Jump to content
Seif1993

.tmp popup on every startup

Recommended Posts

Hello, I am currently running a windows 10 and have been getting a pop up, as seen in the screenshot attached, on every startup. It is rooted from C:\Users\PC\AppData\Local\Temp and upon deleting temp files using TFC it will not appear again until the next startup. Please advise on how to get rid of this. 

360 .tmp popup.jpg

Share this post


Link to post
Share on other sites
Hello Seif1993 and welcome to Malwarebytes,

Continue with the following:

If you do not have Malwarebytes installed do the following:

Download Malwarebytes version 3 from the following link:

https://www.malwarebytes.com/mwb-download/thankyou/

Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions....

When the install completes or Malwarebytes is already installed do the following:

Open Malwarebytes, select > "settings" > "protection tab"

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Go back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Click on the Report tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....

Share this post


Link to post
Share on other sites

Please note that these are the temp files that appear on each startup as I have highlighted in the screenshot. There are two startups that happened before I cleaned, which are evident from the timestamps and their corresponding files. Moreover, these files do not get detected or deleted unless I use a temp file cleaner. 341105711_Virus.tmpfiles.thumb.jpg.d4f8a6bd3a0fda16e30ccd6ccfeff832.jpg

Share this post


Link to post
Share on other sites

Also, I did not delete any files associated with Advanced System Care Ultimate that was detected by MalwareBytes as this is the antivirus program I currently use and have been using for years. When I previously deleted the files while cleaning it uninstalled the software. 

Share this post


Link to post
Share on other sites

MalwareBytes Scan Log: 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/6/18
Scan Time: 2:29 PM
Log File: dadae12a-f941-11e8-adbc-d0509926a5e7.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.482
Update Package Version: 1.0.8191
License: Trial

-System Information-
OS: Windows 10 (Build 17134.407)
CPU: x64
File System: NTFS
User: SHELBY\PC

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 433822
Threats Detected: 61
Threats Quarantined: 19
Time Elapsed: 10 min, 15 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 3
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCTRAY.EXE, No Action By User, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCSERVICE.EXE, No Action By User, [3793], [380352],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCAVSVC.EXE, No Action By User, [3793], [396386],1.0.8191

Module: 3
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCTRAY.EXE, No Action By User, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCSERVICE.EXE, No Action By User, [3793], [380352],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCAVSVC.EXE, No Action By User, [3793], [396386],1.0.8191

Registry Key: 9
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASCU_ASCTray_Auto, No Action By User, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{846A0500-CEAA-431B-8F7B-0FDE1AC45425}, Quarantined, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{846A0500-CEAA-431B-8F7B-0FDE1AC45425}, Quarantined, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService11, No Action By User, [3793], [380352],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER, Quarantined, [3793], [580520],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ASCAntivirusSrv, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASCU11_SkipUac_PC, Quarantined, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D6313BA8-DD37-4FA0-9F27-AE9E7FFE8B03}, Quarantined, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D6313BA8-DD37-4FA0-9F27-AE9E7FFE8B03}, Quarantined, [3793], [396386],1.0.8191

Registry Value: 10
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ADVANCED SYSTEMCARE ULTIMATE, No Action By User, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|11, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|12, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|13, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|14, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|39, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|40, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|41, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|47, Quarantined, [3793], [580515],1.0.8191
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IOBIT_MONITOR_SERVER|IMAGEPATH, Quarantined, [3793], [580520],1.0.8191

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 36
PUP.Optional.AdvancedSystemCare, C:\USERS\PC\DESKTOP\Advanced SystemCare Ultimate 11.lnk, No Action By User, [3793], [380338],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCTRAY.EXE, No Action By User, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASCU_ASCTray_Auto, No Action By User, [3793], [380353],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCSERVICE.EXE, No Action By User, [3793], [380352],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\DRIVERS\MONITOR_WIN10_X64.SYS, No Action By User, [3793], [580520],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCAVSVC.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASCU11_SkipUac_PC, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASC.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ANTIVIRUSSETTINGS.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\DOWNCONFIG.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\JUMPLISTDLL.DLL, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\REMINDER.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCANTIVIRUSTIPS.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCINIT.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\FILECOPY.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\RANSOMWARE.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCDOWNLOAD.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\REGISTER.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\DNSPROTECT.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCUPGRADE.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\AUTOSWEEP.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\DISKDEFRAG.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\FEEDBACK.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\SCANNER.DLL, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCANTIVIRUSFIX.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\ASCAVWSC.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\AUTOCARE.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\AUTOUPDATE.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\DISPLAY.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\FIMON.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\REPROCESS.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\ADVANCED SYSTEMCARE ULTIMATE\TASKHELPER.EXE, No Action By User, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\USERS\PC\APPDATA\LOCAL\TEMP\IS-VO2IV.TMP\INSTALLER\SETUP.EXE, Quarantined, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\USERS\PC\APPDATA\LOCAL\TEMP\IS-VO2IV.TMP\SETUP.EXE, Quarantined, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\USERS\PC\APPDATA\LOCAL\TEMP\IS-VO2IV.TMP\FILECOPY.EXE, Quarantined, [3793], [396386],1.0.8191
PUP.Optional.AdvancedSystemCare, C:\USERS\PC\APPDATA\LOCAL\TEMP\IS-VO2IV.TMP\DOWNCONFIG.EXE, Quarantined, [3793], [396386],1.0.8191

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

ADWCleaner Scan Log

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build:    11-26-2018
# Database: 2018-12-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-06-2018
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  15
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

Deleted       HKCU\Software\INSTALLPATH\STATUS
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DD5BD968-4A0A-4618-B49F-D0775552886B}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{83FF609E-CEED-4081-8770-AD3F71AD5613}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E689B003-A85B-4CB4-8926-3C2A73E805B5} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted       HKLM\Software\Classes\CLSID\{D4EF86C3-77D7-4F82-BBB8-6DFFAB6E2D32}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted       pdfsearchengine.org
Deleted       Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5139 octets] - [06/12/2018 01:52:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

 

