D C:\Users\The Darkside\AppData\Local\tyranoscript
2018-07-22 04:35 - 2018-05-29 10:56 - 000000000 ____D C:\Users\The Darkside\Downloads\LongLiveThePrincess-0.9.0-pc
2018-07-21 13:10 - 2017-10-30 07:12 - 000000000 ____D C:\Users\The Darkside\AppData\Local\ElevatedDiagnostics
2018-07-19 18:26 - 2017-06-23 14:47 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-07-19 18:26 - 2017-06-23 14:47 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-07-19 18:26 - 2017-06-23 14:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-07-19 18:26 - 2017-06-23 14:47 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-07-19 18:26 - 2017-06-23 14:47 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-07-19 18:24 - 2017-06-23 14:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-18 23:39 - 2018-06-14 15:31 - 000000000 ____D C:\ProgramData\Packages
2018-07-18 20:20 - 2018-06-23 00:00 - 000000000 ____D C:\Users\The Darkside\Downloads\SL-0.10-Extra Scenes Edition (PC)
2018-07-18 20:06 - 2017-10-14 18:20 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-07-18 09:19 - 2018-06-21 06:38 - 000000000 ____D C:\Users\The Darkside\Downloads\Hornstown 1.43
2018-07-16 22:46 - 2018-05-18 11:22 - 000003392 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1049983353-2611485309-1903322672-1001
2018-07-16 22:45 - 2017-09-29 15:55 - 000000000 ___RD C:\Users\The Darkside\OneDrive
2018-07-14 00:19 - 2017-10-30 09:39 - 000000000 ____D C:\Users\The Darkside\Downloads\Star_Channel_34-pc
2018-07-13 21:40 - 2018-06-15 22:58 - 000000000 ____D C:\Users\The Darkside\Downloads\Inheritance A17 CHEAT
2018-07-13 14:13 - 2017-09-29 15:48 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\Adobe
2018-07-13 14:05 - 2018-05-18 11:36 - 000000000 ____D C:\Users\The Darkside\AppData\Local\D3DSCache
2018-07-13 01:04 - 2018-05-18 10:43 - 000431304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-11 17:41 - 2017-11-30 20:59 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Packages
2018-07-11 17:40 - 2017-06-23 14:06 - 000000000 ____D C:\ProgramData\PCDr
2018-07-11 17:39 - 2017-06-23 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-07-11 17:32 - 2017-10-16 23:17 - 000000000 ____D C:\ProgramData\SupportAssist
2018-07-11 15:33 - 2018-06-07 14:22 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-11 01:17 - 2018-05-06 06:52 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2018-07-11 00:21 - 2017-11-18 12:23 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Unity
2018-07-10 21:40 - 2018-05-06 02:33 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2018-07-10 20:47 - 2018-05-18 11:22 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-07-10 20:46 - 2017-10-14 17:49 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-10 18:20 - 2017-12-26 17:32 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Campbell Wild
2018-07-10 13:26 - 2018-04-14 21:35 - 000000000 ____D C:\Users\The Darkside\Downloads\School Dreams Saga (TADS)
2018-07-10 01:34 - 2017-06-23 14:15 - 000000000 ____D C:\ProgramData\Dell
2018-07-09 20:46 - 2018-05-06 02:33 - 000002178 _____ C:\Users\The Darkside\Desktop\DAZ Install Manager.lnk
2018-07-09 13:44 - 2017-11-10 01:43 - 000000000 ___RD C:\Users\The Darkside\3D Objects
2018-07-09 06:26 - 2018-06-04 16:47 - 000000812 _____ C:\Users\The Darkside\Desktop\TK17_Launcher - Shortcut.lnk
2018-07-09 02:55 - 2018-04-17 11:35 - 000000000 ____D C:\Users\The Darkside\Downloads\SCP_SCP_SCP
2018-07-08 23:02 - 2017-10-14 17:56 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\McAfee Safe Connect
2018-07-08 22:58 - 2018-05-18 11:22 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2018-07-06 00:05 - 2017-12-01 09:00 - 000000000 ____D C:\Users\The Darkside\AppData\Local\PlaceholderTileLogoFolder
2018-07-04 06:06 - 2018-04-08 07:50 - 000024968 _____ C:\Users\The Darkside\_viminfo
2018-07-04 02:35 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-04 02:03 - 2018-06-16 17:59 - 000001734 _____ C:\Users\The Darkside\Desktop\Rkill.txt
2018-07-04 00:44 - 2018-06-14 14:17 - 000000000 ____D C:\Program Files (x86)\Deactivate
2018-07-03 10:56 - 2018-05-19 15:12 - 000000000 ____D C:\Users\The Darkside\Documents\Movie Studio 14.0 Platinum Projects
2018-07-02 08:36 - 2018-03-08 17:40 - 000000000 ____D C:\Users\The Darkside\Downloads\Online Girl 1.0a
2018-06-28 05:06 - 2018-05-31 03:45 - 000000000 ____D C:\Users\The Darkside\Desktop\Ichio_Games
2018-06-28 01:20 - 2017-12-31 01:55 - 000000000 ____D C:\games
2018-06-28 01:20 - 2017-11-19 05:28 - 000000000 ____D C:\Program Files (x86)\Dating_My_Daughter
2018-06-28 01:20 - 2017-11-09 10:56 - 000000000 __SHD C:\Users\The Darkside\AppData\Roaming\Test
2018-06-28 01:19 - 2018-05-07 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2018-06-28 00:00 - 2018-04-11 16:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-06-27 05:36 - 2017-12-10 07:57 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\DefaultCompany
2018-06-26 23:37 - 2017-09-29 16:02 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 00:01 - 2018-06-25 23:59 - 1442285621 _____ C:\Users\The Darkside\Downloads\MySisterMyRoommateV.8-pc.zip

==================== Files in the root of some directories =======

2018-04-14 21:50 - 2018-04-14 21:50 - 000015714 _____ () C:\Program Files (x86)\htmltads.chm
2018-04-14 21:50 - 2018-04-14 21:50 - 003099397 _____ () C:\Program Files (x86)\htmltads.exe
2018-04-14 21:50 - 2018-04-14 21:50 - 000007297 _____ () C:\Program Files (x86)\license.txt
2018-04-14 21:50 - 2018-04-14 21:50 - 000081920 _____ () C:\Program Files (x86)\mkchrtab32.exe
2018-04-14 21:50 - 2018-04-14 21:50 - 000015320 _____ () C:\Program Files (x86)\tadserr.msg
2018-04-14 21:50 - 2018-04-14 21:49 - 000073728 _____ () C:\Program Files (x86)\TADSUINS.EXE
2018-04-14 21:50 - 2018-04-14 21:50 - 000425984 _____ () C:\Program Files (x86)\tadsweb.exe
2018-04-14 21:50 - 2018-04-14 21:50 - 000264414 _____ () C:\Program Files (x86)\timezones.t3tz
2018-04-14 21:50 - 2018-04-14 21:50 - 000005352 _____ () C:\Program Files (x86)\UnInst20CB.inf
2018-04-14 21:50 - 2018-04-14 21:50 - 000000722 _____ () C:\Program Files (x86)\Uninstall HTML TADS Player Kit.lnk
2018-04-14 21:50 - 2018-04-14 21:50 - 000000581 _____ () C:\Program Files (x86)\win_la1.tcp
2018-04-14 21:50 - 2018-04-14 21:50 - 000007235 _____ () C:\Program Files (x86)\win_la1.tcs
2018-04-27 14:46 - 2018-05-01 17:34 - 000000033 _____ () C:\Users\The Darkside\AppData\Roaming\AdobeWLCMCache.dat
2018-04-29 23:11 - 2018-04-29 23:11 - 000001167 _____ () C:\Users\The Darkside\AppData\Roaming\trace_FilterInstaller.1.txt
2018-04-29 23:11 - 2018-05-29 06:05 - 000001167 _____ () C:\Users\The Darkside\AppData\Roaming\trace_FilterInstaller.txt
2018-04-29 23:11 - 2018-05-29 06:05 - 000000000 _____ () C:\Users\The Darkside\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2018-05-15 06:13 - 2018-06-13 00:13 - 000000267 _____ () C:\Users\The Darkside\AppData\Roaming\WB.CFG
2018-06-14 18:56 - 2018-06-16 19:13 - 000201728 _____ () C:\Users\The Darkside\AppData\Local\Carbide.exe
2018-06-14 10:23 - 2018-06-16 19:22 - 000201728 _____ () C:\Users\The Darkside\AppData\Local\Maximises.exe
2018-05-30 23:12 - 2018-05-30 23:12 - 000023611 _____ () C:\Users\The Darkside\AppData\Local\recently-used.xbel
2018-07-04 02:21 - 2018-07-04 05:32 - 000007605 _____ () C:\Users\The Darkside\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\wmdvybfi.sys -> Access Denied <======= ATTENTION

LastRegBack: 2018-05-18 10:43

==================== End of FRST.txt ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by The Darkside (26-07-2018 18:36:27)
Running from C:\Users\The Darkside\Desktop\FarBar
Windows 10 Home Version 1803 17134.112 (X64) (2018-05-18 16:25:49)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1049983353-2611485309-1903322672-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1049983353-2611485309-1903322672-503 - Limited - Disabled)
Guest (S-1-5-21-1049983353-2611485309-1903322672-501 - Limited - Disabled)
The Darkside (S-1-5-21-1049983353-2611485309-1903322672-1001 - Administrator - Enabled) => C:\Users\The Darkside
WDAGUtilityAccount (S-1-5-21-1049983353-2611485309-1903322672-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