FRST Scan Log: 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by PC (administrator) on SHELBY (06-12-2018 14:22:51)
Running from C:\Users\PC\Desktop\FRST
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Pro Version 1803 17134.407 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Electronic Arts) F:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes) F:\Program Files (x86)\Anti-Malware\MBAMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Locktime Software) C:\Program Files (x86)\NetLimiter 4\NLSvc.exe
(Thalonet, Inc. (dba Haste)) C:\Program Files\Haste\Haste Esports Accelerator\UserEdgeService.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) F:\Program Files (x86)\Anti-Malware\MBAMWsc.exe
(Malwarebytes) F:\Program Files (x86)\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\Monitor.exe
(Malwarebytes) C:\Users\PC\Downloads\adwcleaner_7.2.5.0.exe
(Beepa P/L) F:\Program Files (x86)\Fraps\fraps.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\RealTimeProtector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Beepa P/L) F:\Program Files (x86)\Fraps\fraps64.dat
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\PS4 Controller\DS4Windows.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\PPUninstaller.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\smBootTime.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\Suo12_StartupManager.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => F:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2018-09-07] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-07] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5608208 2018-10-23] (IObit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7088408 2015-01-22] (Piriform Ltd)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [NetLimiter] => C:\Program Files (x86)\NetLimiter 4\nlclientapp.exe [52656 2015-10-10] (Locktime Software)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe [3703568 2018-08-15] (IObit)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [149504 2018-04-12] (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2015-12-01]
ShortcutTarget: DS4Windows.lnk -> C:\Program Files (x86)\PS4 Controller\DS4Windows.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{554704bb-761d-459e-9f6a-a3600d29fdbd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fbcfbc8f-310f-4428-bbf8-f8ace88c2de0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-11-30] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2018-09-07] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-20] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2018-09-07] (Logitech, Inc.)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2018-03-20] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-20] (Oracle Corporation)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2018-04-17] (IObit)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-09-27] [not signed]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-08-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1745146063-4005962234-3562053907-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://blank/","hxxp://google.com/","hxxps://www.google.com/","hxxp://www.google.com"
CHR NewTab: Default ->  Active:"chrome-extension://ddjdamcnphfdljlojajeoiogkanilahc/pages/newtab.html"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2018-12-06]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-06-09]
CHR Extension: (BetterTTV) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (The New Tab - Customize Your Start Page) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjdamcnphfdljlojajeoiogkanilahc [2018-11-30]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2018-12-06]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-04]
CHR Extension: (Battleship) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjgmfhnanfbghmpcbdfgpigcgdbaggfm [2016-05-13]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (PDF Viewer) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2018-07-09]
CHR Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofgbpoabipfcfjapgnbbjjaenockbdp [2018-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-27]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-06]
CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-20]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-20]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-20]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-20]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-20]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-20]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService11; C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCService.exe [1066256 2018-03-28] (IObit)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ASCAntivirusSrv; C:\Program Files (x86)\Advanced SystemCare Ultimate\ascavsvc.exe [1990928 2018-01-18] (IObit)
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-11-20] (Microsoft Corporation)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [277056 2016-08-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6514752 2016-08-28] (GOG.com)
R2 HasteUEService; C:\Program Files\Haste\Haste Esports Accelerator\UserEdgeService.exe [1516328 2017-05-04] (Thalonet, Inc. (dba Haste))
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2355472 2018-10-19] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc.)
R2 MBAMService; F:\Program Files (x86)\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 nlsvc; C:\Program Files (x86)\NetLimiter 4\NLSvc.exe [322480 2015-10-10] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-10-25] (Electronic Arts)
R2 Origin Web Helper Service; F:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-10-25] (Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [435328 2017-10-10] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [916096 2017-10-17] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-12-04] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-07-15] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4321160 2018-07-19] (Qualcomm Atheros Communications, Inc.)
R3 cpuz138; C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [28392 2018-12-06] (CPUID) <==== ATTENTION
R3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2018-12-06] (CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-18] (ELAN Microelectronic Corp.)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-11-01] (Hewlett-Packard.) [File not signed]
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.) [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-16] (REALiX(tm))
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44032 2018-03-20] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39232 2018-08-14] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40384 2018-03-20] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34048 2018-03-20] (IObit.com)
R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [41920 2018-08-12] (IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [51256 2018-08-27] (IObit.com)
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
S3 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 iobit_monitor_server; C:\Program Files (x86)\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc.)
S3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-12-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-12-06] (Malwarebytes)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Apple Inc.) [File not signed]
R2 nldrv; C:\Program Files (x86)\NetLimiter 4\nldrv.sys [120720 2015-10-10] (Locktime Software)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6992f55a2cc4b209\nvlddmkm.sys [20371952 2018-11-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52728 2018-03-20] (IObit.com)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [43256 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137208 2017-07-16] (Razer, Inc.)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; F:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBus; C:\WINDOWS\System32\drivers\NkVBus.sys [26400 2007-09-05] (Nikon Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-12-04] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-12-04] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-12-04] (Microsoft Corporation)
R4 WinDivert1.2; C:\Program Files\Haste\Haste Esports Accelerator\WinDivert64.sys [37672 2016-10-05] (Basil)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 14:21 - 2018-12-06 14:21 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-12-06 14:21 - 2018-12-06 14:21 - 000003214 _____ C:\WINDOWS\System32\Tasks\FRAPS
2018-12-06 14:21 - 2018-12-06 14:21 - 000003010 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe
2018-12-06 14:03 - 2018-12-06 14:03 - 000002238 _____ C:\Users\PC\Desktop\Advanced SystemCare Ultimate 11.lnk
2018-12-06 13:41 - 2018-12-06 13:41 - 000003112 _____ C:\WINDOWS\System32\Tasks\ASCU_ASCTray_Auto
2018-12-06 13:41 - 2018-12-06 13:41 - 000003092 _____ C:\WINDOWS\System32\Tasks\ASCU11_PerformanceMonitor
2018-12-06 13:41 - 2018-12-06 13:41 - 000002876 _____ C:\WINDOWS\System32\Tasks\ASCU11_SkipUac_PC
2018-12-06 13:41 - 2018-12-06 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2018-12-06 13:40 - 2018-12-06 14:22 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Ultimate
2018-12-06 13:40 - 2018-12-06 13:40 - 096657856 _____ (IObit ) C:\Users\PC\Downloads\asc-ultimate-setup11.2.0.84.exe
2018-12-06 13:38 - 2018-12-06 14:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-06 13:38 - 2018-12-06 13:38 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\131C0D2C.sys
2018-12-06 13:37 - 2018-12-06 13:37 - 014178840 _____ (Malwarebytes Corp.) C:\Users\PC\Downloads\mbar-1.10.3.1001.exe
2018-12-06 13:36 - 2018-12-06 13:36 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-12-06 04:46 - 2018-12-06 04:46 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-SHELBY-Windows-10-Pro-(64-bit).dat
2018-12-06 04:46 - 2018-12-06 04:46 - 000000000 ____D C:\RegBackup
2018-12-06 04:44 - 2018-12-06 04:45 - 000000000 ____D C:\Users\PC\Desktop\Windows Repair Tool
2018-12-06 04:44 - 2018-12-06 04:44 - 037626408 _____ C:\Users\PC\Downloads\tweaking.com_windows_repair_aio.zip
2018-12-06 04:09 - 2018-12-06 04:09 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:09 - 2018-12-06 04:09 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:09 - 2018-12-06 04:09 - 000000940 _____ C:\Users\PC\Downloads\fixlist.txt
2018-12-06 04:09 - 2018-11-16 15:55 - 002864496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-12-06 04:08 - 2018-12-06 04:08 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-10-01 22:47 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-12-06 03:14 - 2018-12-06 03:14 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_399
2018-12-06 02:32 - 2018-12-06 02:41 - 000280336 _____ C:\WINDOWS\ntbtlog.txt
2018-12-06 02:32 - 2018-12-06 02:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-06 02:21 - 2018-12-06 02:21 - 000448512 _____ (OldTimer Tools) C:\Users\PC\Desktop\TempFilecleaner.exe
2018-12-06 02:10 - 2018-12-06 02:11 - 000598516 _____ C:\WINDOWS\Minidump\120618-7140-01.dmp
2018-12-06 02:10 - 2018-12-06 02:10 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-06 01:59 - 2018-12-06 14:06 - 000000952 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-12-06 01:59 - 2018-12-06 02:41 - 000000000 ____D C:\ProgramData\RogueKiller
2018-12-06 01:59 - 2018-12-06 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-12-06 01:59 - 2018-12-06 01:59 - 000000000 ____D C:\Program Files\RogueKiller
2018-12-06 01:57 - 2018-12-06 01:57 - 029094792 _____ (Adlice Software ) C:\Users\PC\Downloads\RogueKiller_setup.exe
2018-12-06 01:51 - 2018-12-06 01:53 - 000000000 ____D C:\AdwCleaner
2018-12-06 01:51 - 2018-12-06 01:51 - 007321808 _____ (Malwarebytes) C:\Users\PC\Downloads\adwcleaner_7.2.5.0.exe
2018-12-06 01:47 - 2018-12-06 14:03 - 000000000 ____D C:\Users\PC\Desktop\FRST
2018-12-06 01:45 - 2018-12-06 14:22 - 000000000 ____D C:\FRST
2018-12-06 01:34 - 2018-12-06 01:34 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2018-12-06 01:23 - 2018-05-02 11:19 - 000185448 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2018-12-06 01:14 - 2018-12-06 13:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-06 01:14 - 2018-12-06 02:05 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-06 01:14 - 2018-12-06 01:14 - 000000895 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-06 01:14 - 2018-12-06 01:14 - 000000000 ____D C:\Users\PC\AppData\Local\mbamtray
2018-12-06 01:14 - 2018-12-06 01:14 - 000000000 ____D C:\Users\PC\AppData\Local\mbam
2018-12-06 01:14 - 2018-12-06 01:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-06 00:42 - 2018-12-06 00:42 - 009379840 _____ C:\Users\PC\NTUSER.rhk
2018-12-06 00:39 - 2018-12-06 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Wise Registry Cleaner
2018-12-06 00:39 - 2018-12-06 00:39 - 000000898 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2018-12-06 00:39 - 2018-12-06 00:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2018-12-06 00:39 - 2018-12-06 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2018-12-06 00:35 - 2018-12-06 00:35 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2018-12-06 00:27 - 2018-12-06 00:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-12-06 00:27 - 2018-12-06 00:27 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-06 00:26 - 2018-12-06 00:45 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-06 00:26 - 2018-12-06 00:28 - 000000805 _____ C:\Users\PC\Desktop\CCleaner.lnk
2018-12-06 00:26 - 2018-12-06 00:26 - 000003930 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-06 00:26 - 2018-12-06 00:26 - 000002858 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-06 00:18 - 2018-12-06 00:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\GlarySoft
2018-12-05 21:18 - 2018-12-05 21:18 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-12-05 01:53 - 2018-12-05 02:04 - 000000000 ____D C:\Users\PC\Heaven
2018-12-05 01:21 - 2018-12-05 01:25 - 000000000 ____D C:\ProgramData\HitmanPro
2018-12-04 18:13 - 2018-12-06 14:21 - 112984064 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-12-04 18:13 - 2018-12-06 14:21 - 003043328 _____ C:\WINDOWS\system32\config\DEFAULT
2018-12-04 18:13 - 2018-12-06 14:21 - 000139264 _____ C:\WINDOWS\system32\config\SAM
2018-12-04 18:13 - 2018-12-06 14:21 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY
2018-12-04 18:13 - 2018-12-04 18:13 - 000000000 ____H C:\asc_rdflag
2018-12-04 17:50 - 2018-12-04 18:13 - 000000000 ____D C:\ProgramData\zVmiMcGqez
2018-12-04 17:42 - 2018-12-04 18:11 - 000000000 ____D C:\Users\PC\AppData\Roaming\aaWlW
2018-12-04 17:42 - 2018-12-04 17:42 - 000000000 ____D C:\ProgramData\inst
2018-12-04 17:41 - 2018-12-04 20:47 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
2018-12-04 12:49 - 2018-12-04 12:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\NVIDIA
2018-12-03 22:30 - 2018-12-03 22:30 - 000002735 _____ C:\Users\PC\Unigine_Valley_Benchmark_1.0_20181203_2229.html
2018-12-03 22:22 - 2018-12-05 22:29 - 002128896 _____ C:\Users\PC\AppData\Local\file__0.localstorage
2018-12-03 22:22 - 2018-12-04 13:31 - 000000000 ____D C:\Users\PC\Valley
2018-12-03 19:28 - 2018-12-03 19:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\IO Interactive
2018-11-30 12:08 - 2018-11-30 12:08 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-11-30 12:03 - 2018-11-17 03:00 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-30 12:03 - 2018-11-17 03:00 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-16 18:19 - 2018-11-16 18:19 - 000000000 ____D C:\Program Files\rempl
2018-11-16 16:57 - 2018-12-04 17:59 - 000000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2018-11-14 23:20 - 2018-11-13 05:44 - 005945144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-11-14 23:20 - 2018-11-13 05:44 - 002611592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-11-14 23:20 - 2018-11-13 05:44 - 001767280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-11-14 23:20 - 2018-11-13 05:44 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-11-14 23:20 - 2018-11-13 05:44 - 000451056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-11-14 23:20 - 2018-11-13 05:44 - 000124112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-11-14 23:20 - 2018-11-13 05:44 - 000083336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-11-14 23:20 - 2018-11-12 18:30 - 008407912 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-11-14 23:19 - 2018-11-14 23:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-11-14 23:19 - 2018-08-04 02:40 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-11-14 23:17 - 2018-11-13 23:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-11-14 23:17 - 2018-11-13 23:05 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-11-14 23:17 - 2018-11-13 23:04 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-11-14 23:17 - 2018-11-13 23:04 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-11-14 23:17 - 2018-11-13 23:04 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-11-14 23:17 - 2018-11-13 23:04 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-11-14 23:17 - 2018-11-13 23:04 - 000552272 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-11-14 23:17 - 2018-11-13 23:04 - 000457328 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-11-14 23:17 - 2018-11-13 23:04 - 000268176 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-11-14 23:17 - 2018-11-13 23:04 - 000268176 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-11-14 23:17 - 2018-11-13 23:03 - 040254240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 035151560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 015908696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 013203400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 004941440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 004313568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 002017736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441694.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 002000000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 001509160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 001468032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441694.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 001457096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 001124648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 000822576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 000750024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 000631776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 000609056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-11-14 23:17 - 2018-11-13 23:03 - 000521672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 019709024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 016986448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 004992328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 004252824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 001471616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 001462216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 001167776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 001152176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 001145912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 000914776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 000794824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-11-14 23:17 - 2018-11-13 23:02 - 000637672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-11-14 23:17 - 2018-11-13 07:23 - 001682896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-11-14 23:17 - 2018-11-13 07:23 - 000227896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-11-14 23:17 - 2018-11-13 07:23 - 000048138 _____ C:\WINDOWS\system32\nvinfo.pb
2018-11-14 23:17 - 2018-11-13 07:23 - 000047384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 002264432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 001322864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-11-14 23:03 - 2018-11-14 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-11-14 23:03 - 2018-10-04 16:33 - 000203760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-11-14 23:03 - 2018-10-04 16:33 - 000179696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-11-14 23:03 - 2018-10-01 19:47 - 000074576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-11-14 22:58 - 2018-11-01 08:47 - 000407244 __RSH C:\bootmgr
2018-11-14 22:58 - 2018-04-12 03:34 - 000000001 ___SH C:\BOOTNXT
2018-11-14 16:36 - 2018-11-01 15:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 16:36 - 2018-11-01 15:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 16:36 - 2018-11-01 15:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 16:36 - 2018-11-01 15:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 16:36 - 2018-11-01 15:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 16:36 - 2018-11-01 15:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 16:36 - 2018-11-01 15:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 16:36 - 2018-11-01 15:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 16:36 - 2018-11-01 15:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 16:36 - 2018-11-01 15:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 16:36 - 2018-11-01 15:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 16:36 - 2018-11-01 15:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 16:36 - 2018-11-01 15:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 16:36 - 2018-11-01 15:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 16:36 - 2018-11-01 15:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 16:36 - 2018-11-01 15:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 16:36 - 2018-11-01 15:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 16:36 - 2018-11-01 15:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 16:36 - 2018-11-01 14:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 16:36 - 2018-11-01 13:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 16:36 - 2018-11-01 13:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 16:36 - 2018-11-01 13:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 16:36 - 2018-11-01 13:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 16:36 - 2018-11-01 13:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 16:36 - 2018-11-01 13:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 16:36 - 2018-11-01 13:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 16:36 - 2018-11-01 11:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 16:36 - 2018-11-01 11:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 16:36 - 2018-11-01 11:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 16:36 - 2018-11-01 11:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 16:36 - 2018-11-01 11:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 16:36 - 2018-11-01 11:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 16:36 - 2018-11-01 11:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 16:36 - 2018-11-01 11:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 16:36 - 2018-11-01 11:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 16:36 - 2018-11-01 11:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 16:36 - 2018-11-01 11:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 16:36 - 2018-11-01 11:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 16:36 - 2018-11-01 11:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 16:36 - 2018-11-01 11:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 16:36 - 2018-11-01 11:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 16:36 - 2018-11-01 11:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 16:36 - 2018-11-01 10:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 16:36 - 2018-11-01 10:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 16:36 - 2018-11-01 09:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 16:36 - 2018-11-01 09:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 16:36 - 2018-11-01 08:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 16:36 - 2018-11-01 08:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 16:36 - 2018-11-01 08:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 16:36 - 2018-11-01 08:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 16:36 - 2018-11-01 08:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 16:36 - 2018-11-01 08:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 16:36 - 2018-11-01 08:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 16:36 - 2018-11-01 08:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 16:36 - 2018-11-01 08:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 16:36 - 2018-11-01 08:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 16:36 - 2018-11-01 08:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-14 16:36 - 2018-10-21 17:04 - 002267448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-14 16:36 - 2018-10-21 17:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-14 16:36 - 2018-10-21 16:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-14 16:36 - 2018-10-21 16:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-14 16:36 - 2018-10-21 16:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-14 16:36 - 2018-10-21 16:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-14 16:36 - 2018-10-21 16:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-14 16:36 - 2018-10-21 16:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-14 16:36 - 2018-10-21 16:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-14 16:36 - 2018-10-21 16:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-14 16:36 - 2018-10-21 15:41 - 001540408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-11-14 16:36 - 2018-10-21 15:41 - 000023056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-14 16:36 - 2018-10-21 15:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-14 16:36 - 2018-10-21 15:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-14 16:36 - 2018-10-21 15:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-14 16:36 - 2018-10-21 15:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-14 16:36 - 2018-10-21 15:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-14 16:36 - 2018-10-21 15:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-14 16:36 - 2018-10-21 15:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-14 16:36 - 2018-10-21 15:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-14 16:36 - 2018-10-21 15:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-14 16:36 - 2018-10-21 13:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:36 - 2018-10-21 12:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:36 - 2018-10-21 11:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-14 16:36 - 2018-10-21 11:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-14 16:36 - 2018-10-21 11:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-14 16:36 - 2018-10-21 11:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-14 16:36 - 2018-10-21 11:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-14 16:36 - 2018-10-21 11:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-14 16:36 - 2018-10-21 11:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-14 16:36 - 2018-10-21 11:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-14 16:36 - 2018-10-21 11:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2018-11-14 16:36 - 2018-10-21 11:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-14 16:36 - 2018-10-21 11:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-14 16:36 - 2018-10-21 11:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-14 16:36 - 2018-10-21 11:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-11-14 16:36 - 2018-10-21 11:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-14 16:36 - 2018-10-21 11:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-14 16:36 - 2018-10-21 11:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-14 16:36 - 2018-10-21 11:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-14 16:36 - 2018-10-21 11:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-14 16:36 - 2018-10-21 11:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-14 16:36 - 2018-10-21 11:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-14 16:36 - 2018-10-21 10:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-14 16:36 - 2018-10-21 10:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-14 16:36 - 2018-10-21 09:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-14 16:36 - 2018-10-21 09:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-14 02:17 - 2018-11-14 02:17 - 000039504 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2018-11-14 02:07 - 2018-11-14 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2018-11-12 21:44 - 2018-11-15 17:36 - 000002339 _____ C:\Users\PC\Desktop\Deezer.lnk
2018-11-12 21:44 - 2018-11-15 17:36 - 000000000 ____D C:\Users\PC\AppData\Roaming\Deezer
2018-11-12 21:44 - 2018-11-12 21:44 - 000002347 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezer.lnk
2018-11-12 18:46 - 2018-11-12 18:46 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2018-11-12 18:14 - 2018-11-12 18:14 - 000000000 ____D C:\Program Files\Bonjour
2018-11-12 18:14 - 2018-11-12 18:14 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-11-11 21:57 - 2018-11-11 21:57 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1745146063-4005962234-3562053907-1001
2018-11-11 21:57 - 2018-11-11 21:57 - 000002361 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 14:21 - 2018-05-16 21:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-06 14:21 - 2018-04-12 03:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-06 14:21 - 2018-04-12 01:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-12-06 14:21 - 2018-03-21 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-06 14:21 - 2015-07-21 07:58 - 000000000 ____D C:\Users\PC\Documents\Assassin's Creed Unity
2018-12-06 13:37 - 2018-05-16 21:41 - 000840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-06 13:37 - 2018-04-12 03:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-06 05:11 - 2018-05-16 21:36 - 000269920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-06 05:11 - 2015-07-15 20:25 - 000000000 ____D C:\WINDOWS\CSC
2018-12-06 04:09 - 2018-03-21 18:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-06 04:09 - 2018-03-21 18:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-06 04:09 - 2018-03-21 18:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-06 04:07 - 2016-01-28 21:12 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2018-12-06 04:01 - 2013-08-22 19:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-12-06 03:50 - 2015-07-16 21:37 - 000000000 ____D C:\Users\PC\Downloads\Applications
2018-12-06 03:14 - 2015-08-20 00:01 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Temp
2018-12-06 02:56 - 2018-04-12 01:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-06 02:31 - 2018-05-16 21:37 - 000000000 ____D C:\Users\PC
2018-12-06 02:23 - 2018-05-16 21:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-06 02:11 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-06 02:10 - 2018-04-15 13:45 - 1107297571 _____ C:\WINDOWS\MEMORY.DMP
2018-12-06 02:00 - 2016-12-03 12:30 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2018-12-06 01:34 - 2015-07-16 17:41 - 000000000 ____D C:\ProgramData\ProductData
2018-12-06 01:20 - 2016-08-28 18:19 - 000000000 ____D C:\Program Files (x86)\Office 2016  KMS Activator
2018-12-06 00:36 - 2018-02-17 08:58 - 000000000 ____D C:\Users\PC\Downloads\GTA V Mods
2018-12-06 00:27 - 2018-04-12 03:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-05 23:06 - 2018-04-01 14:10 - 000000000 ____D C:\ProgramData\CLink4
2018-12-05 22:33 - 2018-05-18 21:33 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2018-12-05 22:21 - 2015-07-16 17:43 - 000000000 ___RD C:\Users\PC\Desktop\OverClockin'
2018-12-05 21:47 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-05 21:22 - 2015-07-16 21:38 - 000000000 ____D C:\Users\PC\Downloads\Overclocking
2018-12-05 20:53 - 2018-04-12 03:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-05 20:50 - 2018-05-16 21:41 - 000004576 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-05 20:49 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-05 20:49 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-04 18:13 - 2018-08-02 17:40 - 112558080 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 005513216 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 003043328 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 000069632 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2018-12-04 18:13 - 2015-07-16 16:57 - 000000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2018-12-04 17:56 - 2018-04-06 13:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-04 17:46 - 2015-07-16 18:15 - 000592416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-04 17:45 - 2017-11-19 01:48 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2018-12-03 22:33 - 2018-03-25 16:06 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2018-12-03 19:27 - 2018-03-25 17:24 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2018-12-03 17:18 - 2015-07-16 18:32 - 000000000 ___RD C:\Users\PC\Desktop\Games
2018-12-02 16:08 - 2015-07-16 22:42 - 000000000 ____D C:\ProgramData\Origin
2018-12-02 13:22 - 2015-07-16 17:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2018-12-02 13:21 - 2017-03-15 12:41 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-12-01 14:17 - 2017-05-15 10:05 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-12-01 14:17 - 2016-07-29 23:58 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2018-12-01 12:39 - 2018-04-12 03:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-30 12:07 - 2015-12-18 17:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-17 10:32 - 2015-07-16 21:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2018-11-16 08:41 - 2015-07-19 13:44 - 000000000 ____D C:\Program Files\Rockstar Games
2018-11-16 08:41 - 2015-07-19 13:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-11-15 23:28 - 2018-03-25 16:04 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-11-14 23:19 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\Help
2018-11-14 22:58 - 2018-10-12 14:31 - 078589952 _____ C:\WINDOWS\system32\config\COMPONENTS.iodefrag.bak
2018-11-14 22:58 - 2015-08-18 23:30 - 000000000 ___RD C:\Users\PC\3D Objects
2018-11-14 22:58 - 2015-08-05 22:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 16:41 - 2015-07-16 23:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 16:40 - 2015-07-16 23:32 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 02:15 - 2018-08-02 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
2018-11-14 02:15 - 2018-08-02 03:44 - 000002912 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (PC)
2018-11-14 02:07 - 2015-07-16 17:41 - 000000000 ____D C:\ProgramData\IObit
2018-11-14 01:43 - 2015-07-17 15:40 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2018-11-12 18:46 - 2016-10-13 23:57 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-11-12 18:46 - 2015-12-19 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-11-11 21:57 - 2015-07-16 17:26 - 000000000 ___RD C:\Users\PC\OneDrive
2018-11-10 16:28 - 2015-07-20 22:25 - 000000000 ____D C:\Users\PC\Documents\The Witcher 3
2018-11-08 14:34 - 2016-08-31 11:56 - 000000000 ____D C:\Users\PC\Documents\Overwatch

==================== Files in the root of some directories =======

2016-08-28 12:38 - 2016-08-28 12:38 - 130403753 _____ () C:\Users\PC\Razer Synapse Tournament Drivers 20160828_1202.exe
2015-07-16 22:55 - 2015-07-16 22:55 - 006420480 _____ () C:\Program Files (x86)\GUT84CB.tmp
2018-02-16 10:54 - 2018-02-16 10:54 - 000000000 _____ () C:\Users\PC\AppData\Roaming\User Loops
2018-12-03 22:22 - 2018-12-05 22:29 - 002128896 _____ () C:\Users\PC\AppData\Local\file__0.localstorage
2018-09-28 22:12 - 2018-09-28 22:12 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
2015-10-19 05:35 - 2015-10-19 05:35 - 000000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg
2015-11-18 15:53 - 2015-11-18 15:53 - 000000000 _____ () C:\Users\PC\AppData\Local\{25481B64-D937-4BC8-B287-02EA2C4949D9}

Some files in TEMP:
====================
2018-12-06 03:35 - 2018-12-06 14:21 - 001639936 _____ (CPUID) C:\Users\PC\AppData\Local\Temp\speccycpuid.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 

 