‘åãAwaking (HKLM-x32\...\‘åãAwaking) (Version:  - )
“¯‹•ê–º‚Ì‚¢‚¯‚È‚¢—~–] (HKLM-x32\...\“¯‹•ê–º‚Ì‚¢‚¯‚È‚¢—~–]_is1) (Version: 1.0.0 - “Œ¹‹½)
µTorrent (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
3DF Zephyr Free version 3.702 (HKLM\...\{53B4E599-2462-4A8F-B8D1-E736E7B5477D}_is1) (Version: 3.702 - 3Dflow srl)
３Ｄ少女カスタムエボリューション (HKLM-x32\...\{176CAA79-B214-415A-8BA5-AF5443084F29}) (Version: 1.0.0 - Bullet)
7-Zip 17.01 beta (HKLM-x32\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0_1) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Character Animator CC 2018 (HKLM-x32\...\CHAR_1_5) (Version: 1.5.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Dimension CC (HKLM-x32\...\ESHR_1_1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Fuse CC (Beta) (HKLM-x32\...\{B57067F9-E97B-46EE-94F5-179373B81A6C}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_3_1) (Version: 7.3.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
ADRIFT 5 (HKLM-x32\...\{64919026-76DB-442B-98C0-DCD66C0EB026}) (Version: 5.0.35.2 - Campbell Wild)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
AnonymizerGadget (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\AnonymizerGadget) (Version: 1 - Jetico lim) <==== ATTENTION
ApowerREC V1.0.8 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.0.8 - Apowersoft LIMITED)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Autodesk 3ds Max 2018 (HKLM\...\{52B37EC7-D836-0410-0764-3C24BCED2010}) (Version: 20.0.0.966 - Autodesk) Hidden
Autodesk 3ds Max 2018 (HKLM\...\Autodesk 3ds Max 2018) (Version: 20.0.0.966 - Autodesk)
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk Backburner 2018.0 (HKLM-x32\...\{0038F5AA-8482-4BB2-8A28-3FEA1D58D78A}) (Version: 18.0.0.0 - Autodesk)
Autodesk Certificate Package  (x64) - 5.1.4 (HKLM\...\{79D5E475-5EAB-4474-84F5-BD612337A175}) (Version: 5.1.4.100 - Autodesk)
Autodesk Civil View for 3ds Max 2018 64-bit (HKLM\...\{51C8EDF7-FFDA-430A-8B5E-1895FF14ACB7}) (Version: 20.0.0.0 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.10.89 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2018 (HKLM\...\{1984E20A-184B-4073-87F4-6755F3EE5769}) (Version: 20.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2018 (HKLM-x32\...\{6EC5DA32-D02D-47D4-A3C4-988C1BC1A5FE}) (Version: 16.11.1.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2018 (HKLM\...\{0BB716E0-1800-0610-0000-097DC2F354DF}) (Version: 18.0.0.412 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2018 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2018) (Version: 18.0.0.412 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
Chrome Remote Desktop Host (HKLM-x32\...\{BB81EEBD-7942-4796-8556-0B84A6235C99}) (Version: 68.0.3440.11 - Google Inc.)
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - ) <==== ATTENTION
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 52.4.0.0 - 8pecxstudios)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DAZ Install Manager (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\DAZ Install Manager 1.1.0.100) (Version: 1.1.0.100 - DAZ 3D)
DAZ Install Manager (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\DAZ Install Manager 1.1.0.74) (Version: 1.1.0.74 - DAZ 3D)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.09 - NCH Software)
Dell Customer Connect (HKLM-x32\...\{4D0D1313-C0BF-4092-944A-129C8469F794}) (Version: 1.4.17.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{2B2C47D2-F037-4C03-B599-07D7AFE8DD54}) (Version: 3.3.0.4943 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{8ce1a5ae-856e-4b8e-a0e8-27dd7a209276}) (Version: 3.3.0.4943 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{B16CC15E-08D8-4FA8-AE36-4DC5C197ED92}) (Version: 3.3.0.4941 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{74d58082-09be-4059-afb8-50334cde261d}) (Version: 3.3.0.4941 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - )
FaceGen Artist Pro (HKLM\...\{67332538-876C-461A-87FF-15ACEC5F2D95}) (Version: 1.10.0.0 - Singular Inversions Inc.)
FaceGen Modeller 3.1 (HKLM-x32\...\{332B1B33-D0EE-4A0A-AB2F-12BF56BCE1C3}) (Version: 1.0.0 - Singular Inversions Inc.)
Fantasy (HKLM-x32\...\ST5UNST #1) (Version:  - )
FL Studio 12.1.2 (HKLM\...\FL Studio 12.1.2_is1) (Version:  - )
FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version:  - Image-Line)
FlashBack Express 5 (HKLM-x32\...\FlashBack Express 5) (Version: 5.30.0.4329 - Blueberry Software (UK) Ltd.)
GameMaker Studio 2 (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\GameMakerStudio2) (Version:  - )
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Girlvania (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\{837FAFB9-EBA5-4727-95AD-792C4F671531}) (Version: 1.2.2 - Girlvanic Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HF pAppLoc version 1.1.1 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1.1 - Inquisitor)
HTML TADS Player Kit (HKLM-x32\...\htmltads.exe) (Version:  - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM\...\{06F94C28-DE1D-485F-AD91-333ACEB3F52D}) (Version: 1.6.100.32677 - Intel Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Lightning Warrior Raidy (HKLM-x32\...\Lightning Warrior Raidy) (Version:  - )
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.0.0 - Lightworks)
LOOXIS Faceworx 1.0 (HKLM-x32\...\LOOXIS Faceworx_is1) (Version: 1.0.0.1 - LOOXIS GmbH)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MAXtoA for 3ds Max 2018 (HKLM\...\{471069C7-09E2-4289-8EB7-852237FD867E}) (Version: 1.0.712.0 - Solid Angle)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9434.1 - Waves Audio Ltd.) Hidden
McAfee Safe Connect (HKLM-x32\...\{8DF95C34-C5EB-4026-9C86-E49F2A94677A}) (Version: 1.6.0.223 - McAfee, Inc)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.766.1 - McAfee, Inc.)
MediaPlayerLite 0.5.4.0 (HKLM-x32\...\MediaPlayerLite) (Version: 0.5.4.0 - MediaPlayerLite)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
MeshLab_64b 2016 (HKLM-x32\...\MeshLab_64b) (Version: 2016 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
MeshMagic 3D Modeling Software (HKLM-x32\...\MeshMagic) (Version: 1.10 - NCH Software)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Movie Studio 14.0 Platinum (HKLM\...\{B1A08DCF-731B-11E7-8C1A-95BE57594EAC}) (Version: 14.0.148 - VEGAS)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
NVIDIA mental ray and IRay feature plugins for 3ds Max 2018 (HKLM\...\{C76BBD60-09DB-43B3-B5B0-BF00C80B500C}) (Version: 19.0.0.0 - Autodesk)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Opera Stable 54.0.2952.60 (HKLM-x32\...\Opera 54.0.2952.60) (Version: 54.0.2952.60 - Opera Software)
Palikan (HKLM-x32\...\{116FF9AF-41EF-282F-F06F-58AF20EF8B2F}) (Version:  - )
PDFescape Desktop (HKLM-x32\...\PDFescape Desktop) (Version: 2.0.35.34126 - RedSoftware)
PDFescape Desktop Asian Fonts Pack (HKLM\...\{ED6ED3F9-31AC-4360-9F30-7909FC5B66CF}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop Convert Module (HKLM\...\{88332A12-914F-43C2-A1F2-F5E225642EBD}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop Create Module (HKLM\...\{1494D0BD-6284-43C2-87A1-5B2F7A5CA5C1}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop Edit Module (HKLM\...\{37E3FFCA-6A24-4762-826F-4F43F0A97C2E}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop Forms Module (HKLM\...\{6F3B51B6-B27B-4D14-96C5-4B1C1D1149B7}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop Insert Module (HKLM\...\{2F895ED2-6998-4C39-8668-7117804D127A}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop Review Module (HKLM\...\{9BC922F2-4D2F-4FD6-B7C8-9E1C63B3ED39}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop Secure Module (HKLM\...\{D20659F5-61A5-4385-A267-77CF442C1CB0}) (Version: 2.0.36.34130 - Red Software) Hidden
PDFescape Desktop View Module (HKLM\...\{EC492F74-CD9C-419A-8FFA-C49319F59955}) (Version: 2.0.36.34130 - Red Software) Hidden
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 4.07 - NCH Software)
Product Registration (HKLM\...\{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10441 - Qualcomm)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.11 - Qualcomm Atheros)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.38 - Dell Inc.)
Rags Suite 3.0.60 (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Rags Suite 3.0.60) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM-x32\...\Recordpad) (Version: 5.35 - NCH Software)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\{835D562C-B72C-461D-A9C3-B8206B66E85A}) (Version: 1.01 - RPG MAKER)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Savegames (HKLM-x32\...\Savegames) (Version:  - )
sdrt(5.0, 64bit) (HKLM\...\{63A3DBCF-FB40-4398-9AE5-94EE6206CE12}) (Version: 5.0.5.0 - Paltiosoft Inc.)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Rivet Networks)
SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 5.05 - NCH Software)
Spin 3D Mesh Converter (HKLM-x32\...\Spin3D) (Version: 1.03 - NCH Software)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.0.30.51 - EnigmaSoft Limited)
SS0pt (HKLM-x32\...\SS0pt) (Version: 2.0.3.6 - SoftwareX Corp)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Substance Painter 2 version 2.4.1 (HKLM\...\{f42b7a996fa1d13a1d0a2e33eea2c0800bb5d1b8}_is1) (Version: 2.4.1 - Allegorithmic)
SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version:  - swffileplayer.com)
Terragen 4 (HKLM\...\{B086BED7-D8D0-45FE-9649-249C3A736C31}) (Version: 4.1.18 - Planetside Software)
The Elder Scrolls V Skyrim Legendary Edition version 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - Mr DJ)
The Klub 17 (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Klub-10) (Version: 10.0.0 - Team WRK17)
The Klub 17 (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\Klub-7) (Version: 7.5.0 - Team WRK17)
thriXXX-Launcher (HKLM-x32\...\thriXXX-Launcher) (Version:  - thriXXX Software GmbH)
Victoria 4.2 Bodysuit (HKLM-x32\...\Victoria 4.2 Bodysuit ps_ac1847_V4Bodysuit) (Version: ps_ac1847_V4Bodysuit - Name of your company)
Viking's Daughter version 1.6 (HKLM-x32\...\{D5DCD356-EC7A-4C43-B4DC-C38C937FF165}_is1) (Version: 1.6 - FlyRenders)
Vim 8.0 (self-installing) (HKLM\...\Vim 8.0) (Version:  - )
VTFEdit 1.3.3 (HKLM\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.09 - NCH Software)
ZD Soft Screen Recorder 11.1.10 (HKLM-x32\...\{1CA1D369-D09C-48D5-A850-3A0575710D8E}) (Version: 11.1.10.0 - ZD Soft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2018\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-51E42CB53365}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2018\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2018\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1049983353-2611485309-1903322672-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-14] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1-x32: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-14] (AVAST Software)
ContextMenuHandlers1-x32: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1-x32: [gvim] -> {51EEE242-AD87-11d3-9C1E-0090278BBD99} => C:\Program Files (x86)\Vim\vim80\gvimext.dll [2017-04-23] (Tianmiao Hu's Developer Studio)
ContextMenuHandlers1-x32: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-06-14] (AO Kaspersky Lab)
ContextMenuHandlers1-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1-x32: [QuickShare] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-06-14] (AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-14] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers4-x32: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-06-14] (AO Kaspersky Lab)
ContextMenuHandlers4-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.)
ContextMenuHandlers4-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxDTCM.dll [2018-03-21] (Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6-x32: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-14] (AVAST Software)
ContextMenuHandlers6-x32: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-06-14] (AO Kaspersky Lab)
ContextMenuHandlers6-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.)
ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15F7B7F8-CAD6-4E08-B9F6-F35F006EF5C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {233C02B6-02D4-487D-B593-0089CB6F0445} - System32\Tasks\Product Updater => C:\Program Files (x86)\Webcam Screen Video Capture Free\FFProductUpdater.exe
Task: {28180331-01F6-41EA-98D2-733F61C2F74D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-19] (Microsoft Corporation)
Task: {3E5B860C-AD40-467A-9844-53DFE503CF49} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-MU05H1A-The Darkside => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {42A9777B-3B82-43B1-8F8F-8313D3F522E1} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1049983353-2611485309-1903322672-1001 => C:\Users\The Darkside\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {5BD26086-EB5F-493F-B7F9-F6CBF1EC6F53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-30] (Microsoft Corporation)
Task: {5E6FBF26-BA2E-4C2D-A99D-7DBCF94147F5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {7E1EC96A-C812-45C7-A3EF-5FFA33770401} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2018-03-20] (DELL)
Task: {82C3D5E8-908D-4296-8413-666E9CE70A1C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-14] (AVAST Software)
Task: {92B09881-07DC-4CA7-ABFE-78E72555D269} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {9EAED4EC-2B5A-48D1-8504-7832126B2E92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-29] (Google Inc.)
Task: {B076EFED-8AFF-447E-A82B-2429EE51F1B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-30] (Microsoft Corporation)
Task: {B4BA9C15-81D7-4FF8-A6C5-7A5EC8FCAB94} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {C2813C41-EBF4-4803-9252-A4449BF84D3F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-13] (Microsoft Corporation)
Task: {C956839B-D954-485B-BF38-7EE66E1C12E7} - System32\Tasks\S-1-5-21-1049983353-2611485309-1903322672-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {D0E55EBA-EEB5-40D8-92EB-C5CED001EFC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-30] (Microsoft Corporation)
Task: {D57C4FEC-22E6-4E70-BEB8-798FBF6ADCBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-29] (Google Inc.)
Task: {D9C846EC-B67B-4CA3-AE1D-96E1F7C13595} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-19] (Microsoft Corporation)
Task: {DC5B63E1-2E95-4E42-ABBC-13B285D8CB75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-30] (Microsoft Corporation)
Task: {E5D2244B-8AC9-40E4-9931-8B903F8F2B6A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe [2018-06-14] (AVAST Software)
Task: {E9EFDBA4-AB0D-4013-88D3-A4FE01EAB409} - System32\Tasks\Opera scheduled Autoupdate 1529196833 => C:\Program Files\Opera\launcher.exe [2018-07-19] (Opera Software)
Task: {EBD912DB-B2DE-4CEC-B59E-A127507D8974} - System32\Tasks\AGProxyCheck => C:\Program [Argument = Files (x86)\AnonymizerGadget\AGService.exe /recove]
Task: {F3E9152F-58E1-4492-B3DF-BDC1649D54A7} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-07-19] (Microsoft Corporation)
Task: {F87C05E5-D278-417B-BD0D-6A84C2B21424} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-MU05H1A-The Darkside => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\The Darkside\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\14811

ShortcutWithArgument: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Get Construct 3 - Construct 3 Manual.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jflnpeolhgcnanoljonjcigenodjabej