FRST Addition Log: 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by PC (06-12-2018 14:23:26)
Running from C:\Users\PC\Desktop\FRST
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-16 17:42:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1745146063-4005962234-3562053907-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1745146063-4005962234-3562053907-503 - Limited - Disabled)
Guest (S-1-5-21-1745146063-4005962234-3562053907-501 - Limited - Disabled)
PC (S-1-5-21-1745146063-4005962234-3562053907-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-1745146063-4005962234-3562053907-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Enabled - Up to date) {B0E01426-BAA5-1238-3149-39CD9D517112}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"BioShock Infinite" (HKLM-x32\...\{D081C29C-1DDC-4C55-BCBF-DF8519636331}_is1) (Version: 1.1.25.5165 - )
µTorrent (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 11 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 11.2.0 - IObit)
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version:  - )
APP Shop v1.0.20 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.20 - ASRock Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assassin’s Creed Syndicate version 1.0.0 (HKLM-x32\...\Assassin’s Creed Syndicate_is1) (Version: 1.0.0 - Ubisoft)
Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC (HKLM-x32\...\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1~0EF22208_is1) (Version: Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC - RiP by Fenixx (22.12.2013))
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
A-Tuning v2.0.271 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.271 - ASRock Inc.)
Batman Arkham Origins, версия Complete Edition (HKLM-x32\...\Batman Arkham Origins_is1) (Version: Complete Edition - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.2.0.6 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 Repack (HKLM-x32\...\Borderlands 2_is1) (Version: 1.8.0 - 2K Games, Repack by Joker_RETURNS)
Borderlands The Pre-Sequel version 1.0 (HKLM-x32\...\Borderlands The Pre-Sequel_is1) (Version: 1.0 - GMT-MAX.ORG)
Call of Duty Advanced Warfare Update 2 (HKLM-x32\...\Q2FsbG9mRHV0eUFkdmFuY2VkV2FyZmFyZQ==_is1) (Version: 1 - )
Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - )
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Deezer 0.17.5 (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 0.17.5 - Deezer)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.94 - NVIDIA Corporation) Hidden
DMC Devi May Cry (c) Capcom version 1 (HKLM-x32\...\DMC Devi May Cry (c) Capcom_is1) (Version: 1 - )
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.0.2 - IObit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 Blood Dragon (HKLM-x32\...\Far Cry 3 Blood Dragon_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition (HKLM-x32\...\Far Cry 4 - Gold Edition_is1) (Version: Far Cry 4 - Gold Edition - )
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Haste Esports Accelerator (HKLM\...\{0CE25888-B1A7-425C-8782-EE25F5D03430}) (Version: 0.99.2300 - Haste)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HitFilm 4 Express (HKLM\...\{F8BB3662-69A1-4EF1-8674-ADD90AAD3D08}) (Version: 4.0.5723.10801 - FXHOME)
iBackup Viewer 3.23.1 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
Intel(R) Chipset Device Software (HKLM-x32\...\{da2de8c3-61b9-4b3b-916d-6b2fb2b1a90c}) (Version: 10.0.21 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\{DB179A5E-BDE5-4565-AE14-AA10C64C0572}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.114 - Logitech)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Max Payne 3 (HKLM-x32\...\Max Payne 3_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle-earth Shadow of War v.1.0 (HKLM-x32\...\Middle-earth Shadow of War_is1) (Version:  - )
MiniTool Partition Wizard Professional Edition 8.1.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version:  - MiniTool Solution Ltd.)
NetLimiter 4 (HKLM\...\{A92DB91D-4B0D-4B77-A961-CC446220345B}) (Version: 4.0.15.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.15.0) (Version: 4.0.15.0 - Locktime Software)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Graphics Driver 416.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.94 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 2016  KMS Activator Ultimate v1.2 Final (HKLM\...\Office 2016  KMS Activator Ultimate v1.2 Final_is1) (Version: v1.2 Final - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\OpenIV) (Version: 2.9.1.926 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Project CARS (HKLM-x32\...\Project CARS_is1) (Version: 1.0.1.1 - Релиз от R.G. Steamgames)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAPID Mode (HKLM\...\{34EF1328-6F71-4077-99AA-E44690F42043}) (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.7.5 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RogueKiller version 13.0.15.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.15.0 - Adlice Software)
Ryse - Son of Rome (HKLM-x32\...\Ryse - Son of Rome_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.22.0.0 - GOG.com)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\{41D34B39-34A5-4FBC-94E6-810615A25781}_is1) (Version:  - )
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.02 - Ubisoft)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Registry Cleaner 10.1.3 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.3 - WiseCleaner.com, Inc.)
Wolfenstein - The Old Blood (HKLM-x32\...\Wolfenstein - The Old Blood_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [                    IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2008-07-07] (PowerISO Computing, Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Program Files (x86)\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Program Files (x86)\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {059F1E91-3AF8-499A-85EC-0D5EB74E7E2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {094E40CA-9FA0-4B4C-9429-5F4A7C130A32} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-30] (Microsoft Corporation)
Task: {107F6077-7941-499B-9897-F015F5F6C59F} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {1572ABED-8747-40C5-93B0-E6493FAD9C29} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {1A6C9138-9C9D-49BD-9A8F-09D1F171636F} - System32\Tasks\Driver Booster SkipUAC (PC) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe [2018-09-25] (IObit)
Task: {1BCD583E-0417-4CA5-B675-64F8A549DD8F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-30] (Microsoft Corporation)
Task: {24C96D9F-2113-47D3-8E81-0CACDFCAE53E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-30] (Microsoft Corporation)
Task: {25EA905D-9EFB-4EEE-AF56-9F501B1B54A4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {355DD47D-2CAF-48FD-AF89-C316FB79C7DD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {36827CDB-477B-4457-9C45-2841E7873972} - System32\Tasks\FRAPS => F:\Program Files (x86)\Fraps\fraps.exe [2013-02-26] (Beepa P/L) <==== ATTENTION
Task: {36986958-1771-46DB-B0B6-929D81ECF1D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {37026F39-AAD4-4E94-A280-2B654870A26A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-30] (Microsoft Corporation)
Task: {38A520E1-B576-4AF4-95D0-3CEE9263721F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3B927973-A40C-45BE-8B1B-C8D7E6608981} - System32\Tasks\ASCU11_PerformanceMonitor => C:\Program Files (x86)\Advanced SystemCare Ultimate\Monitor.exe [2018-03-28] (IObit)
Task: {42FFE98D-1199-42A4-A768-9C2ADA831D11} - System32\Tasks\CCleaner Update => F:\Program Files (x86)\CCUpdate.exe <==== ATTENTION
Task: {43F1C8C5-31A1-46D0-A4A1-9C4F97751712} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {452B0ADE-9B6B-4E70-8431-20ECA32D033C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {45C89C0E-0C57-40BE-B33E-EA9098B63816} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {508F6D86-7DB7-4ABC-84E5-4DB35C8CAE9C} - \WPD\SqmUpload_S-1-5-21-1745146063-4005962234-3562053907-1001 -> No File <==== ATTENTION
Task: {5A8B83AC-230D-44C7-9E1C-190964FF002D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {5B4443C3-1DF8-4E6A-8C57-8F70D57C6E62} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {681FFCEC-59AE-48AC-B984-E7267C980B82} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {6966A9FC-04AB-46C4-923F-3C18D66D33CF} - System32\Tasks\CCleanerSkipUAC => F:\Program Files (x86)\CCleaner.exe <==== ATTENTION
Task: {6A475AA1-5AEA-45EA-83C5-8691C7A9CD44} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {70304F5E-EEBD-4A4C-BDC0-22CAB786C59F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7BBAAB8B-F70A-4BF6-B77F-EA61D51890A7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {7C5070C9-1241-4483-96E8-5AC556DD9590} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {846A0500-CEAA-431B-8F7B-0FDE1AC45425} - System32\Tasks\ASCU_ASCTray_Auto => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe [2018-08-15] (IObit)
Task: {879DA368-9E0A-4AAC-B94F-59B55DBC6F2B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {8EFE5D52-8858-4071-827D-1B3306BB3A9A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {912C6E2F-6C4A-4D3B-94B3-2C9BAB481A77} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9CBA99EE-778B-410E-9539-A179262BD785} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-30] (Microsoft Corporation)
Task: {9E3A1A93-A752-432B-8656-7157EFAB553C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {A3FB2426-67F9-4444-9F9B-B21E9369802F} - System32\Tasks\SamsungMagician => F:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {B26DD016-3EA7-45D4-93B3-DEB505193BA9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B3272292-37DC-4E67-A82B-8C96B67F364A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {B8213C22-4FBF-4DA2-9C40-8BF38CADAAB2} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-seif_mohd@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {C39135AD-7BCA-46BD-847B-D4A6D47FDA8C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {C3F4073B-D2E3-41D2-926D-77288D816DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-30] (Microsoft Corporation)
Task: {C68BAC8D-9DD8-4E5E-AC6D-86D5DB803CF3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {C899A2DD-EC8F-4952-B755-400E9AFA1AD5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-seif_mohd@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {CE973D02-0FF3-49DE-927A-BB91E2E21469} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CFF925E7-F747-4A69-9AE3-7DAD19080F6E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-12-06] (AVAST Software)
Task: {D244A761-889C-46A7-8008-FAF201CBD8D0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {D38BFE08-E612-448D-BF4A-894613BA52A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {D6313BA8-DD37-4FA0-9F27-AE9E7FFE8B03} - System32\Tasks\ASCU11_SkipUac_PC => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASC.exe [2018-09-17] (IObit)
Task: {D8EDF002-8D41-4AAF-94B9-029D1D1BFF1A} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {D930690D-0BF2-4EED-8E4F-A2F31C40602A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DA83BC84-2930-41BE-B7C6-3CB8EA2CA518} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {DCEED95F-FA38-4057-8A04-02DD829C4927} - System32\Tasks\WiseCleaner\WRCSkipUAC => F:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2018-11-27] (WiseCleaner.com)
Task: {DCFF51E4-75E2-4CE7-A9CC-BDE5F3EAAA6D} - System32\Tasks\PS4 Controller => C:\Program Files (x86)\PS4 Controller\DS4Windows.exe [2015-12-18] ()
Task: {E34342F2-B941-4B1E-B86C-B25A3FEB45D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E753B0C1-564D-47CC-9981-0C650254366C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {E9F26C28-DBAE-4FC7-B715-1ED295D7F944} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {FD9F43B3-DE0A-40E9-992B-424C16853689} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 03:34 - 2018-04-12 03:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 000444416 _____ () c:\windows\system32\SSDM.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-20 02:09 - 2017-07-20 02:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2018-12-06 01:14 - 2018-12-06 02:05 - 002695360 _____ () F:\PROGRAM FILES (X86)\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-25 23:11 - 2014-07-31 16:17 - 000463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2018-07-11 10:26 - 2018-06-15 21:30 - 001308672 _____ () c:\windows\system32\FaceProcessor.dll
2018-07-11 10:26 - 2018-06-15 21:55 - 000542888 _____ () c:\windows\system32\FaceProcessorCore.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 001348664 _____ () c:\windows\system32\FaceTrackerInternal.dll
2017-05-04 15:27 - 2017-05-04 15:27 - 000061440 _____ () C:\Program Files\Haste\Haste Esports Accelerator\WinDivert.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 17:27 - 2018-10-04 17:27 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 010885632 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 002850816 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-30 12:00 - 2018-11-16 09:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-30 12:00 - 2018-11-16 09:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2015-12-31 18:54 - 2015-12-18 23:07 - 003214848 _____ () C:\Program Files (x86)\PS4 Controller\DS4Windows.exe
2017-01-11 02:17 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-11 02:17 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-11 02:17 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-12-06 13:41 - 2017-08-04 13:44 - 000082720 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\GetProcessDLL.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-12-06 13:41 - 2016-08-18 18:43 - 000442144 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madExcept_.bpl
2018-12-06 13:41 - 2016-08-18 18:43 - 000210720 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madBasic_.bpl
2018-12-06 13:41 - 2016-08-18 18:43 - 000059680 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madDisAsm_.bpl
2018-12-06 13:41 - 2017-06-10 15:33 - 000631584 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\ProductStatistics.dll
2018-11-14 02:07 - 2018-01-22 19:00 - 000442128 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2018-11-14 02:07 - 2018-01-22 19:00 - 000210704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2018-11-14 02:07 - 2018-01-22 19:00 - 000059664 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-03-20 14:43 - 2014-03-20 14:43 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-06 05:06 - 2018-12-06 05:06 - 000000855 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SamsungRapidApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "DiscWizardMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\StartupFolder: => "Auto Profiles.xml"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\StartupFolder: => "Actions.xml"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\Run: => "NetLimiter"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A931A79-316D-4EA0-81F1-122076D6A748}] => (Allow) F:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{51D24A82-17C4-4CFF-A20E-32DAC92624BC}] => (Allow) F:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{19E1AEE8-0FD5-4EFC-B269-E0BD6F816C35}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D21CC886-EF0F-42B8-81D1-DFE309279B91}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{6C05C3AB-AD1B-4C70-8483-2F2CDEA05C32}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4A9638C7-A095-4B37-93B6-C9DD8A5E23A0}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{CC81CCAC-9A78-4E6D-8BA9-44AD376DA3AF}F:\program files (x86)\call of duty black ops iii\blackops3.exe] => (Allow) F:\program files (x86)\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{D676CDA2-80D0-43F7-B0CA-5B546E806B3E}F:\program files (x86)\call of duty black ops iii\blackops3.exe] => (Allow) F:\program files (x86)\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{46B8FE51-6FAC-435D-B707-5F70CD3893B4}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [TCP Query User{DBA0E5FE-46A6-414F-B6BF-A07F7BEFE9CA}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{92FED833-91CA-45BD-96FF-1501D12010F3}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{AA8E28B7-C09C-4DAC-8372-3396AA842713}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{B67E3AAD-C0A6-4325-9C6D-DE7D1F98C63F}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{AA48F697-8F80-44A7-B825-C3BA5A6D9ACF}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [UDP Query User{2C1659E9-6E5D-40E0-AD6B-CD209218AF89}F:\program files (x86)\origin games\titanfall\titanfall.exe] => (Allow) F:\program files (x86)\origin games\titanfall\titanfall.exe
FirewallRules: [TCP Query User{6F2663DC-A78F-4C61-B913-13D2F847D4CA}F:\program files (x86)\origin games\titanfall\titanfall.exe] => (Allow) F:\program files (x86)\origin games\titanfall\titanfall.exe
FirewallRules: [UDP Query User{713B34A5-2C25-4BB6-9B75-DDAE8369B7EE}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{71DCE148-6A82-451F-994B-377C30BF8416}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{6C34AF8F-3583-4251-8DE5-5E5B123C1E6B}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Allow) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{8DAA2235-1759-48A4-ABD4-B2C21647473C}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Allow) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{A53816F8-DF7F-4244-BD87-D3AABD1DBCD3}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{9FD730B9-8213-4D4A-81D2-ADB7CA4A716B}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{BEEBDB06-4221-4771-9C67-D37F49898536}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{650F68DB-0AEC-4AB7-959C-1A7C64EF6526}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [UDP Query User{F3E7999A-A228-4843-BCCA-7DBA250028F4}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{4C5A4382-A05C-436A-B8E9-AD6D9BC27B8A}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [{F1BCB19A-3C93-4AD6-8D78-425820B4E6EF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{CC613C48-5758-435D-9EC9-5B2B13FD169C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [UDP Query User{BC6A45FF-8997-4DE5-B792-DAEA53D51FED}F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe
FirewallRules: [TCP Query User{0543600B-AC1C-44E8-90D2-6DC50F0EB95E}F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe
FirewallRules: [{D8B88B63-A2B2-4E9D-932B-EDCCA45ADE84}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38FF5CCA-A2E2-4D1C-BF01-65E5D6470DAF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{B84E6423-6C17-4E75-8C31-6C22F01949A7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [UDP Query User{D96B48AA-8280-45BF-AFF5-71AF2A86DF3B}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{A595A762-6BE4-487A-BEE3-BA0314569C31}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{EFFF15ED-1116-481B-BD6D-71F690EE0765}] => (Allow) LPort=3389
FirewallRules: [{77CBFEC0-BFD4-45D1-8299-9C6616738ACC}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2A9397A-835B-42C9-A126-C25567EE4C59}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F1B731EA-02EC-432C-AE13-2C9037989E68}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9977F04-045D-4F3E-9B20-A431AFA68689}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA02BBE6-4F59-4CC9-B9F7-7FF585A77B14}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2050E3BA-A60D-45C6-AA43-C67737ED347A}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B62BB7EE-BE99-461C-9689-368E70A18493}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{1FE7F81F-D899-4E70-80B7-EF9192180E84}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4ADDC7BB-CC29-495B-BC18-E3FA8D91B320}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{BE1F0A7E-61EC-4B99-B257-A264C7FFB3C1}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{08C0C41F-01CE-49A3-BD6C-DE77083231C7}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{5B8489EA-2510-4EC2-B900-D4E599BD1299}] => (Allow) F:\Program Files (x86)\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{99A321F0-62E0-4EB2-AFE5-19E672910A75}] => (Allow) F:\Program Files (x86)\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{20D461BC-B1DD-4E53-A8B2-45968C6E7026}] => (Allow) F:\Program Files (x86)\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C5D33200-E39A-4332-8A86-7DEDE7FCD832}] => (Allow) F:\Program Files (x86)\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{CB68F46B-309A-465D-86E2-87CCD6A6666E}F:\program files (x86)\dying light\dying light\dyinglightgame.exe] => (Allow) F:\program files (x86)\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{55B2103E-090E-4CC4-9FBF-B1D9B61E1F19}F:\program files (x86)\dying light\dying light\dyinglightgame.exe] => (Allow) F:\program files (x86)\dying light\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{A8524EEB-AD57-4E7D-94E2-9DEF23B9EEEA}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{2CB642D2-ED8E-4DB5-8D5C-EB494A26BFD9}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{8691C369-44F1-49E4-BBA8-5E65DD22A481}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [UDP Query User{BB2F7EE7-CCD9-482E-930F-A31021DAD63A}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{5759C3A8-D650-479E-8E6E-38222F1F8326}C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [UDP Query User{A79B5677-D198-416C-93A5-946085894F8A}C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [{138F68C4-E9CA-4626-A86E-4816912D73A9}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6F7F27E7-17F6-4A5C-B8B1-CDBB3C9CD375}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{4E22E97E-E871-4BDD-88BE-B80D7F512A48}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EBE3EE69-903E-4B86-9A96-3489D40FE541}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{02DFF792-D556-4195-BD2A-C63E2F389CE9}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Block) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{D77C35D1-5CF2-47F5-937F-E4E3F2C6FE88}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Block) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [{2136905A-BA76-4DDA-AA11-4EBD761A4C7E}] => (Allow) F:\Program Files (x86)\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{EB5575AD-F408-4B31-B759-E4FF10FF63BD}] => (Allow) F:\Program Files (x86)\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{2EA5A25C-0A1E-4DB0-B6F1-282E0065BB78}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{03A71D46-84BE-4E58-AD2A-83CC11228ADA}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{7D448BFC-806F-437C-A2E5-CED70E56D513}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{28ED70E9-0D68-494A-9759-07EAF89DD80B}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{EBEC9A76-1200-4562-A580-6C77E604A9B6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2C1291AA-5B7E-49B6-BC28-C13486C68A9D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{D499320B-09D5-4D4A-BCE4-B518399E34F3}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{F6CF7435-829D-4DAB-BCDB-165D1E601145}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{AA1880D2-E06F-4AA6-975E-9D664BDABD0D}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{DD5B0D15-BE2D-47DA-8026-E4A377694163}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B9F2D1CA-FA32-41D4-A911-00557E363075}] => (Allow) F:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{32585163-6D5E-4D6A-B5F6-715432C152E5}] => (Allow) F:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{2FF5B205-5C4C-425F-B718-F9E71AB74E06}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{6B5C9E52-B1E2-456D-BA1B-4ED5EF5F4BD6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [TCP Query User{FA654C9D-1628-4332-A956-35D36D659593}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{A1E4F801-8E3C-48A4-B953-274C18B5B3B0}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [{6F216D94-8D57-4D64-BCE7-8B90FD923D11}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{A91F86F6-D18A-4009-AE53-F621CFDB8B5D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{9BCA7EC2-7255-41A3-A91B-A9AC45F6F5B4}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{DE745EED-E69F-4052-A6F0-AA390208A112}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{EB0D1673-3C96-44AD-8E2C-9F7A10FB525D}F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Block) F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{34D2BAC1-9028-4BC9-A190-F456A81C91D7}F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Block) F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{DE0D6215-6D57-4D63-87EE-AB53D29151D6}] => (Allow) LPort=1119
FirewallRules: [{91EBA601-BAB8-4C0F-9052-908237280363}] => (Allow) LPort=3724
FirewallRules: [{A5D4B637-21E6-465A-8A31-D55545651164}] => (Allow) LPort=6113
FirewallRules: [{673BB8B7-AE74-40DC-8BD4-3FACBD905DD1}] => (Allow) LPort=80
FirewallRules: [{A70011A4-F968-45C3-879C-73A3CCE0D0FB}] => (Allow) LPort=6052
FirewallRules: [{ECAC1C17-367D-4FE5-9945-09E881A0541C}] => (Allow) LPort=5062
FirewallRules: [{8F27C19E-5977-4C0C-9371-029BE9246F92}] => (Allow) LPort=5060
FirewallRules: [{B490E1B5-C5D0-4787-A6C5-FCF43E92AB11}] => (Allow) LPort=3478
FirewallRules: [{4228F5BF-0459-4B8A-9A38-81CE5826F3F9}] => (Allow) LPort=3479
FirewallRules: [TCP Query User{990A1E3B-3E52-45D8-ACFA-862BDC2F9377}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{27C9E56D-87B2-41AD-A00B-4BE922B419FE}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4D4885A5-83CD-4528-8B70-D20E77EABFA0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{E18E0BEA-CA34-4F29-8889-013C80A8D145}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [TCP Query User{229538CB-B306-4A19-B236-8656E8B4DF1F}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{76F521A4-09DC-40FF-BE76-D1F3FE8579A7}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{03844735-56B2-43D2-904A-866183ABE4C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A18E1D2E-9238-46E6-98D6-E0818AB61044}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E898ADA7-93EF-4011-9D1F-9CEEF096BF6B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CEFA82F1-C612-4B97-87CD-4E03917EB88C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{25DC02FA-E541-4520-B6E0-B0D9589F45A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{69520D8E-5D74-4EB7-851F-408274C4E12B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A8FCBA9A-0C47-47E6-BA11-511534340AC3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{F503E34B-BDBE-4A94-8C86-CC8370BE8D0B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{E6310DEC-048B-4710-BB68-F260FEB982AA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{8191C496-2AF7-4E33-8521-D9BEB8B31257}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{D342F441-0647-4CA7-B61C-3E092AAF42F5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{C631CE36-A858-490B-A8EB-D8B1461D49BE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{2A62502E-5962-402E-B307-E410DE1D2DB8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{DA84530D-6ABA-40F8-93AF-145EEEC8C937}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{482F7627-9F57-4FC0-B329-2B1BA47EB4D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{870EA809-F62C-4AE9-87E9-83940ABB5FDB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{D746F72E-84DA-4456-BEC5-009FA5F5C8A7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{8F02B381-6AB6-4EC8-BBD8-10EDA6BC8BF2}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{0B8C79B5-8287-4E03-BE0A-0518BC1DA41E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{62C78DC3-07D3-446E-A6BA-AC2B10473310}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E03F44EA-DB93-4A7E-BB25-DB08998EBAF2}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9290F4DF-35AF-4069-A040-55D83E0DB4B6}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [{FF0537E8-325F-470C-9307-F13CE79BF5F3}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{C990710B-D064-4AA2-96BF-0FA801D492A5}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{0336F7B1-166B-4B4B-9F3B-A50670750A23}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\HITMAN2\Launcher.exe
FirewallRules: [{87483157-FB07-4DFB-BFE9-925190BE15BB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\HITMAN2\Launcher.exe
FirewallRules: [TCP Query User{ED131632-A45E-48D4-91BB-8E15EEF045B9}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C9666551-EBF4-42E8-BE14-874F360E4967}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [{8FF5222C-5CF7-46B0-8AF8-9F584990650A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{01C3AD61-5EF7-4663-8AFE-6DA45C575342}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{635F48C2-F132-4C3C-9291-633A15443555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F67529C3-B374-4E9C-9A01-6D588F9D0CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D361215-95BC-477B-81CB-E8C8BE05C2D5}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsF354.tmp
FirewallRules: [{7E06880E-9D41-4CBD-B479-6193560937B3}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsF354.tmp
FirewallRules: [{00F2932B-7626-475C-88D2-AA0AA31FC362}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsED1A.tmp
FirewallRules: [{EBC7D783-9360-4168-BFEB-E817D54A74C4}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsED1A.tmp