==================== Loaded Modules (Whitelisted) ==============

2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-07-08 21:26 - 2018-07-08 21:26 - 000024536 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAppWire.exe
2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-10-18 16:51 - 2017-10-18 16:51 - 000598528 _____ () C:\Users\The Darkside\AppData\Local\MEGAsync\ShellExtX64.dll
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-06-12 18:51 - 2018-06-08 03:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-12 18:51 - 2018-06-08 03:56 - 002060288 _____ () C:\Windows\System32\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll
2018-07-19 00:45 - 2018-07-19 00:50 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-19 00:45 - 2018-07-19 00:50 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-19 00:45 - 2018-07-19 00:50 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-19 00:45 - 2018-07-19 00:50 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-19 00:45 - 2018-07-19 00:50 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-09 02:12 - 2018-07-09 02:33 - 003429376 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
2018-07-09 02:12 - 2018-07-09 02:33 - 000016384 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\SharedMemory.dll
2018-07-09 02:12 - 2018-07-09 02:33 - 000982016 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\Telemetry.dll
2018-07-09 02:12 - 2018-07-09 02:33 - 000813056 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\Utils.CX.dll
2018-04-12 04:20 - 2018-04-12 04:20 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-09 02:12 - 2018-07-09 02:33 - 007865344 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\PaintStudio.ViewElements.dll
2018-07-09 02:12 - 2018-07-09 02:33 - 008877568 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\PaintStudio.ViewModel.dll
2018-07-09 02:12 - 2018-07-09 02:33 - 000507904 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\ConfigurationManager.dll
2018-07-09 02:12 - 2018-07-09 02:33 - 000626176 _____ () C:\Program Files\WindowsApps\Microsoft.MSPaint_5.1806.20057.0_x64__8wekyb3d8bbwe\MSASignIn.dll
2018-07-14 04:46 - 2018-07-14 04:58 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-14 04:46 - 2018-07-14 04:58 - 002449952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-14 04:46 - 2018-07-14 04:58 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11806.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-07-09 16:29 - 2018-07-09 17:06 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-06-26 23:36 - 2018-06-22 14:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-26 23:36 - 2018-06-22 14:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-07-26 09:18 - 2018-07-26 09:32 - 035195392 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-26 09:18 - 2018-07-26 09:32 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-26 09:18 - 2018-07-26 09:32 - 006373376 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-29 16:52 - 2017-09-29 16:55 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-18 21:55 - 2018-07-18 22:22 - 068153856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-29 16:55 - 2017-09-29 17:13 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-26 11:05 - 2018-04-26 11:16 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-03-29 14:16 - 2018-03-29 14:17 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 00:03 - 2018-05-30 00:04 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-11 21:53 - 2018-02-11 22:23 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-18 21:55 - 2018-07-18 22:26 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.17710.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-09 22:13 - 2018-05-09 01:54 - 000062840 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head2.dll
2018-05-09 22:13 - 2018-05-09 01:54 - 000140152 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2017-05-02 09:39 - 2017-05-02 09:39 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2018-03-27 13:41 - 2018-03-27 13:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-11-09 00:44 - 2017-11-09 00:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-09 05:45 - 2018-06-08 16:38 - 000788256 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-05-09 05:45 - 2018-06-08 16:42 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-05-09 05:45 - 2018-06-08 18:39 - 002632992 _____ () C:\Program Files (x86)\Steam\video.dll
2018-05-09 05:45 - 2018-06-08 16:40 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-05-09 05:45 - 2018-06-08 16:40 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-05-09 05:45 - 2018-06-08 16:40 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-05-09 05:45 - 2018-06-08 16:40 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-05-09 05:45 - 2018-06-08 16:40 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-05-09 05:45 - 2018-06-08 16:40 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-05-09 05:45 - 2018-06-08 16:40 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-05-09 05:45 - 2018-06-08 18:38 - 000979744 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-09-10 15:51 - 2017-09-10 15:51 - 000798208 _____ () C:\Users\The Darkside\AppData\Local\MEGAsync\libsodium.dll
2018-05-09 22:13 - 2018-05-09 01:04 - 000050984 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2018-05-09 22:13 - 2018-05-09 01:04 - 000060712 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2018-05-09 22:13 - 2018-05-09 01:04 - 000202024 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2018-05-09 22:13 - 2018-05-09 01:04 - 000789288 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2018-05-09 22:13 - 2017-09-05 03:09 - 059523896 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2018-05-09 22:13 - 2017-09-05 03:09 - 002203448 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2018-05-09 22:13 - 2017-09-05 03:09 - 000087352 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2018-05-09 05:46 - 2018-06-08 16:39 - 000788256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-05-09 05:46 - 2018-06-08 16:39 - 083524384 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-05-09 05:45 - 2018-06-08 16:42 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-06-14 20:31 - 2018-07-18 20:07 - 000000178 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.1    mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\The Darkside\Pictures\sketchers\storm.tif
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AVP18.0.0 => 2
MSCONFIG\Services: klvssbridge64_18.0.0 => 3
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Heeding"
HKLM\...\StartupApproved\Run: => "Belch"
HKLM\...\StartupApproved\Run: => "Nathaniel"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Marginalize"
HKLM\...\StartupApproved\Run32: => "Basal"
HKLM\...\StartupApproved\Run32: => "Deviancy"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\StartupFolder: => "psu.lnk"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "Modernistic"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "Telephonics"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "Deerskin"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "Zi"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_42B6C4E0E2331C9A306BDCB1AE735366"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "Servants"
HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\StartupApproved\Run: => "Prowled"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{520C47EF-A42F-4F6C-A1E0-03A82F0D58B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{89D34307-AD83-4FDB-94EF-B4D225FA8390}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{BE7A0D0A-62A9-40B0-896E-1D12F79D9876}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{6D5E680D-1900-4C1E-9312-F9F155B8D571}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{F4CC3C1D-1BE5-4A92-A57F-EF88F0A959E3}] => (Allow) C:\Users\The Darkside\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [UDP Query User{484DADB9-7734-42CB-9987-2A71FFBC4E98}C:\users\the darkside\downloads\daughter for dessert ch.7\server\miniweb.exe] => (Block) C:\users\the darkside\downloads\daughter for dessert ch.7\server\miniweb.exe
FirewallRules: [TCP Query User{3AA0859B-8E6A-4E98-9166-0F320C1B9D3A}C:\users\the darkside\downloads\daughter for dessert ch.7\server\miniweb.exe] => (Block) C:\users\the darkside\downloads\daughter for dessert ch.7\server\miniweb.exe
FirewallRules: [{EE904AD1-70CA-4288-AF3C-BECA9733ABF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [{67B644BD-B289-4C6E-8DB6-2A4C248E1D29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\LocalAdmin.exe
FirewallRules: [{50DCA089-4A02-4420-A180-659436129ABC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{E983357F-7F4E-4D7E-92DD-6F592F57D98F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
FirewallRules: [{4FEB26C8-7B83-4E08-A3AC-25BA3DEFEE7F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{84430EC7-F907-4888-8AEF-EC5A421B7F78}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1EBC458B-0BB3-41CF-AD4D-E345B5DC2A53}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DA5C9DCC-A289-41D0-A613-CC789A13F6A3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3ABC774E-1CD1-4645-A9EF-8E3BA9D585D4}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe
FirewallRules: [{65C16FB6-7FE0-4E9B-8C61-5AD2BC0B7555}] => (Allow) C:\Program Files (x86)\Lightworks\ntcardvt.exe
FirewallRules: [{F91A78E8-478C-4370-859C-F3492A821810}] => (Allow) C:\Program Files (x86)\Lightworks\Lightworks.exe
FirewallRules: [{038724D2-369D-4313-A190-09732665F198}] => (Allow) C:\Program Files (x86)\Lightworks\Lightworks.exe
FirewallRules: [{850ADCEF-1FD1-4504-ABEF-3E3B83E7E748}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe
FirewallRules: [{DB2A9EC4-270C-44ED-A95F-C1F60493B008}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe
FirewallRules: [UDP Query User{CEFEB70E-47A5-4408-BAB5-9EBEE5A87B10}C:\users\the darkside\downloads\deep space waifu - academy\deep space waifu.exe] => (Allow) C:\users\the darkside\downloads\deep space waifu - academy\deep space waifu.exe
FirewallRules: [TCP Query User{1D890D4D-CB35-4A0E-81F1-039B207DCC15}C:\users\the darkside\downloads\deep space waifu - academy\deep space waifu.exe] => (Allow) C:\users\the darkside\downloads\deep space waifu - academy\deep space waifu.exe
FirewallRules: [UDP Query User{26F6DFA0-0F18-49A4-9263-739C658BDBA5}C:\users\the darkside\downloads\snake valley\server\miniweb.exe] => (Allow) C:\users\the darkside\downloads\snake valley\server\miniweb.exe
FirewallRules: [TCP Query User{3EC43A29-AC38-48DE-9E47-C7EC249B9FE9}C:\users\the darkside\downloads\snake valley\server\miniweb.exe] => (Allow) C:\users\the darkside\downloads\snake valley\server\miniweb.exe
FirewallRules: [UDP Query User{75FB16BA-C220-40FD-B631-14BFED9BE1FC}C:\users\the darkside\downloads\daugh for dess\daughter for dessert - chapter 4\server\miniweb.exe] => (Allow) C:\users\the darkside\downloads\daugh for dess\daughter for dessert - chapter 4\server\miniweb.exe
FirewallRules: [TCP Query User{32FE2628-19F2-4E82-9399-724E5265F504}C:\users\the darkside\downloads\daugh for dess\daughter for dessert - chapter 4\server\miniweb.exe] => (Allow) C:\users\the darkside\downloads\daugh for dess\daughter for dessert - chapter 4\server\miniweb.exe
FirewallRules: [{CA4194D1-1EE3-4D59-B2AC-62E14C558801}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{34FC8937-1B2D-4983-93C7-10AA507A93AD}] => (Allow) C:\Users\The Darkside\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{30A30F29-565D-45AF-B2D6-3837279000F8}] => (Allow) C:\Users\The Darkside\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9DFA6BB4-8164-464A-B7D0-BBE04192B0FA}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{70084E3D-D37B-48C1-89D4-DEFD5047760B}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{EE04E324-B850-4F0B-A7C2-E4FDE8145909}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\Streaming Video Recorder 6.exe
FirewallRules: [{9F0ADF3C-3147-47B9-8294-AFC24ED578A4}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\Streaming Video Recorder 6.exe
FirewallRules: [{FACD0897-04F7-4A22-A909-661858D82647}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\rtmpsrv.exe
FirewallRules: [{FD176173-E7CE-4339-9D93-EF51B9D67FDC}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\rtmpsrv.exe
FirewallRules: [TCP Query User{6BAFF823-91BA-4B0F-8C1C-CD2E7C22306F}C:\program files\allegorithmic\substance painter 2\substance painter 2.exe] => (Allow) C:\program files\allegorithmic\substance painter 2\substance painter 2.exe
FirewallRules: [UDP Query User{C8D4DB62-DDE7-4356-807D-76E22FF555AA}C:\program files\allegorithmic\substance painter 2\substance painter 2.exe] => (Allow) C:\program files\allegorithmic\substance painter 2\substance painter 2.exe
FirewallRules: [{2F843485-2D42-44B9-9458-CAE969B99F9D}] => (Allow) C:\Program Files (x86)\Nuova\Carbide.exe
FirewallRules: [{3E7EF3E7-A2F9-4FD5-9A90-6007CB656C90}] => (Allow) C:\Program Files (x86)\Pollard\Carbide.exe
FirewallRules: [{A48F8C57-8422-4E82-B922-675B5F338690}] => (Allow) C:\Program Files (x86)\cherubini\Maximises.exe
FirewallRules: [{770B9F0A-18FD-40DD-A6DF-120F56BEC2E2}] => (Allow) C:\Program Files (x86)\Pollard\Maximises.exe
FirewallRules: [{EFF6DB5A-A2BA-49E7-A7F6-8E5D4F533867}] => (Allow) C:\ProgramData\Microsoft\Windows\GPR\network\svcnetwk.exe
FirewallRules: [{0B76B90C-D75F-4DCF-9D0F-2C604E0F2747}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\68.0.3440.11\remoting_host.exe
FirewallRules: [{EF9A9FBA-564E-4D4D-B10B-963E55DE46F0}] => (Allow) C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{06E716FE-5E35-4F97-932A-84B5A6113B34}] => (Allow) C:\Program Files (x86)\Mr DJ\The Elder Scrolls V Skyrim Legendary Edition\SkyrimLauncher.exe
FirewallRules: [{08A009BD-2F48-4775-9992-FFC823752F7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9F7D3381-2E4D-4BEA-B925-97F1DB1E9CFC}] => (Block) %ProgramFiles%\FaceGen\Artist Pro\fgArtistPro.exe
FirewallRules: [{67596075-D36A-43EB-9E31-359604D274B2}] => (Allow) C:\Program Files\Opera\54.0.2952.54\opera.exe
FirewallRules: [{8A359560-50B9-4445-8AB5-B883B1DEF13F}] => (Allow) C:\Program Files\Opera\54.0.2952.60\opera.exe

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2018 06:41:42 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: Unable to read Server Queue performance data from the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

Error: (07/26/2018 06:36:21 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

Error: (07/26/2018 06:35:42 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: Unable to read Server Queue performance data from the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

Error: (07/26/2018 06:33:41 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

Error: (07/26/2018 06:15:44 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: Unable to read Server Queue performance data from the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

Error: (07/26/2018 06:10:18 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

Error: (07/26/2018 06:09:44 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description: Unable to read Server Queue performance data from the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

Error: (07/26/2018 06:07:43 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

System errors:
=============
Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/26/2018 06:17:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Windows Defender:
===================================
Date: 2018-06-14 14:41:09.423
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tilken.B!cl&threatid=2147722740&enterprise=0
Name: Trojan:Win32/Tilken.B!cl
ID: 2147722740
Severity: Severe
Category: Trojan
Path: file:_C:\ProgramData\Microsoft\Windows\GPR\func\libvlcwk.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\ProgramData\Microsoft\Windows\GPR\func\chrome.exe
Signature Version: AV: 1.269.1212.0, AS: 1.269.1212.0, NIS: 1.269.1212.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-14 14:40:59.108
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tilken.B!cl&threatid=2147722740&enterprise=0
Name: Trojan:Win32/Tilken.B!cl
ID: 2147722740
Severity: Severe
Category: Trojan
Path: file:_C:\ProgramData\Microsoft\Windows\GPR\func\libvlcwk.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\ProgramData\Microsoft\Windows\GPR\func\chrome.exe
Signature Version: AV: 1.269.1212.0, AS: 1.269.1212.0, NIS: 1.269.1212.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-14 14:40:49.383
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tilken.B!cl&threatid=2147722740&enterprise=0
Name: Trojan:Win32/Tilken.B!cl
ID: 2147722740
Severity: Severe
Category: Trojan
Path: file:_C:\ProgramData\Microsoft\Windows\GPR\func\libvlcwk.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\ProgramData\Microsoft\Windows\GPR\func\chrome.exe
Signature Version: AV: 1.269.1212.0, AS: 1.269.1212.0, NIS: 1.269.1212.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-14 14:40:40.725
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tilken.B!cl&threatid=2147722740&enterprise=0
Name: Trojan:Win32/Tilken.B!cl
ID: 2147722740
Severity: Severe
Category: Trojan
Path: file:_C:\ProgramData\Microsoft\Windows\GPR\func\libvlcwk.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\ProgramData\Microsoft\Windows\GPR\func\chrome.exe
Signature Version: AV: 1.269.1212.0, AS: 1.269.1212.0, NIS: 1.269.1212.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-14 14:40:28.495
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tilken.B!cl&threatid=2147722740&enterprise=0
Name: Trojan:Win32/Tilken.B!cl
ID: 2147722740
Severity: Severe
Category: Trojan
Path: file:_C:\ProgramData\Microsoft\Windows\GPR\func\libvlcwk.dll
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\ProgramData\Microsoft\Windows\GPR\func\chrome.exe
Signature Version: AV: 1.269.1212.0, AS: 1.269.1212.0, NIS: 1.269.1212.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-11 17:08:50.162
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.973.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

Date: 2018-06-11 17:08:50.162
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.973.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

Date: 2018-06-11 17:08:50.161
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.973.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

Date: 2018-06-11 17:08:45.009
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 
Update Source: User
Signature Type: 
Update Type: 
Current Engine Version: 
Previous Engine Version: 
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

Date: 2018-06-11 17:08:45.005
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 
Update Source: User
Signature Type: 
Update Type: 
Current Engine Version: 
Previous Engine Version: 
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install. 

CodeIntegrity:
===================================

Date: 2018-07-25 23:03:35.048
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

Date: 2018-07-25 23:03:35.028
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

Date: 2018-07-25 23:03:35.000
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

Date: 2018-07-25 22:02:26.992
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

Date: 2018-07-25 22:02:26.973
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

Date: 2018-07-25 22:02:26.955
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

Date: 2018-07-25 21:06:16.252
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

Date: 2018-07-25 21:06:16.233
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wdavkzlsvc.exe that did not meet the Unchecked signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8061.9 MB
Available physical RAM: 3964.88 MB
Total Virtual: 10275.54 MB
Available Virtual: 3970.11 MB

==================== Drives ================================

Drive ? (OS) (Fixed) (Total:917.71 GB) (Free:88.05 GB) NTFS

\\?\Volume{97da5051-a79f-42a8-bc4d-ed6a45043bf5}\ () (Fixed) (Total:0.78 GB) (Free:0.32 GB) NTFS
\\?\Volume{8270f1d4-e8ba-41b7-8897-4b4d877bfd62}\ () (Fixed) (Total:0 GB) (Free:0 GB) 
\\?\Volume{95d40c3f-8f0a-488c-af54-e33b4e76a296}\ (DELLSUPPORT) (Fixed) (Total:1.11 GB) (Free:0.53 GB) NTFS
\\?\Volume{b6f573ab-2888-4098-ae37-4e46c9a0c6cc}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
\\?\Volume{504a84c2-5b9a-11e8-8e15-5413793fc796}\ (Amnesia - The Da) (CDROM) (Total:0.95 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A1A267C0)

Partition: GPT.

==================== End of Addition.txt ============================

 

FRST.txt

Addition.txt

 

 

 

 

 

 

 

 

[nasdaq]

Hi,

I have identified a bad SmartService infection.

You will need access to a spare PC and a USB flash drive that has not been in contact with the sick PC...
Let me know if you have this access.

I need to know first if you can enable the Recovery Environment...

Open FRST on the compromised computer:

copy/paste the following inside the text area of FRST. Once done, click on the Fix button. A file called fixlog.txt should appear on your desktop. Attach it in your next reply.

Start::
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes
End::

On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad
Copy and paste its content in your next reply.

Wait for further instructions.
<<<>>>

[darkside00]

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by The Darkside (27-07-2018 18:15:47) Run:1
Running from C:\Users\The Darkside\Desktop\FarBar
Loaded Profiles: The Darkside (Available Profiles: The Darkside)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes

*****************

========= bcdedit.exe /set {bootmgr} displaybootmenu yes =========

'bcdedit.exe?' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

========= bcdedit.exe /set {default} recoveryenabled yes =========

The operation completed successfully.

========= End of CMD: =========

==== End of Fixlog 18:15:48 ====

 

 

Fixlog_fixscan.txt

[nasdaq]

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

There are cases when software installers mess up our Windows environment variables. When the environment variables get messed up, it could lead to trouble with other programs that share the same environment variable. One such symptom is the following error:

'bcdedit.exe?' is not recognized as an internal or external command,

operable program or batch file.

We have to take care of this error.

1. Right-Click on My Computer icon 
2. Select the Advanced tab 
3. Click on Environment Variables 
4. Under "System Variables" locate Path and choose 'EDIT'.
5. Copy this entire string and paste it into Notepad for safe keeping. 

Safe the file as My_Path.txt

Attach the file for my review.

[darkside00]

C:\Program Files (x86)\Intel\iCLS Client\;%INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files (x86)\Autodesk\Backburner\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT

My_Path.txt

[nasdaq]

Hi,

Your PATH looks good.

Run the  CMD.EXE as an Administrator.

Type or copy this line at the prompt
bcdedit.exe /set {bootmgr} displaybootmenu yes
next 

Type or copy this line at the prompt
bcdedit.exe /set {default} recoveryenabled yes

For both commands you should see this reply.

The operation completed successfully.

Can you confirm this?

Or is booting the (bootmgr) still a problem?

[darkside00]

Yes I can confirm getting "The operation completed successfully." message from both inputs.

(i attached  screenshot of the yields)

[nasdaq]

Lets proceed:

Preparing the USB Flash Drive

Boot up your spare PC:
Plug in the flash drive, navigate to that drive, right click on it direct and select format. Quick option is adequate.

Next,

On that same PC download the right version of Farbar program for your system to Desktop or the Flash drive.
64-bit or 32 bit version. Select the one you need.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

If the files were saved on the Desktopl Move the executable (FRST.exe or FRST64.exe) to your USB Flash Drive 
 

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system.
https://support.microsoft.com/en-us/help/827218/how-to-determine-whether-a-computer-is-running-a-32-bit-version-or-64

Do not plug Flash Drive into sick PC until booted to Recovery Environment.

===

Boot the compromised PC to Recovery Environment, if you are unsure of that action have a read at the following link, maybe bookmark for future reference...

To enter the Recovery Environment with Windows 10, follow the instructions in this tutorial on TenForums https://www.tenforums.com/tutorials/2294-boot-advanced-startup-options-windows-10-a.html

From the Windows 10 Tutorial you should get access to the Advanced Startup Options at boot for Windows 10

Select in this order
"Troubleshoot" > "Advance Options" > "Command Prompt"

Once in the command prompt

Plug your USB Flash Drive in the infected computer

In the command prompt, type notepad and press on Enter
Notepad will open. Click on the File menu and select Open
Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad
In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter
Note: Replace the letter e with the drive letter of your USB Flash Drive
FRST will open
Click on Yes to accept the disclaimer
Click on the Scan button and wait for the scan to complete
A log called FRST.txt will be saved on your USB Flash Drive. Attach it in your next reply.

p.s.
If at any time you need additional information please ask before proceeding.

Wait for further instructions.