==================== Restore Points =========================

30-11-2018 12:02:39 Windows Update
06-12-2018 04:33:36 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2018 01:39:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program InsF354.tmp version 11.0.0.1477 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2570

Start Time: 01d48d46fc0896d8

Termination Time: 4294967295

Application Path: C:\Users\PC\AppData\Local\Temp\InsF354.tmp

Report Id: d6c39120-e566-4ac2-b463-5e08b76594dc

Faulting package full name: 

Faulting package-relative application ID:

Error: (12/06/2018 06:06:32 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x8007001f, A device attached to the system is not functioning.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (12/06/2018 06:06:05 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {860e162e-36b0-47fb-97d6-f240e9ad0a00}

Error: (12/06/2018 05:45:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 1.12.2018.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2950

Start Time: 01d48d04f306698d

Termination Time: 4294967295

Application Path: C:\Users\PC\Desktop\FRST\FRST64.exe

Report Id: 130a11f0-3951-4e8a-8896-f199611ce8c1

Faulting package full name: 

Faulting package-relative application ID:

Error: (12/06/2018 05:17:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program InsEDB6.tmp version 11.0.0.1477 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1454

Start Time: 01d48d00f6d562c0

Termination Time: 4294967295

Application Path: C:\Users\PC\AppData\Local\Temp\InsEDB6.tmp

Report Id: 84ea5d48-6562-4acc-8a74-cad827e75c3f

Faulting package full name: 

Faulting package-relative application ID:

Error: (12/06/2018 05:04:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Error: (12/06/2018 05:04:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.

Error: (12/06/2018 05:04:59 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.


System errors:
=============
Error: (12/06/2018 02:21:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
Unable to access a key.

Error: (12/06/2018 02:21:40 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.

Error: (12/06/2018 02:21:30 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 02:21:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 02:21:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 02:21:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMPNetworkSvc service terminated with the following error: 
An attempt was made to reference a token that does not exist.

Error: (12/06/2018 02:20:51 PM) (Source: DCOM) (EventID: 10010) (User: SHELBY)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (12/06/2018 02:20:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Origin Web Helper Service service terminated unexpectedly.  It has done this 1 time(s).


Windows Defender:
===================================
Date: 2018-12-04 17:58:02.680
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:58:02.668
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:57:27.100
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Unwaders.C!ml&threatid=242874&enterprise=0
Name: Program:Win32/Unwaders.C!ml
ID: 242874
Severity: Severe
Category: Potentially Unwanted Software
Path: file:_C:\Users\PC\AppData\Local\Temp\4314625\ic-0.611060b53f4af4.exe; process:_pid:17572,ProcessStart:131884045777468702
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\Users\PC\AppData\Local\Temp\4314625\ic-0.611060b53f4af4.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:57:27.098
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe; process:_pid:12232,ProcessStart:131884050440058139
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:56:53.852
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Vigram.A&threatid=232718&enterprise=0
Name: Program:Win32/Vigram.A
ID: 232718
Severity: Severe
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPicoActivator.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-06 02:56:48.151
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===================================

Date: 2018-12-04 18:39:46.597
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.579
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.487
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.473
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-30 12:01:41.782
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-30 12:01:41.780
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-16 10:12:49.134
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-16 10:12:49.133
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
 

 

 

 

Share this post


Link to post
Share on other sites

Thanks for those logs, continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....



The Virus Removal Tool scans the following areas of your computer:
  • Memory, including system memory on 32-bit (x86) versions of Windows
  • The Windows registry
  • All local hard drives, fixed and removable
  • Mapped network drives are not scanned.



Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Let me see those logs in your reply, also tell me if there are any remaining issues or concerns....

Thank you,

Kevin

fixlist.txt

Share this post


Link to post
Share on other sites

FRST Scan Log: 

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by PC (06-12-2018 21:09:30) Run:10
Running from C:\Users\PC\Desktop\FRST
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
2018-12-04 17:50 - 2018-12-04 18:13 - 000000000 ____D C:\ProgramData\zVmiMcGqez
2018-12-04 17:42 - 2018-12-04 18:11 - 000000000 ____D C:\Users\PC\AppData\Roaming\aaWlW
2018-12-04 17:42 - 2018-12-04 17:42 - 000000000 ____D C:\ProgramData\inst
2018-12-04 17:41 - 2018-12-04 20:47 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
C:\Program Files (x86)\Office 2016  KMS Activator
2018-12-06 03:35 - 2018-12-06 14:21 - 001639936 _____ (CPUID) C:\Users\PC\AppData\Local\Temp\speccycpuid.dll 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  -> No File
Task: {059F1E91-3AF8-499A-85EC-0D5EB74E7E2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {25EA905D-9EFB-4EEE-AF56-9F501B1B54A4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {36827CDB-477B-4457-9C45-2841E7873972} - System32\Tasks\FRAPS => F:\Program Files (x86)\Fraps\fraps.exe [2013-02-26] (Beepa P/L) <==== ATTENTION
Task: {38A520E1-B576-4AF4-95D0-3CEE9263721F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {42FFE98D-1199-42A4-A768-9C2ADA831D11} - System32\Tasks\CCleaner Update => F:\Program Files (x86)\CCUpdate.exe <==== ATTENTION
Task: {508F6D86-7DB7-4ABC-84E5-4DB35C8CAE9C} - \WPD\SqmUpload_S-1-5-21-1745146063-4005962234-3562053907-1001 -> No File <==== ATTENTION
Task: {5B4443C3-1DF8-4E6A-8C57-8F70D57C6E62} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6966A9FC-04AB-46C4-923F-3C18D66D33CF} - System32\Tasks\CCleanerSkipUAC => F:\Program Files (x86)\CCleaner.exe <==== ATTENTION
Task: {6A475AA1-5AEA-45EA-83C5-8691C7A9CD44} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {70304F5E-EEBD-4A4C-BDC0-22CAB786C59F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7C5070C9-1241-4483-96E8-5AC556DD9590} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8EFE5D52-8858-4071-827D-1B3306BB3A9A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {912C6E2F-6C4A-4D3B-94B3-2C9BAB481A77} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CE973D02-0FF3-49DE-927A-BB91E2E21469} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E34342F2-B941-4B1E-B86C-B25A3FEB45D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
FirewallRules: [{DE0D6215-6D57-4D63-87EE-AB53D29151D6}] => (Allow) LPort=1119
FirewallRules: [{91EBA601-BAB8-4C0F-9052-908237280363}] => (Allow) LPort=3724
FirewallRules: [{A5D4B637-21E6-465A-8A31-D55545651164}] => (Allow) LPort=6113
FirewallRules: [{673BB8B7-AE74-40DC-8BD4-3FACBD905DD1}] => (Allow) LPort=80
FirewallRules: [{A70011A4-F968-45C3-879C-73A3CCE0D0FB}] => (Allow) LPort=6052
FirewallRules: [{ECAC1C17-367D-4FE5-9945-09E881A0541C}] => (Allow) LPort=5062
FirewallRules: [{8F27C19E-5977-4C0C-9371-029BE9246F92}] => (Allow) LPort=5060
FirewallRules: [{B490E1B5-C5D0-4787-A6C5-FCF43E92AB11}] => (Allow) LPort=3478
FirewallRules: [{4228F5BF-0459-4B8A-9A38-81CE5826F3F9}] => (Allow) LPort=3479
FirewallRules: [{3D361215-95BC-477B-81CB-E8C8BE05C2D5}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsF354.tmp
FirewallRules: [{7E06880E-9D41-4CBD-B479-6193560937B3}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsF354.tmp
FirewallRules: [{00F2932B-7626-475C-88D2-AA0AA31FC362}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsED1A.tmp
FirewallRules: [{EBC7D783-9360-4168-BFEB-E817D54A74C4}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsED1A.tmp
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
RemoveProxy:
EmptyTemp:
Hosts:
CMD: ipconfig /flushDNS
end

*****************

Restore point was successfully created.
Processes closed successfully.
"C:\ProgramData\zVmiMcGqez" => not found
C:\Users\PC\AppData\Roaming\aaWlW => moved successfully
C:\ProgramData\inst => moved successfully
"C:\Program Files (x86)\KMSPico 10.2.1 Final" => not found
C:\Program Files (x86)\Office 2016  KMS Activator => moved successfully
C:\Users\PC\AppData\Local\Temp\speccycpuid.dll => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE} => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync) => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{059F1E91-3AF8-499A-85EC-0D5EB74E7E2E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{059F1E91-3AF8-499A-85EC-0D5EB74E7E2E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25EA905D-9EFB-4EEE-AF56-9F501B1B54A4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25EA905D-9EFB-4EEE-AF56-9F501B1B54A4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
Task: {36827CDB-477B-4457-9C45-2841E7873972} - System32\Tasks\FRAPS => F:\Program Files (x86)\Fraps\fraps.exe [2013-02-26] (Beepa P/L) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38A520E1-B576-4AF4-95D0-3CEE9263721F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38A520E1-B576-4AF4-95D0-3CEE9263721F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{42FFE98D-1199-42A4-A768-9C2ADA831D11}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42FFE98D-1199-42A4-A768-9C2ADA831D11}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{508F6D86-7DB7-4ABC-84E5-4DB35C8CAE9C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{508F6D86-7DB7-4ABC-84E5-4DB35C8CAE9C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1745146063-4005962234-3562053907-1001" => removed successfully
Task: {5B4443C3-1DF8-4E6A-8C57-8F70D57C6E62} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6966A9FC-04AB-46C4-923F-3C18D66D33CF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6966A9FC-04AB-46C4-923F-3C18D66D33CF}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A475AA1-5AEA-45EA-83C5-8691C7A9CD44}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A475AA1-5AEA-45EA-83C5-8691C7A9CD44}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70304F5E-EEBD-4A4C-BDC0-22CAB786C59F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70304F5E-EEBD-4A4C-BDC0-22CAB786C59F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C5070C9-1241-4483-96E8-5AC556DD9590}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C5070C9-1241-4483-96E8-5AC556DD9590}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EFE5D52-8858-4071-827D-1B3306BB3A9A}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EFE5D52-8858-4071-827D-1B3306BB3A9A}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{912C6E2F-6C4A-4D3B-94B3-2C9BAB481A77}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{912C6E2F-6C4A-4D3B-94B3-2C9BAB481A77}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE973D02-0FF3-49DE-927A-BB91E2E21469}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE973D02-0FF3-49DE-927A-BB91E2E21469}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
Task: {E34342F2-B941-4B1E-B86C-B25A3FEB45D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DE0D6215-6D57-4D63-87EE-AB53D29151D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91EBA601-BAB8-4C0F-9052-908237280363}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5D4B637-21E6-465A-8A31-D55545651164}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{673BB8B7-AE74-40DC-8BD4-3FACBD905DD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A70011A4-F968-45C3-879C-73A3CCE0D0FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECAC1C17-367D-4FE5-9945-09E881A0541C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F27C19E-5977-4C0C-9371-029BE9246F92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B490E1B5-C5D0-4787-A6C5-FCF43E92AB11}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4228F5BF-0459-4B8A-9A38-81CE5826F3F9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D361215-95BC-477B-81CB-E8C8BE05C2D5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E06880E-9D41-4CBD-B479-6193560937B3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00F2932B-7626-475C-88D2-AA0AA31FC362}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EBC7D783-9360-4168-BFEB-E817D54A74C4}" => removed successfully

========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========


Error: Unable to rebuild performance counter setting from system backup store, error code is 2
========= End of CMD: =========


========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========


Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushDNS =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33039187 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 121139 B
Edge => 3584 B
Chrome => 16911126 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5438 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
PC => 5065525 B

RecycleBin => 1465 B
EmptyTemp: => 62.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:10:06 ====

Sophos Virus Removal Tool Scan Log:  Found and removed 1 threat

2018-12-06 17:21:10.722    Sophos Virus Removal Tool version 2.7.0
2018-12-06 17:21:10.722    Copyright (c) 2009-2018 Sophos Limited. All rights reserved.