[darkside00]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by SYSTEM on MININT-EL95HB3 (31-07-2018 07:56:27)
Running from f:\
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3925504 2016-08-09] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-14] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [708904 2018-05-08] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\Default\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\The Darkside\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [1112960 2018-03-14] (McAfee Inc.)
HKU\The Darkside\...\Run: [uTorrent] => C:\Users\The Darkside\AppData\Roaming\uTorrent\uTorrent.exe [1984184 2018-06-27] (BitTorrent Inc.)
HKU\The Darkside\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3205408 2018-07-24] (Valve Corporation)
HKU\The Darkside\...\Run: [Chromium] => c:\users\the darkside\appdata\local\chromium\application\chrome.exe [829440 2017-02-14] (The Chromium Authors)
HKU\The Darkside\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\The Darkside\...\Run: [AdobeBridge] => [X]
HKU\The Darkside\...\Run: [elicited] => "C:\Program Files (x86)\Nuova\Carbide.exe" edaz
HKU\The Darkside\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE [170024 2018-07-30] (Microsoft Corporation)
HKU\The Darkside\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1588568 2018-06-22] (Google Inc.)
Startup: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-03-10]
ShortcutTarget: MEGAsync.lnk -> C:\windows\system32\config\systemprofile\AppData\Local\MEGAsync\MEGAsync.exe (No File)
Startup: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\psupsu.lnk [2018-06-14]
ShortcutTarget: psupsu.lnk -> C:\Program Files (x86)\cherubini\Maximises.exe ()
Startup: C:\Users\The Darkside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-06-17]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"HKLM\System\ControlSet001\Services\dhknqu" => removed successfully
"HKLM\System\ControlSet001\Services\fimpsv" => removed successfully
"HKLM\System\ControlSet001\Services\jmptwz" => removed successfully
"HKLM\System\ControlSet001\Services\kpslmw" => removed successfully
C:\Windows\System32\drivers\wmddhknq.sys => moved successfully
"HKLM\System\ControlSet001\Services\mqtwzd" => removed successfully
"HKLM\System\ControlSet001\Services\svycfi" => removed successfully
"HKLM\System\ControlSet001\Services\uxadhk" => removed successfully
"HKLM\System\ControlSet001\Services\wadgkn" => removed successfully
"HKLM\System\ControlSet001\Services\wzdgjm" => removed successfully
C:\Users\The Darkside\AppData\Local\pscwikv\nvrczgm.exe => moved successfully
C:\Users\The Darkside\AppData\Local\pscwikv\pscwikv.exe => moved successfully
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1388920 2018-05-08] (Autodesk Inc.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)
S2 AESMService; c:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3723400 2016-04-14] (Intel Corporation)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S4 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\68.0.3440.11\remoting_host.exe [72536 2018-05-31] (Google Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8851496 2018-07-22] (Microsoft Corporation)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
S2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-05-02] (Dell Inc.)
S2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
S2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [124568 2018-04-19] (Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9872688 2018-07-04] (EnigmaSoft Limited)
S2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation)
S4 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2018-06-14] (AO Kaspersky Lab)
S3 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [314368 2018-03-06] (AnchorFree Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.766\McCHSvc.exe [405392 2018-07-11] (McAfee, Inc.)
S3 PDFescape Desktop; C:\Program Files\PDFescape Desktop\ws.exe [2343728 2017-07-13] (Red Software)
S2 PDFescape Desktop Creator; C:\Program Files\PDFescape Desktop\creator-ws.exe [757552 2017-07-13] (Red Software)
S2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [46632 2017-04-17] (Dell)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-06-29] (Realtek Semiconductor)
S2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [538416 2018-07-04] (EnigmaSoft Limited)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
S2 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [281232 2016-09-05] (Paltiosoft Inc.)
S2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [882496 2018-03-06] (Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-30] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-30] (Microsoft Corporation)
S2 Dell Hardware Support; "C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\DSAPI.exe" [X]
S4 windowsmanagementservice; windowsmanagementservice [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\Windows\System32\drivers\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
S3 athr; C:\Windows\System32\drivers\athw10x.sys [4320176 2017-05-02] (Qualcomm Atheros Communications, Inc.)
S3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [608656 2016-11-27] (Qualcomm)
S0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
S3 debutfilter; C:\Windows\system32\DRIVERS\debutfilterx64.sys [34512 2018-04-29] ()
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corp.)
S3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-12] (Intel Corporation)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2018-05-20] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-10-07] (Disc Soft Ltd)
S3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [61624 2018-07-31] (EnigmaSoft Limited)
S3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-12] (Intel Corporation)
S3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-15] (Intel Corporation)
S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-09-30] (AO Kaspersky Lab)
S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2018-06-14] (AO Kaspersky Lab)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [120008 2018-06-14] (AO Kaspersky Lab)
S2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29816 2016-10-13] (AO Kaspersky Lab)
S3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [207560 2018-06-14] (AO Kaspersky Lab)
S1 klhk; C:\Windows\System32\drivers\klhk.sys [1191616 2018-06-14] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [180984 2018-07-03] (AO Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1057992 2018-06-14] (AO Kaspersky Lab)
S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-06-14] (AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-06-22] (AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
S3 kltap; C:\Windows\System32\drivers\kltap.sys [52152 2016-06-06] (The OpenVPN Project)
S0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [236488 2018-06-14] (AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2018-06-14] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [258864 2018-06-14] (AO Kaspersky Lab)
S0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [109248 2018-06-14] (AO Kaspersky Lab)
S3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [177848 2018-06-14] (AO Kaspersky Lab)
S1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [93888 2018-06-14] (AO Kaspersky Lab)
S1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [141000 2018-06-14] (AO Kaspersky Lab)
S1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199392 2018-06-14] (AO Kaspersky Lab)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [58792 2017-03-05] (Visicom Media Inc.)
S1 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-11] (Malwarebytes)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (Visicom Media Inc.)
S2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2015-08-21] (Riverbed Technology, Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [946696 2016-09-29] (Realtek )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [436224 2016-12-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [53440 2018-05-29] ()
S3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-05-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313384 2018-05-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-30] (Microsoft Corporation)
S4 eghmzki; System32\drivers\zaixshro.sys [X]
S3 jnqtxa; system32\drivers\qtwadg.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-31 03:56 - 2018-07-31 04:10 - 000000000 ____D C:\Users\The Darkside\Downloads\DP-0.5.1-pc
2018-07-31 03:54 - 2018-07-31 03:56 - 1645856842 _____ C:\Users\The Darkside\Downloads\DP-0.5.1-win&linux.zip
2018-07-31 02:24 - 2017-12-26 05:49 - 000000000 ____D C:\Users\The Darkside\Downloads\All Our Secrets
2018-07-31 02:24 - 2017-10-16 18:16 - 000000000 ____D C:\Users\The Darkside\Downloads\[TheDude3DX] Brunettes Do It Better
2018-07-31 02:23 - 2018-07-31 02:23 - 157831567 _____ C:\Users\The Darkside\Downloads\Brunettes_Do_It_Better.rar
2018-07-31 01:28 - 2018-07-31 01:28 - 218132198 _____ C:\Users\The Darkside\Downloads\All Our Secrets.rar
2018-07-30 18:29 - 2018-03-14 09:05 - 000000000 ____D C:\Users\The Darkside\Downloads\Vis Major Awakening - 14Mar2018 - WIN
2018-07-30 18:25 - 2018-07-30 18:26 - 751075016 _____ C:\Users\The Darkside\Downloads\Vis Major Awakening - 29Jul2018 - WIN.7z
2018-07-30 11:01 - 2018-07-30 11:01 - 536071558 _____ C:\Users\The Darkside\Downloads\WickedChoices-v0.5.1.X-to-v0.5.2.0-pc.zip
2018-07-30 10:54 - 2018-07-30 10:54 - 031721045 _____ C:\Users\The Darkside\Downloads\WickedChoices-Update-v0.5.1.0-to-v0.5.1.1.zip
2018-07-30 10:25 - 2018-07-30 10:25 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Cyndy_EA_01
2018-07-30 10:13 - 2018-07-30 10:13 - 272736161 _____ C:\Users\The Darkside\Downloads\Cyndy_a_porn_adventure_EA_01.rar
2018-07-30 01:46 - 2018-07-30 02:10 - 621535978 _____ C:\Users\The Darkside\Downloads\Captured_by_Dark_Elves_Ep_1_HQ.rar
2018-07-29 18:44 - 2018-07-29 18:44 - 1645851919 _____ C:\Users\The Darkside\Downloads\DP-0.5-win&linux.zip
2018-07-29 17:18 - 2018-07-30 19:28 - 000000000 ____D C:\Users\The Darkside\Downloads\SoulOfThePaintings-0.5-pc
2018-07-29 16:42 - 2018-07-29 16:42 - 948280549 _____ C:\Users\The Darkside\Downloads\SoulOfThePaintings-0.5-pc.zip
2018-07-29 16:06 - 2018-07-30 02:27 - 000000000 ____D C:\Users\The Darkside\Downloads\Lust_and_Power-1.5-pc
2018-07-29 16:05 - 2018-07-29 17:20 - 000000000 ____D C:\Users\The Darkside\Downloads\My_Best_Friends_Family-007-pc
2018-07-29 16:04 - 2018-07-29 16:17 - 000000000 ____D C:\Users\The Darkside\Downloads\ANewHome-0.7-pc
2018-07-29 15:58 - 2018-07-29 15:58 - 794837252 _____ C:\Users\The Darkside\Downloads\Lust_and_Power-1.5 (pc).zip
2018-07-29 15:10 - 2018-07-29 15:11 - 501131556 _____ C:\Users\The Darkside\Downloads\My_Best_Friends_Family-007-pc.zip
2018-07-29 15:03 - 2018-07-29 15:03 - 723015289 _____ C:\Users\The Darkside\Downloads\ANewHome-0.7-pc.zip
2018-07-29 14:29 - 2018-07-29 14:30 - 007674104 _____ (Microsoft Corporation) C:\Users\The Darkside\Downloads\msttsl.exe
2018-07-29 13:39 - 2018-07-29 13:40 - 000000000 ____D C:\Users\The Darkside\Desktop\Puerto Rico
2018-07-28 22:32 - 2018-07-28 22:32 - 908151628 _____ C:\Users\The Darkside\Downloads\familytherapy-020.rar
2018-07-28 21:54 - 2018-07-31 03:10 - 000000000 ____D C:\Users\The Darkside\Downloads\Melody-0.04-pc
2018-07-28 21:33 - 2018-07-28 21:33 - 1255713290 _____ C:\Users\The Darkside\Downloads\Melody-004-pcExtras.zip
2018-07-28 10:49 - 2018-07-28 11:08 - 000000000 ____D C:\Users\The Darkside\Downloads\Oakwood Academy of Spells and Sorcery
2018-07-28 08:28 - 2018-07-28 08:28 - 797027787 _____ C:\Users\The Darkside\Downloads\SpellsnSor.rar
2018-07-28 08:28 - 2018-07-28 08:28 - 000000648 _____ C:\Users\The Darkside\Downloads\Patch_15.zip
2018-07-28 07:38 - 2018-07-28 11:14 - 000000000 ____D C:\Users\The Darkside\Downloads\Milf's Villa
2018-07-28 07:37 - 2018-07-28 07:37 - 2681687370 _____ C:\Users\The Darkside\Downloads\Milf's Villa v1.0 Final (f95zone).7z
2018-07-27 23:29 - 2018-07-28 03:46 - 000000000 ____D C:\Users\The Darkside\Downloads\Main_seduction-0.13-pc
2018-07-27 22:45 - 2018-07-27 22:46 - 000000000 ____D C:\Users\The Darkside\Downloads\FILF-0.6.1_BETA-pc
2018-07-27 21:22 - 2018-07-27 21:22 - 682347268 _____ C:\Users\The Darkside\Downloads\FILF-0.6.1_BETA-pc.rar
2018-07-27 20:34 - 2018-07-31 01:30 - 000000000 ____D C:\Users\The Darkside\Downloads\TheSecret-0.1.2.2-pc
2018-07-27 20:33 - 2018-07-27 20:33 - 2655000965 _____ C:\Users\The Darkside\Downloads\TheSecret-0.1.2.2-pc.zip
2018-07-27 18:43 - 2018-07-27 19:08 - 000000000 ____D C:\Users\The Darkside\Downloads\MythicManor-0.5.1-pc
2018-07-27 18:24 - 2018-07-27 18:24 - 938158556 _____ C:\Users\The Darkside\Downloads\MythicManor-051-pc.zip
2018-07-27 17:46 - 2018-07-30 02:09 - 000000000 ____D C:\Users\The Darkside\Downloads\ThePromise-0.05-pc
2018-07-27 17:45 - 2018-07-27 17:45 - 1213529626 _____ C:\Users\The Darkside\Downloads\ThePromise-0.05-pclinux.zip
2018-07-27 16:02 - 2018-07-31 03:14 - 000000000 ____D C:\Users\The Darkside\Downloads\ActingLessons-0.4.0-pc
2018-07-27 15:55 - 2018-07-27 15:57 - 1765119113 _____ C:\Users\The Darkside\Downloads\ActingLessons-040-Extras-pc-lin.zip