2018-12-06 17:21:10.722    This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2018-12-06 17:21:10.722    Windows version 6.2 SP 0.0  build 9200 SM=0x100 PT=0x1 WOW64
2018-12-06 17:21:10.722    Checking for updates...
2018-12-06 17:21:10.737    Update progress: proxy server not available
2018-12-06 17:21:18.156    Option all = no
2018-12-06 17:21:18.156    Option recurse = yes
2018-12-06 17:21:18.156    Option archive = no
2018-12-06 17:21:18.156    Option service = yes
2018-12-06 17:21:18.156    Option confirm = yes
2018-12-06 17:21:18.156    Option sxl = yes
2018-12-06 17:21:18.156    Option max-data-age = 35
2018-12-06 17:21:18.156    Option vdl-logging = yes
2018-12-06 17:21:18.171    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2018-12-06 17:21:18.171    Machine ID:    739dddafac4a42129f960e3714ded64c
2018-12-06 17:21:18.171    Component SVRTcli.exe version 2.7.0
2018-12-06 17:21:18.171    Component control.dll version 2.7.0
2018-12-06 17:21:18.171    Component SVRTservice.exe version 2.7.0
2018-12-06 17:21:18.171    Component engine\osdp.dll version 1.44.1.2432
2018-12-06 17:21:18.171    Component engine\veex.dll version 3.74.1.2432
2018-12-06 17:21:18.171    Component engine\savi.dll version 9.0.12.2432
2018-12-06 17:21:18.171    Component rkdisk.dll version 1.5.33.1
2018-12-06 17:21:18.171    Version info:    Product version    2.7.0
2018-12-06 17:21:18.171    Version info:    Detection engine    3.74.1
2018-12-06 17:21:18.171    Version info:    Detection data    5.57
2018-12-06 17:21:18.171    Version info:    Build date    11/13/2018
2018-12-06 17:21:18.171    Version info:    Data files added    206
2018-12-06 17:21:18.171    Version info:    Last successful update    (not yet updated)
2018-12-06 17:21:24.349    Downloading updates...
2018-12-06 17:21:24.349    Update progress: [I96736] sdds.svrt_v1.8: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2018-12-06 17:21:24.349    Update progress: [I95020] sdds.svrt_v1.8: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-12-06 17:21:24.349    Update progress: [I22529] sdds.svrt_v1.8: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-12-06 17:21:24.349    Update progress: [V81533] SU::createCachedPackageSource creating cached package source for http://d2.sophosupd.com/update-B: url=SOPHOS
2018-12-06 17:21:24.349    Update progress: [V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
2018-12-06 17:21:24.349    Update progress: [V81533] SU::createCachedPackageSource creating package source to download customer file
2018-12-06 17:21:24.349    Update progress: [V81533] SU::createCachedPackageSource creating cached package source
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: catalogue/sdds.data0910.xml
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: catalogue/sdds.data0910.xml: 15 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 3cc91231bfa43d2ad0b27252ebf38eeax000.xml: 2953 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 3cc91231bfa43d2ad0b27252ebf38eeax000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a04cefe63b11e804d27982b4b4492f4dx000.xml: 8673 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a04cefe63b11e804d27982b4b4492f4dx000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE560/f27d648953d6d791ea6f11f8a90db8c6x000.xml: 590 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE560/f27d648953d6d791ea6f11f8a90db8c6x000.xml: 171 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 598 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: SXLSUP/9658bb75e4104455fe802645d41af3dax000.xml: 172 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE557/13239828b0b1bf83de4692d775629148x000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE557/13239828b0b1bf83de4692d775629148x000.xml: 297 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE554/1883db40022af8cbc8fd680f1c4185ddx000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE554/1883db40022af8cbc8fd680f1c4185ddx000.xml: 172 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE550/1e04bd4f6cc5b189217b416d0cacd23ax000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE550/1e04bd4f6cc5b189217b416d0cacd23ax000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE553/236bb4ca0d2561a8e59124e4a65837c9x000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE553/236bb4ca0d2561a8e59124e4a65837c9x000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE558/3a1dfb2d23615d09497b1db3305e32dax000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE558/3a1dfb2d23615d09497b1db3305e32dax000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE552/49e28e1f82adf19b43a3acfb11c919bax000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE552/49e28e1f82adf19b43a3acfb11c919bax000.xml: 265 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE551/69eda22632d06ac2df0c576c5946841fx000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE551/69eda22632d06ac2df0c576c5946841fx000.xml: 141 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE555/9f59846a02fa77254f4813df557d969bx000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE555/9f59846a02fa77254f4813df557d969bx000.xml: 265 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE556/cd085cdff0109eb84b9c16d718521445x000.xml: 601 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE556/cd085cdff0109eb84b9c16d718521445x000.xml: 313 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: IDE559/0ffc37e850a96b226f17a823f9ae5d54x000.xml: 3539 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: IDE559/0ffc37e850a96b226f17a823f9ae5d54x000.xml: 0 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d48a6743668ae40aad35bfcdbb4eb4d7x000.xml: 615 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d48a6743668ae40aad35bfcdbb4eb4d7x000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1c6f6a99e848ad128f795e5f304c8758x000.xml: 320 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1c6f6a99e848ad128f795e5f304c8758x000.xml: 313 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 753 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 0c458d84352f35f2b272f8b87e9f9576x000.xml: 156 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 331 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 5c7f0eec8cb5f488397216dcfb7e98e8x000.xml: 297 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 24be0fc59a0372038b7fbb3af3e19d21x000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 24be0fc59a0372038b7fbb3af3e19d21x000.xml: 187 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e4ccc0244dafdc3a404f8bb420c2a165x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e4ccc0244dafdc3a404f8bb420c2a165x000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1b5385d6d93fc43e87fc7d723b90aab9x000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1b5385d6d93fc43e87fc7d723b90aab9x000.xml: 157 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 44df079c17c27192400c73a86d16785fx000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 44df079c17c27192400c73a86d16785fx000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9e72c50dc4507dfba988367b178eda4ax000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9e72c50dc4507dfba988367b178eda4ax000.xml: 297 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e0a2f9d4b770945eb817f82acf76dc76x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e0a2f9d4b770945eb817f82acf76dc76x000.xml: 297 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 4c204ac4b99df718739c309d0f4ab76bx000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 4c204ac4b99df718739c309d0f4ab76bx000.xml: 265 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 46e9b0f78df0d20502af43f391ffc506x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 46e9b0f78df0d20502af43f391ffc506x000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7fe1eebcf235024389043a634ef20366x000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7fe1eebcf235024389043a634ef20366x000.xml: 266 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9ec625dcb3a242e1fece93286451a352x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9ec625dcb3a242e1fece93286451a352x000.xml: 187 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: eaba289b0a9e187ed96137c42bf85645x000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: eaba289b0a9e187ed96137c42bf85645x000.xml: 282 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e4e261308128b5b42bf54c232030ea27x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e4e261308128b5b42bf54c232030ea27x000.xml: 156 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: d9072ffa19fc0ff71a828d7ca2bc7828x000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: d9072ffa19fc0ff71a828d7ca2bc7828x000.xml: 156 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1d98051334b3ea8a0b042e0bb99bc283x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1d98051334b3ea8a0b042e0bb99bc283x000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 65b7509646b00610cf1732a01f49a46fx000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 65b7509646b00610cf1732a01f49a46fx000.xml: 328 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f6ec5061dd7e77923111541727311aa2x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f6ec5061dd7e77923111541727311aa2x000.xml: 156 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 59c292069cc0fcbe6fbcf8d4289432a4x000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 59c292069cc0fcbe6fbcf8d4289432a4x000.xml: 282 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ace8e7b646829af68be5b32bbcc82570x000.xml: 338 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ace8e7b646829af68be5b32bbcc82570x000.xml: 281 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ce1c6bcf1ec8b1e6a28fd747a9d95c39x000.xml: 877 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ce1c6bcf1ec8b1e6a28fd747a9d95c39x000.xml: 0 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f3371957ce3bf729d46e4015ee77057ax000.xml: 336 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f3371957ce3bf729d46e4015ee77057ax000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1c5647106c0cdff4a4bfb6e14fe717ffx000.xml: 877 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1c5647106c0cdff4a4bfb6e14fe717ffx000.xml: 0 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9c24ae0a57066614acdfc6d3796c3e16x000.xml: 336 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9c24ae0a57066614acdfc6d3796c3e16x000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 2feb523f893809076d7b3258705bdea5x000.xml: 877 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 2feb523f893809076d7b3258705bdea5x000.xml: 15 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 1d9d5d4648a9318e42bc361f8a61f8acx000.xml: 336 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 1d9d5d4648a9318e42bc361f8a61f8acx000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 02f9f0edf7ded136b0ad4a258fcb5229x000.xml: 877 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 02f9f0edf7ded136b0ad4a258fcb5229x000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 7e7612a99248b7fa1d835f05e08852e2x000.xml: 336 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 7e7612a99248b7fa1d835f05e08852e2x000.xml: 0 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: e2aedfc8e92a915cc928dbb1b6a014dex000.xml: 877 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: e2aedfc8e92a915cc928dbb1b6a014dex000.xml: 0 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: ce3e9a019043f765a30528e2669188d6x000.xml: 336 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: ce3e9a019043f765a30528e2669188d6x000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c17d54ed4c5b3d0e6afc9f5f216e2a6ex000.xml: 877 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c17d54ed4c5b3d0e6afc9f5f216e2a6ex000.xml: 0 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 20627b6ce6194635a62e2d569ddc4b07x000.xml: 336 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 20627b6ce6194635a62e2d569ddc4b07x000.xml: 15 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: a8f8928b54db4e11c356475a91df0738x000.xml: 1027 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: a8f8928b54db4e11c356475a91df0738x000.xml: 16 ms
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f00e4e30d78a2728a12acdf8fbdd7ff0x000.xml: 336 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f00e4e30d78a2728a12acdf8fbdd7ff0x000.xml: 0 ms
2018-12-06 17:21:24.349    Update progress: [I49502] sdds.data0910.xml: found supplement IDE558 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2018-12-06 17:21:24.349    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE558 LATEST path=
2018-12-06 17:21:24.349    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE558 LATEST path=
2018-12-06 17:21:24.349    Update progress: [I49502] sdds.data0910.xml: found supplement IDE559 LATEST path= baseVersion= [included from product IDE558 LATEST path=]
2018-12-06 17:21:24.349    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE559 LATEST path=
2018-12-06 17:21:24.349    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE559 LATEST path=
2018-12-06 17:21:24.349    Update progress: [I49502] sdds.data0910.xml: found supplement IDE560 LATEST path= baseVersion= [included from product IDE559 LATEST path=]
2018-12-06 17:21:24.349    Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE560 LATEST path=
2018-12-06 17:21:24.349    Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE560 LATEST path=
2018-12-06 17:21:24.349    Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-12-06 17:21:24.349    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 6d5b42261b0873d2548169c32a11d986x000.xml: 79124 bytes
2018-12-06 17:21:24.349    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 6d5b42261b0873d2548169c32a11d986x000.xml: 172 ms
2018-12-06 17:21:24.349    Update progress: [I19463] Product download size 207692565 bytes
2018-12-06 17:21:28.224    Update progress: [I19463] Syncing product IDE558 LATEST path=
2018-12-06 17:21:28.224    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 732041eb13cb23c2be762e60d5ab61c4x000.xml: 27989 bytes
2018-12-06 17:21:28.224    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 732041eb13cb23c2be762e60d5ab61c4x000.xml: 1172 ms
2018-12-06 17:21:28.224    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: 9c5c8baaaafc7d01e1b0ac287b296ff8x000.xml: 397 bytes
2018-12-06 17:21:28.224    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: 9c5c8baaaafc7d01e1b0ac287b296ff8x000.xml: 16 ms
2018-12-06 17:21:28.224    Update progress: [I19463] Product download size 2888429 bytes
2018-12-06 17:21:28.428    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: aa31568b27a40d5c7fa667c71f6cc247x000.xml: 3830 bytes
2018-12-06 17:21:28.428    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: aa31568b27a40d5c7fa667c71f6cc247x000.xml: 0 ms
2018-12-06 17:21:28.472    Update progress: [I19463] Syncing product IDE559 LATEST path=
2018-12-06 17:21:28.472    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: c41956a19b0424b2d896faa7dda3796fx000.xml: 23533 bytes
2018-12-06 17:21:28.472    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: c41956a19b0424b2d896faa7dda3796fx000.xml: 15 ms
2018-12-06 17:21:28.472    Update progress: [I19463] Product download size 3582582 bytes
2018-12-06 17:21:28.898    Update progress: [I19463] Syncing product IDE560 LATEST path=
2018-12-06 17:21:28.898    Update progress: [V52614] SU::LoggingAdvisor::start_file [metadata] Syncing: f430c089bf466bb070b959d79391e4c2x000.xml: 124 bytes
2018-12-06 17:21:28.898    Update progress: [V52615] SU::LoggingAdvisor::end_file [metadata] Success: f430c089bf466bb070b959d79391e4c2x000.xml: 281 ms
2018-12-06 17:21:28.914    Installing updates...
2018-12-06 17:21:29.344    Error level 1
2018-12-06 17:21:32.851    Update successful
2018-12-06 17:21:39.965    Option all = no
2018-12-06 17:21:39.965    Option recurse = yes
2018-12-06 17:21:39.965    Option archive = no
2018-12-06 17:21:39.965    Option service = yes
2018-12-06 17:21:39.965    Option confirm = yes
2018-12-06 17:21:39.965    Option sxl = yes
2018-12-06 17:21:39.965    Option max-data-age = 35
2018-12-06 17:21:39.965    Option vdl-logging = yes
2018-12-06 17:21:39.965    Customer ID:    094260ca9b3af99f9d4a3909fc47a743
2018-12-06 17:21:39.965    Machine ID:    739dddafac4a42129f960e3714ded64c
2018-12-06 17:21:39.965    Component SVRTcli.exe version 2.7.0
2018-12-06 17:21:39.965    Component control.dll version 2.7.0
2018-12-06 17:21:39.965    Component SVRTservice.exe version 2.7.0
2018-12-06 17:21:39.965    Component engine\osdp.dll version 1.44.1.2432
2018-12-06 17:21:39.965    Component engine\veex.dll version 3.74.1.2432
2018-12-06 17:21:39.965    Component engine\savi.dll version 9.0.12.2432
2018-12-06 17:21:39.965    Component rkdisk.dll version 1.5.33.1
2018-12-06 17:21:39.965    Version info:    Product version    2.7.0
2018-12-06 17:21:39.965    Version info:    Detection engine    3.74.1
2018-12-06 17:21:39.965    Version info:    Detection data    5.57
2018-12-06 17:21:39.965    Version info:    Build date    11/13/2018
2018-12-06 17:21:39.965    Version info:    Data files added    206
2018-12-06 17:21:39.965    Version info:    Last successful update    12/6/2018 9:21:32 PM