2018-07-27 15:31 - 2018-07-03 14:41 - 000000000 ____D C:\Users\The Darkside\Downloads\GtO Version 0.14 Win
2018-07-27 15:30 - 2018-07-27 15:31 - 741985284 _____ C:\Users\The Darkside\Downloads\GtO Version 0.14 Win.rar
2018-07-26 20:41 - 2018-07-26 20:41 - 623972432 _____ C:\Users\The Darkside\Downloads\WhereTheHeartIs-Ep6-pc.zip
2018-07-26 15:33 - 2018-07-27 15:15 - 000000000 ____D C:\FRST
2018-07-26 15:32 - 2018-07-28 10:37 - 000000000 ____D C:\Users\The Darkside\Desktop\FarBar
2018-07-26 13:51 - 2018-07-26 13:53 - 000000000 ____D C:\Users\The Darkside\Downloads\Rent Control Master Early Test V1.7
2018-07-26 13:19 - 2018-07-27 15:37 - 000000000 ____D C:\Users\The Darkside\Downloads\UnexpectedAdventure-Chapter2-pc
2018-07-26 12:37 - 2018-07-26 12:37 - 1049722895 _____ C:\Users\The Darkside\Downloads\Rent Control Master Early Test V1.7.zip
2018-07-26 12:26 - 2018-07-26 12:26 - 540738975 _____ C:\Users\The Darkside\Downloads\UnexpectedAdventure-Chapter2-pc.zip
2018-07-26 10:54 - 2018-07-26 10:54 - 000000000 ____D C:\Users\The Darkside\Downloads\The_way
2018-07-26 10:51 - 2018-07-26 10:52 - 838000196 _____ C:\Users\The Darkside\Downloads\TheWay-12pc.zip
2018-07-26 07:33 - 2018-07-26 10:32 - 000000000 ____D C:\Users\The Darkside\Downloads\Houseoflove-1.4-pc
2018-07-26 03:17 - 2017-12-26 05:49 - 000000000 ____D C:\Users\The Darkside\Downloads\An Ode To Pretty Girls
2018-07-26 02:47 - 2018-07-26 02:47 - 069737734 _____ C:\Users\The Darkside\Downloads\An Ode To Pretty Girls.rar
2018-07-25 20:55 - 2018-07-24 17:20 - 000000000 ____D C:\Users\The Darkside\Downloads\Brain Damaged v0.5n fix v1
2018-07-25 20:35 - 2018-07-25 23:47 - 000000000 ____D C:\Users\The Darkside\Downloads\GermanGirl-1.0-pc
2018-07-25 10:54 - 2017-10-16 04:36 - 000000000 ____D C:\Users\The Darkside\Downloads\InstantIncest.com
2018-07-25 06:03 - 2018-07-25 06:03 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\RoyalCandy
2018-07-25 05:04 - 2018-07-25 05:04 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Kernis_not_existing_company
2018-07-25 05:01 - 2018-07-25 09:32 - 000000000 ____D C:\Users\The Darkside\Downloads\Starship-Inanna-6.0-pc
2018-07-25 05:01 - 2018-07-25 05:02 - 000000000 ____D C:\Users\The Darkside\Downloads\No_More_secrets
2018-07-25 03:42 - 2018-07-25 03:49 - 000000000 ____D C:\Users\The Darkside\Downloads\SummertimeSaga-0.16.0-pc
2018-07-24 21:58 - 2018-07-25 04:51 - 000000000 ____D C:\Users\The Darkside\Downloads\DarkSeedChronicles_1.3.0-PUBLIC-pc
2018-07-24 18:15 - 2018-07-24 18:15 - 000000374 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2018-07-24 18:02 - 2018-07-24 20:18 - 000000000 ____D C:\Users\The Darkside\Downloads\BattleoftheBulges-0.4-pc
2018-07-23 23:55 - 2018-07-24 03:01 - 000000000 ____D C:\Users\The Darkside\Downloads\TheIntoxicatingFlavorENG-0.1.7-pc
2018-07-23 23:10 - 2018-07-23 23:10 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Neo X City
2018-07-23 21:36 - 2018-07-23 22:49 - 000000000 ____D C:\Users\The Darkside\Downloads\LifewithMary-0.25-pc
2018-07-23 21:34 - 2018-07-23 21:34 - 000000000 ____D C:\Users\The Darkside\Downloads\REVOLT_v011_PC
2018-07-23 20:44 - 2018-07-23 20:45 - 361512627 _____ C:\Users\The Darkside\Downloads\REVOLT_v011_PC.zip
2018-07-23 19:09 - 2018-07-23 19:09 - 291702529 _____ C:\Users\The Darkside\Downloads\Quickie.zip
2018-07-23 18:18 - 2018-07-23 18:18 - 000014678 _____ C:\Users\The Darkside\Downloads\69877_AATOFL_alpha__V0.6.torrent
2018-07-22 20:49 - 2018-07-24 03:00 - 000000000 ____D C:\Users\The Darkside\Downloads\WelcomeToTemptation-0.3-pc
2018-07-22 20:48 - 2018-07-22 20:48 - 129238234 _____ C:\Users\The Darkside\Downloads\WelcomeToTemptation-0.3-pc.zip
2018-07-22 20:42 - 2018-07-22 20:42 - 1141704118 _____ C:\Users\The Darkside\Downloads\TheIntoxicatingFlavorENG-0.1.7-pc.zip
2018-07-22 20:18 - 2018-07-24 22:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Second_happiness-1.6-all
2018-07-22 18:45 - 2018-07-23 19:00 - 000000000 ____D C:\Users\The Darkside\Downloads\Cohabitation
2018-07-22 18:44 - 2018-07-22 18:47 - 000000000 ____D C:\Users\The Darkside\Downloads\seeds-of-chaos-0.2.34-pc
2018-07-22 12:15 - 2018-07-21 12:00 - 000000000 ____D C:\Users\The Darkside\Downloads\Living with Mia Act3 v1.2b - INCETON
2018-07-22 07:28 - 2018-07-22 07:28 - 228322853 _____ C:\Users\The Darkside\Downloads\seeds-of-chaos-0.2.34-dev-pc.zip
2018-07-22 06:09 - 2018-07-22 06:09 - 036149548 _____ C:\Users\The Darkside\Downloads\HardcorePink-03-06-2017-Patreon-Tier5-Extras.zip
2018-07-22 06:04 - 2018-07-22 06:04 - 129319026 _____ C:\Users\The Darkside\Downloads\The_Lake_House_Part1_MAX_PDF_0_0_1_0.pdf
2018-07-22 04:04 - 2018-07-30 21:16 - 000000000 ____D C:\Users\The Darkside\Downloads\DreamsofDesire-TheLostMemories-CH1-ELITE-1.0-pc
2018-07-21 23:15 - 2018-07-21 23:17 - 000000000 ____D C:\Users\The Darkside\Downloads\EyeoftheStorm-Chapters_1_and_2-pc
2018-07-21 22:30 - 2018-07-22 00:47 - 000000000 ____D C:\Users\The Darkside\Downloads\SOS-TheStepmother-Ch.1-1.01-pc
2018-07-21 18:17 - 2018-07-21 18:18 - 000000000 ____D C:\Users\The Darkside\Downloads\The_Pleasuremancer-pc
2018-07-21 11:52 - 2018-07-21 12:25 - 000000000 ____D C:\Users\The Darkside\Downloads\TorridTales-0.2.7-pc
2018-07-21 11:49 - 2018-07-21 11:49 - 000000000 ____D C:\Users\The Darkside\Downloads\Olympus_Comics
2018-07-21 11:40 - 2018-07-21 11:40 - 257770882 _____ C:\Users\The Darkside\Downloads\Olympus_Free-Pack.zip
2018-07-21 10:14 - 2018-07-21 10:14 - 047123899 _____ C:\Users\The Darkside\Downloads\tt_extras.7z
2018-07-21 06:24 - 2018-07-21 06:25 - 759881261 _____ C:\Users\The Darkside\Downloads\TorridTales-0.2.7-pc.zip
2018-07-21 06:07 - 2018-07-21 06:07 - 000000646 _____ C:\Users\The Darkside\Downloads\tt_i_patch.zip
2018-07-21 05:35 - 2018-07-21 05:46 - 000000000 ____D C:\Users\The Darkside\Downloads\Man of the House [v0.7.9] BUGFixed + IC Patch
2018-07-21 05:34 - 2018-07-21 05:34 - 000006305 _____ C:\Users\The Darkside\Downloads\137988_Man_of_the_House_v0.7.9_BUGFixed__IC_Patch (1).torrent
2018-07-21 05:13 - 2018-07-21 05:13 - 001216702 _____ C:\Users\The Darkside\Downloads\manofthehouse_savegames.zip
2018-07-21 05:08 - 2018-07-21 05:08 - 000243929 _____ C:\Users\The Darkside\Downloads\114490_Man_of_the_house_v0.7.5_extra_Ikarumod_V1.zip
2018-07-21 01:52 - 2018-07-21 01:52 - 000000747 _____ C:\Users\The Darkside\Downloads\137866_mapping_0.7.9.rar
2018-07-20 23:50 - 2018-07-21 00:01 - 000000000 ____D C:\Users\The Darkside\Downloads\HolidayIslands-Episode1-V4-pc
2018-07-20 22:34 - 2018-07-20 22:50 - 000000000 ____D C:\Users\The Darkside\Downloads\GAMBLING_LIFE-v1.0-pc
2018-07-20 12:33 - 2018-07-21 21:29 - 000000000 ____D C:\Users\The Darkside\Downloads\WoL04h
2018-07-20 03:05 - 2018-07-20 03:42 - 000000000 ____D C:\Users\The Darkside\Downloads\OnemorechanceChapterI-0.4-pc
2018-07-19 22:28 - 2018-07-19 22:31 - 000000000 ____D C:\Users\The Darkside\Downloads\Harem_Hotel-v0.2.1-pc
2018-07-19 19:41 - 2018-07-19 21:18 - 000000000 ____D C:\Users\The Darkside\Downloads\TheTyrant-0.4.2-win
2018-07-19 19:41 - 2018-07-19 19:41 - 2492044004 _____ C:\Users\The Darkside\Downloads\TheTyrant-0.4.2-win.zip
2018-07-19 18:11 - 2018-07-19 18:22 - 000000000 ____D C:\Users\The Darkside\Downloads\TheManifest-v.0141-win
2018-07-19 17:04 - 2018-07-19 17:04 - 469397898 _____ C:\Users\The Darkside\Downloads\TheManifest-v.0141-win.zip
2018-07-19 16:38 - 2018-07-19 16:38 - 000443944 _____ C:\Users\The Darkside\Downloads\1a3acfd2-89b9-479a-81fb-baea689b1b0c.tmp
2018-07-19 16:37 - 2018-07-19 16:39 - 000000000 ____D C:\Users\The Darkside\Downloads\PervertedHotel-1.37-win
2018-07-19 05:15 - 2018-07-19 15:49 - 000000000 ____D C:\Users\The Darkside\Downloads\BT_The_Manor_0.061_NoRTP
2018-07-19 05:15 - 2018-07-19 05:15 - 100638373 _____ C:\Users\The Darkside\Downloads\BT_The_Manor_0.061_NoRTP.rar
2018-07-18 21:26 - 2018-07-18 21:55 - 000000000 ____D C:\Users\The Darkside\Downloads\BastardGirls-0.1.1-pc
2018-07-18 18:18 - 2018-07-18 18:19 - 1041325314 _____ C:\Users\The Darkside\Downloads\Fleeting Iris v0.87.7z
2018-07-18 17:16 - 2018-07-18 17:16 - 656644024 _____ C:\Users\The Darkside\Downloads\SL-0.10-Extra Scenes Edition (PC).zip
2018-07-18 17:07 - 2018-07-18 17:07 - 000002011 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2018-07-18 17:06 - 2018-07-22 16:23 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-07-18 14:56 - 2018-07-18 15:47 - 000000000 ____D C:\Users\The Darkside\Downloads\Intimate_relations-0.45-pc
2018-07-18 12:47 - 2018-07-18 12:50 - 000000000 ____D C:\Users\The Darkside\Downloads\FreeloadingFamily-0.9-pc
2018-07-18 12:47 - 2018-07-18 12:47 - 347333891 _____ C:\Users\The Darkside\Downloads\FreeloadingFamily-0.9-pc - Gallery Fully Unlocked.zip
2018-07-16 12:28 - 2018-07-16 12:28 - 000000000 ____D C:\Users\The Darkside\Downloads\Private Community Win 0.0.65
2018-07-15 18:15 - 2018-07-26 20:44 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\uTorrent
2018-07-15 18:09 - 2018-07-15 18:13 - 1415345561 _____ C:\Users\The Darkside\Downloads\Timestamps 0.4.2 (1).zip
2018-07-15 18:09 - 2018-07-15 18:11 - 000000000 ____D C:\Users\The Darkside\Downloads\TS_4.2
2018-07-15 17:48 - 2018-07-15 18:09 - 1415345561 _____ C:\Users\The Darkside\Downloads\Timestamps 0.4.2.zip
2018-07-14 20:48 - 2018-07-14 20:48 - 333225333 _____ C:\Users\The Darkside\Downloads\Sylvia_MB_201806-win.zip
2018-07-14 20:15 - 2018-07-14 20:15 - 013124876 _____ C:\Users\The Darkside\Downloads\InheritanceA17CHEAT.zip
2018-07-14 01:13 - 2018-07-14 01:15 - 000000000 ____D C:\Users\The Darkside\Downloads\LewdIsland-day5-pc
2018-07-14 01:08 - 2018-07-14 01:42 - 000000000 ____D C:\Users\The Darkside\Downloads\HighRiseClimb-0.305-pc
2018-07-13 19:58 - 2018-07-13 19:58 - 270262213 _____ C:\Users\The Darkside\Downloads\Star_Channel_34-pc-c1d3e2ddF5xz4.zip
2018-07-13 19:00 - 2018-07-13 19:03 - 000000000 ____D C:\Users\The Darkside\Downloads\SanguineRose-2.2.0-pc
2018-07-13 19:00 - 2018-07-13 19:00 - 522508059 _____ C:\Users\The Darkside\Downloads\SanguineRose-2.2.0-pc.zip
2018-07-13 11:26 - 2018-07-13 11:35 - 000000000 ____D C:\Users\The Darkside\Downloads\LancasterBoardingHouse-1.4-pc
2018-07-12 19:35 - 2018-07-12 19:35 - 2898414117 _____ C:\Users\The Darkside\Downloads\Mercenary-Episode2-V1-Win-En.rar
2018-07-12 18:25 - 2018-07-12 18:25 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\VincenzoM
2018-07-12 18:17 - 2018-07-12 18:17 - 242626036 _____ C:\Users\The Darkside\Downloads\Puzzled Life 3.5 IC.rar
2018-07-12 17:45 - 2018-07-12 17:47 - 000000000 ____D C:\Users\The Darkside\Downloads\HighSchoolCrushSimulator-0.3-pc
2018-07-12 11:37 - 2018-07-07 13:46 - 000000000 ____D C:\Users\The Darkside\Downloads\Chloe18V031Patrons
2018-07-11 14:50 - 2018-07-11 14:50 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Viktor Black
2018-07-11 14:39 - 2018-07-11 14:39 - 000002237 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-07-11 13:56 - 2018-07-11 14:18 - 000000000 ____D C:\Users\The Darkside\Downloads\StrangeNights_0.02a-v0.02a-pc
2018-07-11 12:33 - 2018-07-11 12:33 - 000253664 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys
2018-07-11 12:24 - 2018-07-11 13:31 - 000000000 ____D C:\Users\The Darkside\Downloads\IndecentDesires-Chapter3-pc
2018-07-11 10:25 - 2018-07-11 10:50 - 000000000 ____D C:\Users\The Darkside\Downloads\WhereTheHeartIs-0.07a-pc
2018-07-10 21:26 - 2018-07-10 21:28 - 000000000 ____D C:\Users\The Darkside\Downloads\TheWay-pc
2018-07-10 20:44 - 2018-07-10 20:44 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\SFMFuntime
2018-07-10 18:40 - 2018-07-10 22:17 - 000001178 _____ C:\Users\The Darkside\Desktop\DAZ Studio 4.10 (64-bit).lnk
2018-07-10 16:35 - 2018-07-10 16:35 - 000008864 _____ C:\Users\The Darkside\Downloads\121815_Universal_Cheat_Mod_V9.rar
2018-07-10 15:13 - 2018-07-10 15:13 - 000000000 ____D C:\Program Files (x86)\ADRIFT
2018-07-10 15:08 - 2018-07-10 15:08 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Downloaded Installations
2018-07-10 15:07 - 2018-07-10 15:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Adrift
2018-07-10 11:40 - 2018-07-10 11:47 - 000000000 ____D C:\Users\The Darkside\Downloads\MLS_0.3.5_win
2018-07-10 11:25 - 2018-07-10 11:25 - 431072520 _____ C:\Users\The Darkside\Downloads\MLS_0.3.5_win+w.rar
2018-07-09 23:15 - 2018-07-10 10:32 - 000000000 ____D C:\Users\The Darkside\Downloads\SWINGERFAMILY-0.05a-market
2018-07-09 22:40 - 2018-07-09 22:40 - 000003144 _____ C:\Windows\System32\Tasks\SmartByte Telemetry
2018-07-09 22:38 - 2018-07-09 22:40 - 000000000 ____D C:\ProgramData\RivetNetworks
2018-07-09 22:38 - 2018-07-09 22:38 - 000000000 ____D C:\Program Files\Rivet Networks
2018-07-09 20:12 - 2018-07-30 02:26 - 000000000 ____D C:\Users\The Darkside\AppData\Local\User Data
2018-07-09 20:12 - 2018-07-09 20:12 - 000000000 ____D C:\Users\The Darkside\AppData\Local\nwjs
2018-07-09 18:15 - 2018-07-05 10:43 - 003253345 _____ C:\Users\The Darkside\Downloads\Willy D savegames 022.exe
2018-07-09 18:15 - 2018-07-04 07:12 - 000093259 _____ C:\Users\The Darkside\Downloads\Adventures of willy D Walktrough 022.txt
2018-07-09 18:02 - 2018-07-09 18:12 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Adventures of Willy D 022
2018-07-09 12:23 - 2018-07-09 17:30 - 000000000 ____D C:\Users\The Darkside\Downloads\HaremCollector_v0352
2018-07-09 08:41 - 2018-07-09 08:41 - 515521498 _____ C:\Users\The Darkside\Downloads\HaremCollector_v0352.exe
2018-07-09 04:38 - 2018-07-09 04:38 - 000000000 ____D C:\Users\The Darkside\.designer
2018-07-09 02:46 - 2018-07-09 02:46 - 000000000 ____D C:\Users\The Darkside\Downloads\Blorb
2018-07-09 02:12 - 2018-07-09 02:14 - 000000000 ____D C:\Users\The Darkside\Downloads\ParadiseFallsEpisode2-1.0-pc
2018-07-08 23:54 - 2018-07-08 23:57 - 000000000 ____D C:\Users\The Darkside\Downloads\SCP_1.0.6
2018-07-08 23:16 - 2018-07-08 23:16 - 000000000 ____D C:\Users\The Darkside\Downloads\SCP Gmod Backup Copy
2018-07-08 21:34 - 2018-07-08 21:34 - 254602737 _____ C:\Users\The Darkside\Downloads\TheBarWetDreams-v10ENG-win.zip
2018-07-08 19:20 - 2018-07-08 19:22 - 1663613436 _____ C:\Users\The Darkside\Downloads\WaifuAcademy-0.4.1b-pc.zip
2018-07-08 09:45 - 2018-07-09 12:26 - 000000000 ____D C:\Users\The Darkside\Downloads\Romancingthekingdom-.60-win
2018-07-08 09:45 - 2018-07-08 09:45 - 1250681002 _____ C:\Users\The Darkside\Downloads\Romancingthekingdom-.60-win.zip
2018-07-08 01:57 - 2018-07-08 02:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Hp10
2018-07-07 20:06 - 2018-07-09 17:51 - 000000000 ____D C:\Users\The Darkside\Downloads\Willy D version 022
2018-07-07 20:04 - 2018-07-04 07:13 - 000018531 _____ C:\Users\The Darkside\Downloads\Willy D version 022.torrent
2018-07-06 19:33 - 2018-07-07 13:33 - 000000000 ____D C:\Users\The Darkside\Downloads\Melody-0.03b-pc
2018-07-06 19:23 - 2018-07-06 19:23 - 916866532 _____ C:\Users\The Darkside\Downloads\Melody-003b-pcExtrasIncluded.zip
2018-07-06 15:05 - 2018-07-06 15:05 - 055851007 _____ C:\Users\The Darkside\Downloads\Online Girl 1.0a16.zip
2018-07-06 10:36 - 2018-07-06 17:24 - 000000000 ____D C:\Users\The Darkside\Downloads\seeds-of-chaos-0.2.33-pc
2018-07-05 15:08 - 2018-07-05 15:39 - 000000000 ____D C:\Users\The Darkside\Downloads\NLWMD-0.1.0b-pc
2018-07-05 08:54 - 2018-07-05 08:54 - 000000000 ____D C:\Program Files (x86)FACEGEN
2018-07-05 08:43 - 2006-06-24 20:18 - 000000000 ____D C:\Users\The Darkside\Desktop\FaceGen v3.1.2
2018-07-05 08:30 - 2018-07-05 08:30 - 000000000 ____D C:\Users\The Darkside\Desktop\ICLONE
2018-07-05 04:39 - 2018-07-05 04:39 - 152829721 _____ C:\Users\The Darkside\Downloads\Daughter For Dessert Ch.10.zip
2018-07-05 04:25 - 2018-07-05 04:25 - 065831619 _____ C:\Users\The Darkside\Downloads\NLWMD-010b-pc.7z
2018-07-04 23:39 - 2018-07-04 23:39 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\GreonoGames
2018-07-04 21:40 - 2016-05-22 21:57 - 000000000 ____D C:\Users\The Darkside\Downloads\VIRTUAL LUST
2018-07-04 21:02 - 2018-07-04 21:02 - 198541817 _____ C:\Users\The Darkside\Downloads\VIRTUAL LUST.rar
2018-07-04 20:55 - 2017-03-26 22:16 - 082999340 _____ C:\Users\The Darkside\Downloads\ATTV3.zip
2018-07-04 19:26 - 2018-07-04 19:26 - 323078218 _____ C:\Users\The Darkside\Downloads\Occultus-0.44-pc.zip
2018-07-04 15:29 - 2018-07-04 15:29 - 000000564 _____ C:\native log.txt
2018-07-04 12:40 - 2018-07-31 01:40 - 000000016 _____ C:\spyhunter.fix.old
2018-07-04 12:37 - 2018-07-04 12:37 - 000000000 ___HD C:\ygeQZbyhCpyJt4aa
2018-07-04 03:43 - 2018-07-31 01:42 - 000061624 _____ (EnigmaSoft Limited) C:\Windows\System32\Drivers\EnigmaFileMonDriver.sys
2018-07-04 03:43 - 2018-07-04 03:43 - 000001057 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2018-07-04 03:43 - 2018-07-04 03:43 - 000000000 ____D C:\sh5ldr
2018-07-04 03:43 - 2018-07-04 03:43 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2018-07-04 03:42 - 2018-07-04 03:42 - 000000000 ____D C:\Program Files\EnigmaSoft
2018-07-04 03:41 - 2018-07-04 03:41 - 005930728 _____ (EnigmaSoft Limited) C:\Users\The Darkside\Desktop\SpyHunter-Installer (1).exe
2018-07-04 03:39 - 2018-07-04 03:40 - 002487488 _____ (Kaspersky Lab) C:\Users\The Darkside\Desktop\startup.exe
2018-07-04 01:47 - 2018-07-24 20:40 - 000000000 ____D C:\Users\The Darkside\Desktop\goppelReports
2018-07-04 01:38 - 2018-07-04 03:56 - 000000814 _____ C:\Users\The Darkside\Desktop\Install Kaspersky Total Security version 18.0.0.405.lnk
2018-07-04 01:38 - 2018-07-04 03:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-07-04 00:33 - 2018-07-04 01:00 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2018-07-04 00:22 - 2018-07-04 02:11 - 000000000 ____D C:\Windows\pss
2018-07-03 23:21 - 2018-07-04 02:32 - 000007605 _____ C:\Users\The Darkside\AppData\Local\resmon.resmoncfg
2018-07-03 22:54 - 2018-07-03 22:54 - 005930728 _____ (EnigmaSoft Limited) C:\Users\The Darkside\Desktop\SpyHunter-Installer.exe
2018-07-03 22:20 - 2018-07-03 22:20 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\The Darkside\Desktop\rkill64-12203.exe
2018-07-03 22:18 - 2018-07-03 22:18 - 007387624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\The Darkside\Desktop\avg_antivirus_free_setup.exe
2018-07-03 22:07 - 2018-07-03 22:07 - 000000000 ____D C:\Users\The Darkside\Downloads\Lily of the Valley v0.9
2018-07-03 08:17 - 2018-07-03 21:37 - 000000001 _____ C:\3pvnidjfhioq822
2018-07-02 03:07 - 2018-07-05 20:41 - 000000000 ____D C:\Users\The Darkside\Downloads\2sides
2018-07-02 03:07 - 2018-07-02 03:07 - 516359137 _____ C:\Users\The Darkside\Downloads\Two Sides - v0.08 - WIN 86x.7z
2018-07-01 12:18 - 2018-07-30 21:22 - 000000000 ____D C:\Users\The Darkside\Downloads\SisterSisterSisterChapter12SE-1.0-pc
2018-07-01 11:39 - 2018-07-03 02:11 - 000000000 ____D C:\Users\The Darkside\Downloads\Babysitter-0.1.3.-win
2018-07-01 11:37 - 2018-07-01 12:17 - 3889395339 _____ C:\Users\The Darkside\Downloads\SisterSisterSisterChapter12SE-1.0-pc.zip
2018-07-01 11:32 - 2018-07-01 11:32 - 010933264 _____ C:\Users\The Darkside\Desktop\bitdefender_windows_ac232bbe-ad4d-4ab6-8f3d-828e0c52ef17.exe
2018-07-01 11:25 - 2018-07-01 11:26 - 010933264 _____ C:\Users\The Darkside\Desktop\bitdefender_windows_dba47e0e-dc99-4bfc-ba40-c2d0fe7cb9c4.exe
2018-07-01 11:15 - 2018-07-01 11:15 - 565014108 _____ C:\Users\The Darkside\Downloads\Babysitter-013-win.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-31 07:56 - 2018-06-19 06:57 - 000000000 ____D C:\Users\The Darkside\AppData\Local\pscwikv
2018-07-31 04:52 - 2018-05-18 08:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-31 04:52 - 2018-04-11 13:04 - 026738688 _____ C:\Windows\System32\config\HARDWARE
2018-07-31 04:52 - 2018-04-11 13:04 - 001048576 _____ C:\Windows\System32\config\BBI
2018-07-31 04:48 - 2017-09-29 12:48 - 000000000 __SHD C:\Users\The Darkside\IntelGraphicsProfiles
2018-07-31 04:44 - 2018-06-14 11:55 - 002890240 _____ C:\Windows\System32\wdavkzlsvc.exe
2018-07-31 04:29 - 2018-04-11 15:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-31 03:56 - 2018-06-14 16:55 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-07-31 03:11 - 2018-06-14 00:06 - 000000000 ____D C:\Users\The Darkside\Downloads\DeepImpact-0.1b-pc
2018-07-31 02:04 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\System32\NDF
2018-07-31 01:57 - 2018-05-09 02:42 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-31 01:45 - 2018-06-14 13:37 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-07-31 01:44 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\AppReadiness
2018-07-31 01:42 - 2018-05-18 07:51 - 000000000 ____D C:\users\The Darkside
2018-07-31 01:38 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-07-31 01:36 - 2018-06-05 13:09 - 000000000 ____D C:\Windows\Minidump
2018-07-31 01:36 - 2018-05-18 07:43 - 000000000 ____D C:\Windows\System32\SleepStudy
2018-07-31 01:35 - 2017-06-23 11:09 - 001853830 ____N C:\Windows\Minidump\073118-101750-01.dmp
2018-07-31 01:32 - 2017-10-06 23:14 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\uTorrent
2018-07-30 23:50 - 2018-04-11 15:30 - 000000000 ____D C:\Windows\CbsTemp
2018-07-30 23:46 - 2018-05-29 07:56 - 000000000 ____D C:\Users\The Darkside\Downloads\LongLiveThePrincess-0.9.0-pc
2018-07-30 23:44 - 2018-04-11 15:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-30 22:38 - 2018-05-18 08:22 - 000004182 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{497F5280-68C0-4D6A-8A18-B21C983A393F}
2018-07-30 21:04 - 2018-04-11 01:23 - 000000000 ____D C:\GIFS
2018-07-30 14:44 - 2017-06-23 11:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-30 11:02 - 2018-06-23 00:37 - 000000000 ____D C:\Users\The Darkside\Downloads\WickedChoices-pc
2018-07-30 10:11 - 2018-06-16 16:55 - 000003958 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1529196833
2018-07-30 10:11 - 2018-06-16 16:53 - 000000000 ____D C:\Program Files\Opera
2018-07-30 02:28 - 2017-10-07 03:45 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\RenPy
2018-07-29 17:59 - 2018-04-12 01:18 - 000000000 ____D C:\Windows\OCR
2018-07-29 17:59 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\System32\en-GB
2018-07-29 14:30 - 2018-04-11 15:36 - 000000000 ____D C:\Windows\INF
2018-07-28 19:06 - 2017-10-05 16:21 - 000000000 ____D C:\Windows\System32\MRT
2018-07-28 18:58 - 2017-10-05 16:21 - 134675576 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2018-07-27 14:47 - 2018-05-18 08:22 - 000004238 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-07-26 20:27 - 2017-11-09 22:43 - 000000000 ___RD C:\Users\The Darkside\3D Objects
2018-07-24 18:17 - 2018-05-18 08:08 - 000840376 _____ C:\Windows\System32\PerfStringBackup.INI
2018-07-24 16:22 - 2018-01-29 15:02 - 000000000 ____D C:\Users\The Darkside\AppData\Local\UnrealEngine
2018-07-23 20:19 - 2018-01-11 12:44 - 000000000 ____D C:\Users\The Darkside\Downloads\Quickie
2018-07-23 17:59 - 2018-04-11 00:42 - 000000000 ____D C:\Users\The Darkside\.gimp-2.8
2018-07-22 06:25 - 2018-02-11 19:29 - 000000000 ____D C:\Users\The Darkside\Downloads\Daugh For Dess
2018-07-22 04:18 - 2017-11-18 10:33 - 000000000 ____D C:\Users\The Darkside\AppData\Local\tyranoscript
2018-07-21 10:10 - 2017-10-30 04:12 - 000000000 ____D C:\Users\The Darkside\AppData\Local\ElevatedDiagnostics
2018-07-18 20:39 - 2018-06-14 12:31 - 000000000 ____D C:\ProgramData\Packages
2018-07-18 17:20 - 2018-06-22 21:00 - 000000000 ____D C:\Users\The Darkside\Downloads\SL-0.10-Extra Scenes Edition (PC)
2018-07-18 17:06 - 2017-10-14 15:20 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-07-18 06:19 - 2018-06-21 03:38 - 000000000 ____D C:\Users\The Darkside\Downloads\Hornstown 1.43
2018-07-16 19:46 - 2018-05-18 08:22 - 000003392 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1049983353-2611485309-1903322672-1001
2018-07-16 19:45 - 2017-09-29 12:55 - 000000000 ___RD C:\Users\The Darkside\OneDrive
2018-07-13 21:19 - 2017-10-30 06:39 - 000000000 ____D C:\Users\The Darkside\Downloads\Star_Channel_34-pc
2018-07-13 18:40 - 2018-06-15 19:58 - 000000000 ____D C:\Users\The Darkside\Downloads\Inheritance A17 CHEAT
2018-07-13 11:13 - 2017-09-29 12:48 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\Adobe
2018-07-13 11:05 - 2018-05-18 08:36 - 000000000 ____D C:\Users\The Darkside\AppData\Local\D3DSCache
2018-07-12 22:04 - 2018-05-18 07:43 - 000431304 _____ C:\Windows\System32\FNTCACHE.DAT
2018-07-11 14:41 - 2017-11-30 17:59 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Packages
2018-07-11 14:40 - 2017-06-23 11:06 - 000000000 ____D C:\ProgramData\PCDr
2018-07-11 14:32 - 2017-10-16 20:17 - 000000000 ____D C:\ProgramData\SupportAssist
2018-07-11 12:33 - 2018-06-07 11:22 - 000152688 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbae64.sys
2018-07-10 22:17 - 2018-05-06 03:52 - 000000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2018-07-10 21:21 - 2017-11-18 09:23 - 000000000 ____D C:\Users\The Darkside\AppData\LocalLow\Unity
2018-07-10 17:47 - 2018-05-18 08:22 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-07-10 15:20 - 2017-12-26 14:32 - 000000000 ____D C:\Users\The Darkside\AppData\Local\Campbell Wild
2018-07-10 10:26 - 2018-04-14 18:35 - 000000000 ____D C:\Users\The Darkside\Downloads\School Dreams Saga (TADS)
2018-07-09 22:34 - 2017-06-23 11:15 - 000000000 ____D C:\ProgramData\Dell
2018-07-09 17:46 - 2018-05-05 23:33 - 000002178 _____ C:\Users\The Darkside\Desktop\DAZ Install Manager.lnk
2018-07-09 09:20 - 2018-06-28 00:35 - 000000000 ____D C:\Users\The Darkside\Desktop\FG_New
2018-07-09 03:26 - 2018-06-04 13:47 - 000000812 _____ C:\Users\The Darkside\Desktop\TK17_Launcher - Shortcut.lnk
2018-07-08 23:55 - 2018-04-17 08:35 - 000000000 ____D C:\Users\The Darkside\Downloads\SCP_SCP_SCP
2018-07-08 20:02 - 2017-10-14 14:56 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\McAfee Safe Connect
2018-07-08 19:58 - 2018-05-18 08:22 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2018-07-05 21:05 - 2017-12-01 06:00 - 000000000 ____D C:\Users\The Darkside\AppData\Local\PlaceholderTileLogoFolder
2018-07-05 16:28 - 2018-06-27 04:05 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\GameDemo
2018-07-05 16:26 - 2018-06-27 04:06 - 000000000 ____D C:\Users\The Darkside\AppData\Roaming\TechDemo
2018-07-04 03:06 - 2018-04-08 04:50 - 000024968 _____ C:\Users\The Darkside\_viminfo
2018-07-03 23:03 - 2018-06-16 14:59 - 000001734 _____ C:\Users\The Darkside\Desktop\Rkill.txt
2018-07-03 21:44 - 2018-06-14 11:17 - 000000000 ____D C:\Program Files (x86)\Deactivate
2018-07-03 07:56 - 2018-05-19 12:12 - 000000000 ____D C:\Users\The Darkside\Documents\Movie Studio 14.0 Platinum Projects
2018-07-02 05:36 - 2018-03-08 14:40 - 000000000 ____D C:\Users\The Darkside\Downloads\Online Girl 1.0a