2018-12-06 18:13:31.696    Could not open C:\boot\BCD
2018-12-06 18:13:34.092    Could not open C:\hiberfil.sys
2018-12-06 18:19:49.618    Could not open C:\Program Files (x86)\Microsoft Office\root\client\AppvIsvStream32.dll
2018-12-06 18:19:49.620    Could not open C:\Program Files (x86)\Microsoft Office\root\client\AppvIsvStream64.dll
2018-12-06 18:19:50.608    Could not open C:\Program Files (x86)\Microsoft Office\root\Flattener\AppvIsvStream32.dll
2018-12-06 18:19:50.610    Could not open C:\Program Files (x86)\Microsoft Office\root\Flattener\AppvIsvStream64.dll
2018-12-06 18:19:51.141    Could not open C:\Program Files (x86)\Microsoft Office\root\Integration\AppvIsvStream32.dll
2018-12-06 18:19:51.142    Could not open C:\Program Files (x86)\Microsoft Office\root\Integration\AppvIsvStream64.dll
2018-12-06 18:19:54.966    Could not open C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\AppvIsvStream32.dll
2018-12-06 18:19:54.968    Could not open C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\AppvIsvStream64.dll
2018-12-06 18:20:25.943    Could not open C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvStream32.dll
2018-12-06 18:20:25.944    Could not open C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvStream64.dll
2018-12-06 18:20:27.275    Could not open C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\AppvIsvStream32.dll
2018-12-06 18:20:27.276    Could not open C:\Program Files (x86)\Microsoft Office\root\Office16\DCF\AppvIsvStream64.dll
2018-12-06 18:20:43.904    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AppvIsvStream64.dll
2018-12-06 18:20:43.906    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\AppvIsvSubsystems64.dll
2018-12-06 18:20:43.908    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\C2R64.dll
2018-12-06 18:20:45.170    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\DW\AppvIsvStream32.dll
2018-12-06 18:20:45.887    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\EQUATION\AppvIsvStream32.dll
2018-12-06 18:20:47.922    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\AppvIsvStream32.dll
2018-12-06 18:20:53.022    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Smart Tag\AppvIsvStream32.dll
2018-12-06 18:20:53.316    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Source Engine\AppvIsvStream32.dll
2018-12-06 18:20:58.227    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\AppvIsvStream64.dll
2018-12-06 18:20:58.584    Could not open C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Analysis Services\AS OLEDB\110\AppvIsvStream32.dll
2018-12-06 18:33:56.958    Could not open C:\swapfile.sys
2018-12-06 18:33:57.017    Could not open C:\System Volume Information\{1d74863b-f8ea-11e8-85a3-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-12-06 18:33:57.017    Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-12-06 18:33:57.017    Could not open C:\System Volume Information\{a7e7e141-f940-11e8-85a7-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-12-06 18:33:57.018    Could not open C:\System Volume Information\{a7e7e89c-f940-11e8-85a7-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-12-06 18:33:57.018    Could not open C:\System Volume Information\{d504a80a-f979-11e8-85a8-c04a00777726}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-12-06 18:33:57.019    Could not open C:\System Volume Information\{e3a87d64-f8f3-11e8-85a5-001a7dda7113}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-12-06 18:34:46.864    Could not open C:\Users\PC\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2018-12-06 18:34:46.865    Could not open C:\Users\PC\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe
2018-12-06 18:44:33.084    Could not open C:\Windows\System32\config\BBI
2018-12-06 18:44:33.128    Could not open C:\Windows\System32\config\RegBack\DEFAULT
2018-12-06 18:44:33.128    Could not open C:\Windows\System32\config\RegBack\SAM
2018-12-06 18:44:33.129    Could not open C:\Windows\System32\config\RegBack\SECURITY
2018-12-06 18:44:33.129    Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2018-12-06 18:44:33.130    Could not open C:\Windows\System32\config\RegBack\SYSTEM
2018-12-06 18:56:36.906    Could not open C:\Windows.old(1)\Program Files\WindowsApps\Microsoft.3DBuilder_10.9.6.0_x64__8wekyb3d8bbwe\Lib3mfUAP.dll
2018-12-06 18:56:36.912    Could not open C:\Windows.old(1)\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\clrcompression.dll
2018-12-06 18:56:36.912    Could not open C:\Windows.old(1)\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\mrt100.dll
2018-12-06 18:56:36.913    Could not open C:\Windows.old(1)\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\mrt100_app.dll
2018-12-06 18:56:36.919    Could not open C:\Windows.old(1)\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.0_1.0.22929.0_x86__8wekyb3d8bbwe\clrcompression.dll
2018-12-06 18:56:36.919    Could not open C:\Windows.old(1)\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.0_1.0.22929.0_x86__8wekyb3d8bbwe\mrt100.dll
2018-12-06 18:56:36.920    Could not open C:\Windows.old(1)\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.0_1.0.22929.0_x86__8wekyb3d8bbwe\mrt100_app.dll
2018-12-06 18:56:36.971    Could not open C:\Windows.old(1)\ProgramData\Microsoft\IdentityCRL\INT\ppcrlconfig600.dll
2018-12-06 18:56:36.976    Could not open C:\Windows.old(1)\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2018-12-06 18:58:55.091    >>> Virus 'Mal/VMProtBad-A' found in file F:\Program Files (x86)\Borderlands 2\Binaries\Win32\buddha.dll
2018-12-06 18:58:55.091    >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-12-06 18:58:55.091    >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-12-06 19:00:55.622    Could not open F:\Program Files (x86)\Microsoft Office\root\client\AppvIsvStream32.dll
2018-12-06 19:00:55.623    Could not open F:\Program Files (x86)\Microsoft Office\root\client\AppvIsvStream64.dll
2018-12-06 19:01:42.223    Could not open F:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvStream32.dll
2018-12-06 19:01:59.767    Could not open F:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\EQUATION\AppvIsvStream32.dll
2018-12-06 19:02:02.552    Could not open F:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\AppvIsvStream32.dll
2018-12-06 19:02:13.277    Could not open F:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\AppvIsvStream64.dll
2018-12-06 19:08:20.471    >>> Virus 'Mal/VMProtBad-A' found in file F:\Program Files (x86)\Wolfenstein - The Old Blood\steam_api64.dll
2018-12-06 19:08:20.471    >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-12-06 19:08:20.471    >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-12-06 19:09:00.132    Could not open F:\ProgramData\Oracle\Java\javapath\java.exe
2018-12-06 19:09:00.133    Could not open F:\ProgramData\Oracle\Java\javapath\javaw.exe
2018-12-06 19:09:00.134    Could not open F:\ProgramData\Oracle\Java\javapath\javaws.exe
2018-12-06 19:19:00.510    Could not open F:\Users\YouSeif\OneDrive\Elliot Aronson, Timothy D. Wilson, Robin M. Akert-Social Psychology-Pearson (2012).pdf
2018-12-06 19:19:00.526    Could not open F:\Users\YouSeif\OneDrive\Email attachments\Fundamentals Of Corporate Finance8th ed , Bt Ross.zip
2018-12-06 19:19:00.526    Could not open F:\Users\YouSeif\OneDrive\employment-issues-in-uae.pdf
2018-12-06 19:19:00.705    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch1.pdf
2018-12-06 19:19:00.707    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch10.pdf
2018-12-06 19:19:00.709    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch11.pdf
2018-12-06 19:19:00.711    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch12.pdf
2018-12-06 19:19:00.713    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch13.pdf
2018-12-06 19:19:00.715    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch14.pdf
2018-12-06 19:19:00.717    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch16.pdf
2018-12-06 19:19:00.719    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch17.pdf
2018-12-06 19:19:00.721    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch19.pdf
2018-12-06 19:19:00.723    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch2.pdf
2018-12-06 19:19:00.725    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch20.pdf
2018-12-06 19:19:00.727    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch21.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch22.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch23.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch24.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch25.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch26.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch3.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch4.pdf
2018-12-06 19:19:00.730    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch5.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch6.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch7-part_one.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch7-part_two.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch8.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch9.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch_15.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Fundamentals Of Corporate Finance8th ed , Bt Ross\ch_18.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Jonathan Crary 247 Late Capitalism and the End.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Kenneth W. Clarkson, Gaylord A. Jentz, Frank B. C.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Lee Odden Optimize How to Attract and Engage Mo.pdf
2018-12-06 19:19:00.745    Could not open F:\Users\YouSeif\OneDrive\Manuel Castells Networks of Outrage and Hope So.pdf
2018-12-06 19:19:00.761    Could not open F:\Users\YouSeif\OneDrive\Unconscious Branding.pdf
2018-12-06 19:25:55.179    The following items will be cleaned up:
2018-12-06 19:25:55.179    Mal/VMProtBad-A
2018-12-06 19:46:11.569    Threat 'Mal/VMProtBad-A' has been cleaned up.
2018-12-06 19:46:11.569    File "F:\Program Files (x86)\Borderlands 2\Binaries\Win32\buddha.dll" belongs to malware 'Mal/VMProtBad-A'.
2018-12-06 19:46:11.569    File "F:\Program Files (x86)\Borderlands 2\Binaries\Win32\buddha.dll" has been cleaned up.
2018-12-06 19:46:11.569    File "F:\Program Files (x86)\Wolfenstein - The Old Blood\steam_api64.dll" belongs to malware 'Mal/VMProtBad-A'.
2018-12-06 19:46:11.569    File "F:\Program Files (x86)\Wolfenstein - The Old Blood\steam_api64.dll" has been cleaned up.
2018-12-06 19:46:11.569    Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" belongs to malware 'Mal/VMProtBad-A'.
2018-12-06 19:46:11.569    Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" has been cleaned up.
2018-12-06 19:46:11.569    Removal successful
2018-12-06 19:46:12.105    Error level 0
 

 

Please note that some of the files that were not able to be removed by FRST we're removed manually which is why I am attaching a new FRST Scan Log below.

FRST Scan Log: 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by PC (administrator) on SHELBY (06-12-2018 23:58:10)
Running from C:\Users\PC\Desktop\FRST
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Pro Version 1803 17134.407 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Electronic Arts) F:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Locktime Software) C:\Program Files (x86)\NetLimiter 4\NLSvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Thalonet, Inc. (dba Haste)) C:\Program Files\Haste\Haste Esports Accelerator\UserEdgeService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Beepa P/L) F:\Program Files (x86)\Fraps\fraps.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\Monitor.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\RealTimeProtector.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Beepa P/L) F:\Program Files (x86)\Fraps\fraps64.dat
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe
() C:\Program Files (x86)\PS4 Controller\DS4Windows.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\PPUninstaller.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\Pub\PubMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => F:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2018-09-07] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-07] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5608208 2018-10-23] (IObit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7088408 2015-01-22] (Piriform Ltd)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [NetLimiter] => C:\Program Files (x86)\NetLimiter 4\nlclientapp.exe [52656 2015-10-10] (Locktime Software)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe [3703568 2018-08-15] (IObit)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [149504 2018-04-12] (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2015-12-01]
ShortcutTarget: DS4Windows.lnk -> C:\Program Files (x86)\PS4 Controller\DS4Windows.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{554704bb-761d-459e-9f6a-a3600d29fdbd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fbcfbc8f-310f-4428-bbf8-f8ace88c2de0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-11-30] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2018-09-07] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-20] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2018-09-07] (Logitech, Inc.)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2018-03-20] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-20] (Oracle Corporation)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2018-04-17] (IObit)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-09-27] [not signed]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-08-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1745146063-4005962234-3562053907-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://blank/","hxxp://google.com/","hxxps://www.google.com/","hxxp://www.google.com"
CHR NewTab: Default ->  Active:"chrome-extension://ddjdamcnphfdljlojajeoiogkanilahc/pages/newtab.html"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2018-12-06]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-06-09]
CHR Extension: (BetterTTV) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (The New Tab - Customize Your Start Page) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjdamcnphfdljlojajeoiogkanilahc [2018-11-30]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2018-12-06]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-04]
CHR Extension: (Battleship) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjgmfhnanfbghmpcbdfgpigcgdbaggfm [2016-05-13]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (PDF Viewer) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2018-07-09]
CHR Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofgbpoabipfcfjapgnbbjjaenockbdp [2018-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-27]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-06]
CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-20]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-20]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-20]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-20]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-20]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-20]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService11; C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCService.exe [1066256 2018-03-28] (IObit)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ASCAntivirusSrv; C:\Program Files (x86)\Advanced SystemCare Ultimate\ascavsvc.exe [1990928 2018-01-18] (IObit)
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-11-20] (Microsoft Corporation)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [277056 2016-08-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6514752 2016-08-28] (GOG.com)
R2 HasteUEService; C:\Program Files\Haste\Haste Esports Accelerator\UserEdgeService.exe [1516328 2017-05-04] (Thalonet, Inc. (dba Haste))
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2355472 2018-10-19] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc.)
S2 MBAMService; F:\Program Files (x86)\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 nlsvc; C:\Program Files (x86)\NetLimiter 4\NLSvc.exe [322480 2015-10-10] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-10-25] (Electronic Arts)
R2 Origin Web Helper Service; F:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-10-25] (Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [435328 2017-10-10] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [916096 2017-10-17] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-12-04] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-07-15] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4321160 2018-07-19] (Qualcomm Atheros Communications, Inc.)
R3 cpuz138; C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [28392 2018-12-06] (CPUID) <==== ATTENTION
R3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2018-12-06] (CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-18] (ELAN Microelectronic Corp.)
R2 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [183576 2016-10-27] (BitDefender LLC)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-11-01] (Hewlett-Packard.) [File not signed]
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.) [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-16] (REALiX(tm))
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44032 2018-03-20] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39232 2018-08-14] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40384 2018-03-20] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34048 2018-03-20] (IObit.com)
R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [41920 2018-08-12] (IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [51256 2018-08-27] (IObit.com)
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
S3 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 iobit_monitor_server; C:\Program Files (x86)\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc.)
S3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Apple Inc.) [File not signed]
R2 nldrv; C:\Program Files (x86)\NetLimiter 4\nldrv.sys [120720 2015-10-10] (Locktime Software)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9db4450b8107f59a\nvlddmkm.sys [20420352 2018-12-01] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-29] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52728 2018-03-20] (IObit.com)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [43256 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137208 2017-07-16] (Razer, Inc.)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (BitDefender S.R.L.)
U5 UnlockerDriver5; F:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBus; C:\WINDOWS\System32\drivers\NkVBus.sys [26400 2007-09-05] (Nikon Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-12-04] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-12-04] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-12-04] (Microsoft Corporation)
R4 WinDivert1.2; C:\Program Files\Haste\Haste Esports Accelerator\WinDivert64.sys [37672 2016-10-05] (Basil)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 23:56 - 2018-12-06 21:10 - 000016269 _____ C:\Users\PC\Downloads\Fixlog.txt
2018-12-06 23:15 - 2018-12-01 08:01 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-06 23:15 - 2018-12-01 08:01 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-06 21:24 - 2018-12-06 21:24 - 000000424 _____ C:\Users\PC\Desktop\Computer.lnk
2018-12-06 21:21 - 2018-12-06 21:21 - 000000000 ____D C:\ProgramData\Sophos
2018-12-06 21:20 - 2018-12-06 21:20 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-12-06 21:20 - 2018-12-06 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-12-06 21:20 - 2018-12-06 21:20 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-12-06 21:16 - 2018-12-06 21:19 - 214045168 _____ (Sophos Limited) C:\Users\PC\Downloads\Sophos Virus Removal Tool.exe
2018-12-06 21:12 - 2016-11-02 19:11 - 000520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2018-12-06 21:10 - 2018-12-06 21:10 - 000003214 _____ C:\WINDOWS\System32\Tasks\FRAPS
2018-12-06 21:10 - 2018-12-06 21:10 - 000003010 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe
2018-12-06 21:08 - 2018-12-06 21:03 - 000004353 _____ C:\Users\PC\Desktop\fixlist IMP.txt
2018-12-06 15:36 - 2018-12-06 15:36 - 000010393 _____ C:\Users\PC\Downloads\657463004_MalwareBytesScanlog.txt
2018-12-06 15:03 - 2018-12-06 15:03 - 000003158 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2018-12-06 15:02 - 2018-11-29 20:11 - 005338608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 002620624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-12-06 15:02 - 2018-11-28 03:28 - 008453862 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-12-06 15:02 - 2018-11-14 16:00 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-12-06 15:01 - 2018-12-06 15:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-12-06 15:00 - 2018-12-01 08:59 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000552416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000456832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-12-06 15:00 - 2018-12-01 08:59 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-06 15:00 - 2018-12-01 08:59 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-06 15:00 - 2018-12-01 08:59 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-06 15:00 - 2018-12-01 08:56 - 002018080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441722.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 002003856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001511880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001468032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441722.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001461016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001126688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 000631688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 040260352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 035156424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 015909720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 013204104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 004946016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 004316440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 000750472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 000608864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 019714064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 016989840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 004999872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 004258384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001471616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001462216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001167600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001152176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001145736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000914592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000822768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000794824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000637672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-12-06 15:00 - 2018-11-29 21:52 - 001682896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-12-06 15:00 - 2018-11-29 21:52 - 000227896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-12-06 15:00 - 2018-11-29 21:52 - 000074576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-12-06 15:00 - 2018-11-29 21:52 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb
2018-12-06 15:00 - 2018-11-29 21:52 - 000047384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-12-06 14:50 - 2018-12-06 14:50 - 000002684 _____ C:\Users\PC\Desktop\ADWCleaner Scan Log.txt
2018-12-06 14:42 - 2018-12-06 14:42 - 000010393 _____ C:\Users\PC\Desktop\MalwareBytes Scan log.txt
2018-12-06 14:23 - 2016-10-27 13:54 - 000183576 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2018-12-06 14:03 - 2018-12-06 14:03 - 000002238 _____ C:\Users\PC\Desktop\Advanced SystemCare Ultimate 11.lnk
2018-12-06 13:41 - 2018-12-06 13:41 - 000003112 _____ C:\WINDOWS\System32\Tasks\ASCU_ASCTray_Auto
2018-12-06 13:41 - 2018-12-06 13:41 - 000003092 _____ C:\WINDOWS\System32\Tasks\ASCU11_PerformanceMonitor
2018-12-06 13:41 - 2018-12-06 13:41 - 000002876 _____ C:\WINDOWS\System32\Tasks\ASCU11_SkipUac_PC
2018-12-06 13:41 - 2018-12-06 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2018-12-06 13:40 - 2018-12-06 21:11 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Ultimate
2018-12-06 13:40 - 2018-12-06 13:40 - 096657856 _____ (IObit ) C:\Users\PC\Downloads\asc-ultimate-setup11.2.0.84.exe
2018-12-06 13:38 - 2018-12-06 14:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-06 13:38 - 2018-12-06 13:38 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\131C0D2C.sys
2018-12-06 13:37 - 2018-12-06 13:37 - 014178840 _____ (Malwarebytes Corp.) C:\Users\PC\Downloads\mbar-1.10.3.1001.exe
2018-12-06 04:46 - 2018-12-06 04:46 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-SHELBY-Windows-10-Pro-(64-bit).dat
2018-12-06 04:46 - 2018-12-06 04:46 - 000000000 ____D C:\RegBackup
2018-12-06 04:44 - 2018-12-06 04:45 - 000000000 ____D C:\Users\PC\Desktop\Windows Repair Tool
2018-12-06 04:44 - 2018-12-06 04:44 - 037626408 _____ C:\Users\PC\Downloads\tweaking.com_windows_repair_aio.zip
2018-12-06 04:09 - 2018-12-06 04:09 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:09 - 2018-12-06 04:09 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:09 - 2018-12-06 04:09 - 000000940 _____ C:\Users\PC\Downloads\fixlist.txt
2018-12-06 04:09 - 2018-11-16 15:55 - 002864496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-12-06 04:08 - 2018-12-06 04:08 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-10-01 22:47 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-12-06 03:14 - 2018-12-06 03:14 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_399
2018-12-06 02:32 - 2018-12-06 02:41 - 000280336 _____ C:\WINDOWS\ntbtlog.txt
2018-12-06 02:32 - 2018-12-06 02:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-06 02:21 - 2018-12-06 02:21 - 000448512 _____ (OldTimer Tools) C:\Users\PC\Desktop\TempFilecleaner.exe
2018-12-06 02:10 - 2018-12-06 15:17 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-06 01:59 - 2018-12-06 14:06 - 000000952 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-12-06 01:59 - 2018-12-06 02:41 - 000000000 ____D C:\ProgramData\RogueKiller
2018-12-06 01:59 - 2018-12-06 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-12-06 01:59 - 2018-12-06 01:59 - 000000000 ____D C:\Program Files\RogueKiller
2018-12-06 01:57 - 2018-12-06 01:57 - 029094792 _____ (Adlice Software ) C:\Users\PC\Downloads\RogueKiller_setup.exe
2018-12-06 01:51 - 2018-12-06 01:53 - 000000000 ____D C:\AdwCleaner
2018-12-06 01:51 - 2018-12-06 01:51 - 007321808 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.5.0.exe
2018-12-06 01:47 - 2018-12-06 23:56 - 000000000 ____D C:\Users\PC\Desktop\FRST
2018-12-06 01:45 - 2018-12-06 23:58 - 000000000 ____D C:\FRST
2018-12-06 01:34 - 2018-12-06 01:34 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2018-12-06 01:14 - 2018-12-06 13:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-06 01:14 - 2018-12-06 02:05 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-06 01:14 - 2018-12-06 01:14 - 000000895 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-06 01:14 - 2018-12-06 01:14 - 000000000 ____D C:\Users\PC\AppData\Local\mbamtray
2018-12-06 01:14 - 2018-12-06 01:14 - 000000000 ____D C:\Users\PC\AppData\Local\mbam
2018-12-06 01:14 - 2018-12-06 01:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-06 00:42 - 2018-12-06 00:42 - 009379840 _____ C:\Users\PC\NTUSER.rhk
2018-12-06 00:39 - 2018-12-06 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Wise Registry Cleaner
2018-12-06 00:39 - 2018-12-06 00:39 - 000000898 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2018-12-06 00:39 - 2018-12-06 00:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2018-12-06 00:39 - 2018-12-06 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2018-12-06 00:35 - 2018-12-06 00:35 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2018-12-06 00:27 - 2018-12-06 00:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-12-06 00:27 - 2018-12-06 00:27 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-06 00:26 - 2018-12-06 00:45 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-06 00:26 - 2018-12-06 00:28 - 000000805 _____ C:\Users\PC\Desktop\CCleaner.lnk
2018-12-06 00:18 - 2018-12-06 00:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\GlarySoft
2018-12-05 21:18 - 2018-12-05 21:18 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-12-05 01:53 - 2018-12-05 02:04 - 000000000 ____D C:\Users\PC\Heaven
2018-12-05 01:21 - 2018-12-05 01:25 - 000000000 ____D C:\ProgramData\HitmanPro
2018-12-04 18:13 - 2018-12-06 21:10 - 112984064 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-12-04 18:13 - 2018-12-06 21:10 - 003043328 _____ C:\WINDOWS\system32\config\DEFAULT
2018-12-04 18:13 - 2018-12-06 21:10 - 000139264 _____ C:\WINDOWS\system32\config\SAM
2018-12-04 18:13 - 2018-12-06 21:10 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY
2018-12-04 18:13 - 2018-12-04 18:13 - 000000000 ____H C:\asc_rdflag
2018-12-04 17:50 - 2018-12-04 18:13 - 000000000 ____D C:\ProgramData\zVmiMcGqez
2018-12-03 22:30 - 2018-12-03 22:30 - 000002735 _____ C:\Users\PC\Unigine_Valley_Benchmark_1.0_20181203_2229.html
2018-12-03 22:22 - 2018-12-05 22:29 - 002128896 _____ C:\Users\PC\AppData\Local\file__0.localstorage
2018-12-03 22:22 - 2018-12-04 13:31 - 000000000 ____D C:\Users\PC\Valley
2018-12-03 19:28 - 2018-12-03 19:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\IO Interactive
2018-11-30 12:08 - 2018-11-30 12:08 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-11-16 18:19 - 2018-11-16 18:19 - 000000000 ____D C:\Program Files\rempl
2018-11-16 16:57 - 2018-12-04 17:59 - 000000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2018-11-14 23:03 - 2018-11-16 15:55 - 002264432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 001322864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-11-14 23:03 - 2018-11-14 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-11-14 23:03 - 2018-10-04 16:33 - 000203760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-11-14 23:03 - 2018-10-04 16:33 - 000179696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-11-14 22:58 - 2018-11-01 08:47 - 000407244 __RSH C:\bootmgr
2018-11-14 22:58 - 2018-04-12 03:34 - 000000001 ___SH C:\BOOTNXT
2018-11-14 16:36 - 2018-11-01 15:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 16:36 - 2018-11-01 15:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 16:36 - 2018-11-01 15:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 16:36 - 2018-11-01 15:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 16:36 - 2018-11-01 15:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 16:36 - 2018-11-01 15:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 16:36 - 2018-11-01 15:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 16:36 - 2018-11-01 15:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 16:36 - 2018-11-01 15:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 16:36 - 2018-11-01 15:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 16:36 - 2018-11-01 15:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 16:36 - 2018-11-01 15:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 16:36 - 2018-11-01 15:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 16:36 - 2018-11-01 15:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 16:36 - 2018-11-01 15:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 16:36 - 2018-11-01 15:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 16:36 - 2018-11-01 15:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 16:36 - 2018-11-01 15:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 16:36 - 2018-11-01 14:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 16:36 - 2018-11-01 13:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 16:36 - 2018-11-01 13:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 16:36 - 2018-11-01 13:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 16:36 - 2018-11-01 13:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 16:36 - 2018-11-01 13:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 16:36 - 2018-11-01 13:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 16:36 - 2018-11-01 13:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 16:36 - 2018-11-01 11:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 16:36 - 2018-11-01 11:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 16:36 - 2018-11-01 11:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 16:36 - 2018-11-01 11:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 16:36 - 2018-11-01 11:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 16:36 - 2018-11-01 11:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 16:36 - 2018-11-01 11:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 16:36 - 2018-11-01 11:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 16:36 - 2018-11-01 11:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 16:36 - 2018-11-01 11:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 16:36 - 2018-11-01 11:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 16:36 - 2018-11-01 11:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 16:36 - 2018-11-01 11:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 16:36 - 2018-11-01 11:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 16:36 - 2018-11-01 11:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 16:36 - 2018-11-01 11:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 16:36 - 2018-11-01 10:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 16:36 - 2018-11-01 10:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 16:36 - 2018-11-01 09:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 16:36 - 2018-11-01 09:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 16:36 - 2018-11-01 08:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 16:36 - 2018-11-01 08:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 16:36 - 2018-11-01 08:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 16:36 - 2018-11-01 08:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 16:36 - 2018-11-01 08:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 16:36 - 2018-11-01 08:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 16:36 - 2018-11-01 08:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 16:36 - 2018-11-01 08:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 16:36 - 2018-11-01 08:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 16:36 - 2018-11-01 08:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 16:36 - 2018-11-01 08:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-14 16:36 - 2018-10-21 17:04 - 002267448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-14 16:36 - 2018-10-21 17:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-14 16:36 - 2018-10-21 16:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-14 16:36 - 2018-10-21 16:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-14 16:36 - 2018-10-21 16:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-14 16:36 - 2018-10-21 16:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-14 16:36 - 2018-10-21 16:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-14 16:36 - 2018-10-21 16:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-14 16:36 - 2018-10-21 16:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-14 16:36 - 2018-10-21 16:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-14 16:36 - 2018-10-21 15:41 - 001540408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-11-14 16:36 - 2018-10-21 15:41 - 000023056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-14 16:36 - 2018-10-21 15:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-14 16:36 - 2018-10-21 15:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-14 16:36 - 2018-10-21 15:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-14 16:36 - 2018-10-21 15:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-14 16:36 - 2018-10-21 15:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-14 16:36 - 2018-10-21 15:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-14 16:36 - 2018-10-21 15:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-14 16:36 - 2018-10-21 15:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-14 16:36 - 2018-10-21 15:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-14 16:36 - 2018-10-21 13:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:36 - 2018-10-21 12:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:36 - 2018-10-21 11:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-14 16:36 - 2018-10-21 11:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-14 16:36 - 2018-10-21 11:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-14 16:36 - 2018-10-21 11:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-14 16:36 - 2018-10-21 11:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-14 16:36 - 2018-10-21 11:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-14 16:36 - 2018-10-21 11:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-14 16:36 - 2018-10-21 11:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-14 16:36 - 2018-10-21 11:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2018-11-14 16:36 - 2018-10-21 11:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-14 16:36 - 2018-10-21 11:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-14 16:36 - 2018-10-21 11:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-14 16:36 - 2018-10-21 11:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-11-14 16:36 - 2018-10-21 11:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-14 16:36 - 2018-10-21 11:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-14 16:36 - 2018-10-21 11:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-14 16:36 - 2018-10-21 11:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-14 16:36 - 2018-10-21 11:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-14 16:36 - 2018-10-21 11:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-14 16:36 - 2018-10-21 11:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-14 16:36 - 2018-10-21 10:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-14 16:36 - 2018-10-21 10:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-14 16:36 - 2018-10-21 09:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-14 16:36 - 2018-10-21 09:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-14 02:17 - 2018-11-14 02:17 - 000039504 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2018-11-14 02:07 - 2018-11-14 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2018-11-12 21:44 - 2018-11-15 17:36 - 000002339 _____ C:\Users\PC\Desktop\Deezer.lnk
2018-11-12 21:44 - 2018-11-15 17:36 - 000000000 ____D C:\Users\PC\AppData\Roaming\Deezer
2018-11-12 21:44 - 2018-11-12 21:44 - 000002347 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezer.lnk
2018-11-12 18:46 - 2018-11-12 18:46 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2018-11-12 18:14 - 2018-11-12 18:14 - 000000000 ____D C:\Program Files\Bonjour
2018-11-12 18:14 - 2018-11-12 18:14 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-11-11 21:57 - 2018-11-11 21:57 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1745146063-4005962234-3562053907-1001
2018-11-11 21:57 - 2018-11-11 21:57 - 000002361 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-06 23:43 - 2018-05-16 21:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-06 23:15 - 2018-04-12 03:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-06 21:25 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-06 21:25 - 2018-04-12 03:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-06 21:21 - 2015-07-16 16:57 - 000000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2018-12-06 21:14 - 2018-05-16 21:41 - 000428644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-06 21:14 - 2018-04-12 03:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-06 21:12 - 2018-03-21 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-06 21:11 - 2015-07-21 07:58 - 000000000 ____D C:\Users\PC\Documents\Assassin's Creed Unity
2018-12-06 21:10 - 2018-05-16 21:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-06 21:10 - 2018-04-12 01:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-12-06 21:10 - 2016-10-13 23:57 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-12-06 15:17 - 2018-05-18 21:33 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2018-12-06 15:02 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\Help
2018-12-06 15:02 - 2018-03-21 18:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-06 15:01 - 2018-03-21 18:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-06 15:01 - 2018-03-21 18:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-06 15:00 - 2018-03-25 16:06 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2018-12-06 05:11 - 2018-05-16 21:36 - 000269920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-06 05:11 - 2015-07-15 20:25 - 000000000 ____D C:\WINDOWS\CSC
2018-12-06 04:07 - 2016-01-28 21:12 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2018-12-06 04:01 - 2013-08-22 19:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-12-06 03:50 - 2015-07-16 21:37 - 000000000 ____D C:\Users\PC\Downloads\Applications
2018-12-06 03:14 - 2015-08-20 00:01 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Temp
2018-12-06 02:56 - 2018-04-12 01:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-06 02:31 - 2018-05-16 21:37 - 000000000 ____D C:\Users\PC
2018-12-06 02:11 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-06 02:00 - 2016-12-03 12:30 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2018-12-06 01:34 - 2015-07-16 17:41 - 000000000 ____D C:\ProgramData\ProductData
2018-12-06 00:36 - 2018-02-17 08:58 - 000000000 ____D C:\Users\PC\Downloads\GTA V Mods
2018-12-06 00:27 - 2018-04-12 03:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-05 23:06 - 2018-04-01 14:10 - 000000000 ____D C:\ProgramData\CLink4
2018-12-05 22:21 - 2015-07-16 17:43 - 000000000 ___RD C:\Users\PC\Desktop\OverClockin'
2018-12-05 21:22 - 2015-07-16 21:38 - 000000000 ____D C:\Users\PC\Downloads\Overclocking
2018-12-05 20:53 - 2018-04-12 03:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-05 20:50 - 2018-05-16 21:41 - 000004576 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-05 20:49 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-05 20:49 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-04 18:13 - 2018-08-02 17:40 - 112558080 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 005513216 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 003043328 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 000069632 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2018-12-04 17:56 - 2018-04-06 13:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-04 17:46 - 2015-07-16 18:15 - 000592416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-04 17:45 - 2017-11-19 01:48 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2018-12-03 19:27 - 2018-03-25 17:24 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2018-12-03 17:18 - 2015-07-16 18:32 - 000000000 ___RD C:\Users\PC\Desktop\Games
2018-12-02 16:08 - 2015-07-16 22:42 - 000000000 ____D C:\ProgramData\Origin
2018-12-02 13:22 - 2015-07-16 17:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2018-12-02 13:21 - 2017-03-15 12:41 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-12-01 14:17 - 2017-05-15 10:05 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-12-01 14:17 - 2016-07-29 23:58 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2018-11-30 12:07 - 2015-12-18 17:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-17 10:32 - 2015-07-16 21:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2018-11-16 08:41 - 2015-07-19 13:44 - 000000000 ____D C:\Program Files\Rockstar Games
2018-11-16 08:41 - 2015-07-19 13:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-11-15 23:28 - 2018-03-25 16:04 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-11-14 22:58 - 2018-10-12 14:31 - 078589952 _____ C:\WINDOWS\system32\config\COMPONENTS.iodefrag.bak
2018-11-14 22:58 - 2015-08-18 23:30 - 000000000 ___RD C:\Users\PC\3D Objects
2018-11-14 22:58 - 2015-08-05 22:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 16:41 - 2015-07-16 23:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 16:40 - 2015-07-16 23:32 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 02:15 - 2018-08-02 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
2018-11-14 02:15 - 2018-08-02 03:44 - 000002912 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (PC)
2018-11-14 02:07 - 2015-07-16 17:41 - 000000000 ____D C:\ProgramData\IObit
2018-11-14 01:43 - 2015-07-17 15:40 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2018-11-12 18:46 - 2015-12-19 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-11-11 21:57 - 2015-07-16 17:26 - 000000000 ___RD C:\Users\PC\OneDrive
2018-11-10 16:28 - 2015-07-20 22:25 - 000000000 ____D C:\Users\PC\Documents\The Witcher 3
2018-11-08 14:34 - 2016-08-31 11:56 - 000000000 ____D C:\Users\PC\Documents\Overwatch

==================== Files in the root of some directories =======

2016-08-28 12:38 - 2016-08-28 12:38 - 130403753 _____ () C:\Users\PC\Razer Synapse Tournament Drivers 20160828_1202.exe
2015-07-16 22:55 - 2015-07-16 22:55 - 006420480 _____ () C:\Program Files (x86)\GUT84CB.tmp
2018-02-16 10:54 - 2018-02-16 10:54 - 000000000 _____ () C:\Users\PC\AppData\Roaming\User Loops
2018-12-03 22:22 - 2018-12-05 22:29 - 002128896 _____ () C:\Users\PC\AppData\Local\file__0.localstorage
2018-09-28 22:12 - 2018-09-28 22:12 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
2015-10-19 05:35 - 2015-10-19 05:35 - 000000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg
2015-11-18 15:53 - 2015-11-18 15:53 - 000000000 _____ () C:\Users\PC\AppData\Local\{25481B64-D937-4BC8-B287-02EA2C4949D9}

Some files in TEMP:
====================
2018-12-06 21:10 - 2018-12-06 21:10 - 001639936 _____ (CPUID) C:\Users\PC\AppData\Local\Temp\speccycpuid.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-16 21:36