==================== Known DLLs (Whitelisted) =========================

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2018-06-12 15:51] - [2018-06-08 00:55] - 001160192 _____ (Microsoft Corporation) 107661923943E9DC06ED2713AC5F7753

C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============

==================== Restore Points  =========================

Restore point date: 2018-07-31 03:42

==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 8061.9 MB
Available physical RAM: 6939.68 MB
Total Virtual: 8061.9 MB
Available Virtual: 6931.99 MB

==================== Drives ================================

Drive ? (OS) (Fixed) (Total:917.71 GB) (Free:30.94 GB) NTFS
Drive e: () (Fixed) (Total:0.78 GB) (Free:0.32 GB) NTFS
Drive f: () (Removable) (Total:14.9 GB) (Free:14.9 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

\\?\Volume{8270f1d4-e8ba-41b7-8897-4b4d877bfd62}\ () (Fixed) (Total:0 GB) (Free:0 GB) 
\\?\Volume{95d40c3f-8f0a-488c-af54-e33b4e76a296}\ (DELLSUPPORT) (Fixed) (Total:1.11 GB) (Free:0.53 GB) NTFS
\\?\Volume{b6f573ab-2888-4098-ae37-4e46c9a0c6cc}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A1A267C0)

Partition: GPT.

========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 81BC8066)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)

LastRegBack: 2018-05-18 07:43

==================== End of FRST.txt ============================

FRST.txt

[nasdaq]

Hi,

Your log is clean.

Please run Malwarebytes and clean all items that may be found.

How is the computer running now?

 

[darkside00]

Nasdaq, thank you so much. My computer appears to be back to it's normal functioning status. I know it would idle out every now and then (with the hourglass) and when Windows would start, wireless capabilities were disabled every time. This seems to have been remedied. I really appreciate your time and effort to help me!

                                                                                                                                                                                                                                                                                    

                                                                                               

[nasdaq]

Hi,

Looking good.

Some additional work to do.

Remove these programs in bold via the Control Panel > Programs > Programs and Features.
AnonymizerGadget (HKU\S-1-5-21-1049983353-2611485309-1903322672-1001\...\AnonymizerGadget) (Version: 1 - Jetico lim) <==== ATTENTION
CPUID CPU-Z 1.82.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.82.1 - ) <==== ATTENTION

If still present delete the folder in bodl.
C:\Program Files (x86)\AnonymizerGadget

===

Run Malwarebytes and delete all the items that will be found.

Let me know if all is well.

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread.

Thanks