==================== End of FRST.txt ============================

FRST Addition Scan Log: 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by PC (06-12-2018 23:58:48)
Running from C:\Users\PC\Desktop\FRST
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-16 17:42:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1745146063-4005962234-3562053907-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1745146063-4005962234-3562053907-503 - Limited - Disabled)
Guest (S-1-5-21-1745146063-4005962234-3562053907-501 - Limited - Disabled)
PC (S-1-5-21-1745146063-4005962234-3562053907-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-1745146063-4005962234-3562053907-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Enabled - Up to date) {B0E01426-BAA5-1238-3149-39CD9D517112}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"BioShock Infinite" (HKLM-x32\...\{D081C29C-1DDC-4C55-BCBF-DF8519636331}_is1) (Version: 1.1.25.5165 - )
µTorrent (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 11 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 11.2.0 - IObit)
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version:  - )
APP Shop v1.0.20 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.20 - ASRock Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assassin’s Creed Syndicate version 1.0.0 (HKLM-x32\...\Assassin’s Creed Syndicate_is1) (Version: 1.0.0 - Ubisoft)
Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC (HKLM-x32\...\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1~0EF22208_is1) (Version: Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC - RiP by Fenixx (22.12.2013))
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
A-Tuning v2.0.271 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.271 - ASRock Inc.)
Batman Arkham Origins, версия Complete Edition (HKLM-x32\...\Batman Arkham Origins_is1) (Version: Complete Edition - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.2.0.6 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 Repack (HKLM-x32\...\Borderlands 2_is1) (Version: 1.8.0 - 2K Games, Repack by Joker_RETURNS)
Borderlands The Pre-Sequel version 1.0 (HKLM-x32\...\Borderlands The Pre-Sequel_is1) (Version: 1.0 - GMT-MAX.ORG)
Call of Duty Advanced Warfare Update 2 (HKLM-x32\...\Q2FsbG9mRHV0eUFkdmFuY2VkV2FyZmFyZQ==_is1) (Version: 1 - )
Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - )
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Deezer 0.17.5 (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 0.17.5 - Deezer)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.22 - NVIDIA Corporation) Hidden
DMC Devi May Cry (c) Capcom version 1 (HKLM-x32\...\DMC Devi May Cry (c) Capcom_is1) (Version: 1 - )
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.0.2 - IObit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 Blood Dragon (HKLM-x32\...\Far Cry 3 Blood Dragon_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition (HKLM-x32\...\Far Cry 4 - Gold Edition_is1) (Version: Far Cry 4 - Gold Edition - )
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Haste Esports Accelerator (HKLM\...\{0CE25888-B1A7-425C-8782-EE25F5D03430}) (Version: 0.99.2300 - Haste)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HitFilm 4 Express (HKLM\...\{F8BB3662-69A1-4EF1-8674-ADD90AAD3D08}) (Version: 4.0.5723.10801 - FXHOME)
iBackup Viewer 3.23.1 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
Intel(R) Chipset Device Software (HKLM-x32\...\{da2de8c3-61b9-4b3b-916d-6b2fb2b1a90c}) (Version: 10.0.21 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\{DB179A5E-BDE5-4565-AE14-AA10C64C0572}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.114 - Logitech)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Max Payne 3 (HKLM-x32\...\Max Payne 3_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle-earth Shadow of War v.1.0 (HKLM-x32\...\Middle-earth Shadow of War_is1) (Version:  - )
MiniTool Partition Wizard Professional Edition 8.1.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version:  - MiniTool Solution Ltd.)
NetLimiter 4 (HKLM\...\{A92DB91D-4B0D-4B77-A961-CC446220345B}) (Version: 4.0.15.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.15.0) (Version: 4.0.15.0 - Locktime Software)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Graphics Driver 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.22 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 2016  KMS Activator Ultimate v1.2 Final (HKLM\...\Office 2016  KMS Activator Ultimate v1.2 Final_is1) (Version: v1.2 Final - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\OpenIV) (Version: 2.9.1.926 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Project CARS (HKLM-x32\...\Project CARS_is1) (Version: 1.0.1.1 - Релиз от R.G. Steamgames)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAPID Mode (HKLM\...\{34EF1328-6F71-4077-99AA-E44690F42043}) (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.7.5 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RogueKiller version 13.0.15.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.15.0 - Adlice Software)
Ryse - Son of Rome (HKLM-x32\...\Ryse - Son of Rome_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.22.0.0 - GOG.com)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\{41D34B39-34A5-4FBC-94E6-810615A25781}_is1) (Version:  - )
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.02 - Ubisoft)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Registry Cleaner 10.1.3 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.3 - WiseCleaner.com, Inc.)
Wolfenstein - The Old Blood (HKLM-x32\...\Wolfenstein - The Old Blood_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [                    IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2008-07-07] (PowerISO Computing, Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Program Files (x86)\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-11-29] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => F:\Program Files (x86)\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {094E40CA-9FA0-4B4C-9429-5F4A7C130A32} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-30] (Microsoft Corporation)
Task: {107F6077-7941-499B-9897-F015F5F6C59F} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {1572ABED-8747-40C5-93B0-E6493FAD9C29} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {1A6C9138-9C9D-49BD-9A8F-09D1F171636F} - System32\Tasks\Driver Booster SkipUAC (PC) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe [2018-09-25] (IObit)
Task: {1BCD583E-0417-4CA5-B675-64F8A549DD8F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-30] (Microsoft Corporation)
Task: {24674E1A-7257-4773-B206-FB4CCBCABEF0} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {24C96D9F-2113-47D3-8E81-0CACDFCAE53E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-30] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {355DD47D-2CAF-48FD-AF89-C316FB79C7DD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {36986958-1771-46DB-B0B6-929D81ECF1D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {37026F39-AAD4-4E94-A280-2B654870A26A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-30] (Microsoft Corporation)
Task: {3B927973-A40C-45BE-8B1B-C8D7E6608981} - System32\Tasks\ASCU11_PerformanceMonitor => C:\Program Files (x86)\Advanced SystemCare Ultimate\Monitor.exe [2018-03-28] (IObit)
Task: {43F1C8C5-31A1-46D0-A4A1-9C4F97751712} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {452B0ADE-9B6B-4E70-8431-20ECA32D033C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {45C89C0E-0C57-40BE-B33E-EA9098B63816} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {5A8B83AC-230D-44C7-9E1C-190964FF002D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {5B4443C3-1DF8-4E6A-8C57-8F70D57C6E62} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {681FFCEC-59AE-48AC-B984-E7267C980B82} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {7BBAAB8B-F70A-4BF6-B77F-EA61D51890A7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {879DA368-9E0A-4AAC-B94F-59B55DBC6F2B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {8EFE5D52-8858-4071-827D-1B3306BB3A9A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9CBA99EE-778B-410E-9539-A179262BD785} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-30] (Microsoft Corporation)
Task: {9E3A1A93-A752-432B-8656-7157EFAB553C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {A3FB2426-67F9-4444-9F9B-B21E9369802F} - System32\Tasks\SamsungMagician => F:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {B26DD016-3EA7-45D4-93B3-DEB505193BA9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B3272292-37DC-4E67-A82B-8C96B67F364A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {B8213C22-4FBF-4DA2-9C40-8BF38CADAAB2} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-seif_mohd@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BDBF8FA3-279B-42E8-B7BF-C35A43C7A164} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\Scheduler.exe [2018-09-20] (IObit)
Task: {C39135AD-7BCA-46BD-847B-D4A6D47FDA8C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {C3F4073B-D2E3-41D2-926D-77288D816DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-30] (Microsoft Corporation)
Task: {C68BAC8D-9DD8-4E5E-AC6D-86D5DB803CF3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {C899A2DD-EC8F-4952-B755-400E9AFA1AD5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-seif_mohd@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {CFF925E7-F747-4A69-9AE3-7DAD19080F6E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-12-06] (AVAST Software)
Task: {D244A761-889C-46A7-8008-FAF201CBD8D0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {D38BFE08-E612-448D-BF4A-894613BA52A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {D8EDF002-8D41-4AAF-94B9-029D1D1BFF1A} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {D930690D-0BF2-4EED-8E4F-A2F31C40602A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DA83BC84-2930-41BE-B7C6-3CB8EA2CA518} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {DCEED95F-FA38-4057-8A04-02DD829C4927} - System32\Tasks\WiseCleaner\WRCSkipUAC => F:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2018-11-27] (WiseCleaner.com)
Task: {DCFF51E4-75E2-4CE7-A9CC-BDE5F3EAAA6D} - System32\Tasks\PS4 Controller => C:\Program Files (x86)\PS4 Controller\DS4Windows.exe [2015-12-18] ()
Task: {E34342F2-B941-4B1E-B86C-B25A3FEB45D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E753B0C1-564D-47CC-9981-0C650254366C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {F9386A57-B72F-411A-B105-7D06BF68E139} - System32\Tasks\FRAPS => F:\Program Files (x86)\Fraps\fraps.exe [2013-02-26] (Beepa P/L) <==== ATTENTION
Task: {FD9F43B3-DE0A-40E9-992B-424C16853689} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 03:34 - 2018-04-12 03:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 000444416 _____ () c:\windows\system32\SSDM.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-25 23:11 - 2014-07-31 16:17 - 000463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2017-07-20 02:09 - 2017-07-20 02:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-05-04 15:27 - 2017-05-04 15:27 - 000061440 _____ () C:\Program Files\Haste\Haste Esports Accelerator\WinDivert.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000154424 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-04 17:27 - 2018-10-04 17:27 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 010885632 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 002850816 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-14 16:36 - 2018-11-01 10:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-31 18:54 - 2015-12-18 23:07 - 003214848 _____ () C:\Program Files (x86)\PS4 Controller\DS4Windows.exe
2018-10-17 14:03 - 2018-10-17 14:03 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-26 19:59 - 2018-09-26 19:59 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-16 07:17 - 2018-11-16 07:18 - 001434192 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-01-11 02:17 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-11 02:17 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-11 02:17 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-12-06 13:41 - 2017-08-04 13:44 - 000082720 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\GetProcessDLL.dll
2018-12-06 13:41 - 2016-08-18 18:43 - 000442144 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madExcept_.bpl
2018-12-06 13:41 - 2016-08-18 18:43 - 000210720 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madBasic_.bpl
2018-12-06 13:41 - 2016-08-18 18:43 - 000059680 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madDisAsm_.bpl
2018-11-14 23:03 - 2018-11-16 15:55 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-12-06 13:41 - 2017-06-10 15:33 - 000631584 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\ProductStatistics.dll
2018-11-14 02:07 - 2018-01-22 19:00 - 000442128 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2018-11-14 02:07 - 2018-01-22 19:00 - 000210704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2018-11-14 02:07 - 2018-01-22 19:00 - 000059664 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2017-01-11 02:17 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2017-01-11 02:17 - 2016-11-09 14:35 - 000631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2014-03-20 14:43 - 2014-03-20 14:43 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-06 21:09 - 2018-12-06 21:09 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SamsungRapidApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "DiscWizardMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\StartupFolder: => "Auto Profiles.xml"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\StartupFolder: => "Actions.xml"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\Run: => "NetLimiter"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A931A79-316D-4EA0-81F1-122076D6A748}] => (Allow) F:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{51D24A82-17C4-4CFF-A20E-32DAC92624BC}] => (Allow) F:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{19E1AEE8-0FD5-4EFC-B269-E0BD6F816C35}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D21CC886-EF0F-42B8-81D1-DFE309279B91}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{6C05C3AB-AD1B-4C70-8483-2F2CDEA05C32}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4A9638C7-A095-4B37-93B6-C9DD8A5E23A0}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{CC81CCAC-9A78-4E6D-8BA9-44AD376DA3AF}F:\program files (x86)\call of duty black ops iii\blackops3.exe] => (Allow) F:\program files (x86)\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{D676CDA2-80D0-43F7-B0CA-5B546E806B3E}F:\program files (x86)\call of duty black ops iii\blackops3.exe] => (Allow) F:\program files (x86)\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{46B8FE51-6FAC-435D-B707-5F70CD3893B4}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [TCP Query User{DBA0E5FE-46A6-414F-B6BF-A07F7BEFE9CA}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{92FED833-91CA-45BD-96FF-1501D12010F3}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{AA8E28B7-C09C-4DAC-8372-3396AA842713}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{B67E3AAD-C0A6-4325-9C6D-DE7D1F98C63F}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{AA48F697-8F80-44A7-B825-C3BA5A6D9ACF}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [UDP Query User{2C1659E9-6E5D-40E0-AD6B-CD209218AF89}F:\program files (x86)\origin games\titanfall\titanfall.exe] => (Allow) F:\program files (x86)\origin games\titanfall\titanfall.exe
FirewallRules: [TCP Query User{6F2663DC-A78F-4C61-B913-13D2F847D4CA}F:\program files (x86)\origin games\titanfall\titanfall.exe] => (Allow) F:\program files (x86)\origin games\titanfall\titanfall.exe
FirewallRules: [UDP Query User{713B34A5-2C25-4BB6-9B75-DDAE8369B7EE}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{71DCE148-6A82-451F-994B-377C30BF8416}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{6C34AF8F-3583-4251-8DE5-5E5B123C1E6B}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Allow) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{8DAA2235-1759-48A4-ABD4-B2C21647473C}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Allow) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{A53816F8-DF7F-4244-BD87-D3AABD1DBCD3}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{9FD730B9-8213-4D4A-81D2-ADB7CA4A716B}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{BEEBDB06-4221-4771-9C67-D37F49898536}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{650F68DB-0AEC-4AB7-959C-1A7C64EF6526}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [UDP Query User{F3E7999A-A228-4843-BCCA-7DBA250028F4}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{4C5A4382-A05C-436A-B8E9-AD6D9BC27B8A}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [{F1BCB19A-3C93-4AD6-8D78-425820B4E6EF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{CC613C48-5758-435D-9EC9-5B2B13FD169C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [UDP Query User{BC6A45FF-8997-4DE5-B792-DAEA53D51FED}F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe
FirewallRules: [TCP Query User{0543600B-AC1C-44E8-90D2-6DC50F0EB95E}F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe
FirewallRules: [{D8B88B63-A2B2-4E9D-932B-EDCCA45ADE84}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38FF5CCA-A2E2-4D1C-BF01-65E5D6470DAF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{B84E6423-6C17-4E75-8C31-6C22F01949A7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [UDP Query User{D96B48AA-8280-45BF-AFF5-71AF2A86DF3B}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{A595A762-6BE4-487A-BEE3-BA0314569C31}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{EFFF15ED-1116-481B-BD6D-71F690EE0765}] => (Allow) LPort=3389
FirewallRules: [{77CBFEC0-BFD4-45D1-8299-9C6616738ACC}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2A9397A-835B-42C9-A126-C25567EE4C59}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F1B731EA-02EC-432C-AE13-2C9037989E68}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9977F04-045D-4F3E-9B20-A431AFA68689}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA02BBE6-4F59-4CC9-B9F7-7FF585A77B14}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2050E3BA-A60D-45C6-AA43-C67737ED347A}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B62BB7EE-BE99-461C-9689-368E70A18493}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{1FE7F81F-D899-4E70-80B7-EF9192180E84}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4ADDC7BB-CC29-495B-BC18-E3FA8D91B320}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{BE1F0A7E-61EC-4B99-B257-A264C7FFB3C1}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{08C0C41F-01CE-49A3-BD6C-DE77083231C7}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{5B8489EA-2510-4EC2-B900-D4E599BD1299}] => (Allow) F:\Program Files (x86)\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{99A321F0-62E0-4EB2-AFE5-19E672910A75}] => (Allow) F:\Program Files (x86)\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{20D461BC-B1DD-4E53-A8B2-45968C6E7026}] => (Allow) F:\Program Files (x86)\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C5D33200-E39A-4332-8A86-7DEDE7FCD832}] => (Allow) F:\Program Files (x86)\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{CB68F46B-309A-465D-86E2-87CCD6A6666E}F:\program files (x86)\dying light\dying light\dyinglightgame.exe] => (Allow) F:\program files (x86)\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{55B2103E-090E-4CC4-9FBF-B1D9B61E1F19}F:\program files (x86)\dying light\dying light\dyinglightgame.exe] => (Allow) F:\program files (x86)\dying light\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{A8524EEB-AD57-4E7D-94E2-9DEF23B9EEEA}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{2CB642D2-ED8E-4DB5-8D5C-EB494A26BFD9}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{8691C369-44F1-49E4-BBA8-5E65DD22A481}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [UDP Query User{BB2F7EE7-CCD9-482E-930F-A31021DAD63A}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{5759C3A8-D650-479E-8E6E-38222F1F8326}C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [UDP Query User{A79B5677-D198-416C-93A5-946085894F8A}C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [{138F68C4-E9CA-4626-A86E-4816912D73A9}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6F7F27E7-17F6-4A5C-B8B1-CDBB3C9CD375}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{4E22E97E-E871-4BDD-88BE-B80D7F512A48}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EBE3EE69-903E-4B86-9A96-3489D40FE541}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{02DFF792-D556-4195-BD2A-C63E2F389CE9}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Block) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{D77C35D1-5CF2-47F5-937F-E4E3F2C6FE88}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Block) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [{2136905A-BA76-4DDA-AA11-4EBD761A4C7E}] => (Allow) F:\Program Files (x86)\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{EB5575AD-F408-4B31-B759-E4FF10FF63BD}] => (Allow) F:\Program Files (x86)\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{2EA5A25C-0A1E-4DB0-B6F1-282E0065BB78}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{03A71D46-84BE-4E58-AD2A-83CC11228ADA}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{7D448BFC-806F-437C-A2E5-CED70E56D513}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{28ED70E9-0D68-494A-9759-07EAF89DD80B}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{EBEC9A76-1200-4562-A580-6C77E604A9B6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2C1291AA-5B7E-49B6-BC28-C13486C68A9D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{D499320B-09D5-4D4A-BCE4-B518399E34F3}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{F6CF7435-829D-4DAB-BCDB-165D1E601145}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{AA1880D2-E06F-4AA6-975E-9D664BDABD0D}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{DD5B0D15-BE2D-47DA-8026-E4A377694163}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B9F2D1CA-FA32-41D4-A911-00557E363075}] => (Allow) F:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{32585163-6D5E-4D6A-B5F6-715432C152E5}] => (Allow) F:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{2FF5B205-5C4C-425F-B718-F9E71AB74E06}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{6B5C9E52-B1E2-456D-BA1B-4ED5EF5F4BD6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [TCP Query User{FA654C9D-1628-4332-A956-35D36D659593}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{A1E4F801-8E3C-48A4-B953-274C18B5B3B0}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [{6F216D94-8D57-4D64-BCE7-8B90FD923D11}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{A91F86F6-D18A-4009-AE53-F621CFDB8B5D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{9BCA7EC2-7255-41A3-A91B-A9AC45F6F5B4}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{DE745EED-E69F-4052-A6F0-AA390208A112}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{EB0D1673-3C96-44AD-8E2C-9F7A10FB525D}F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Block) F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{34D2BAC1-9028-4BC9-A190-F456A81C91D7}F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Block) F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{91EBA601-BAB8-4C0F-9052-908237280363}] => (Allow) LPort=3724
FirewallRules: [TCP Query User{990A1E3B-3E52-45D8-ACFA-862BDC2F9377}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{27C9E56D-87B2-41AD-A00B-4BE922B419FE}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4D4885A5-83CD-4528-8B70-D20E77EABFA0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{E18E0BEA-CA34-4F29-8889-013C80A8D145}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [TCP Query User{229538CB-B306-4A19-B236-8656E8B4DF1F}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{76F521A4-09DC-40FF-BE76-D1F3FE8579A7}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{03844735-56B2-43D2-904A-866183ABE4C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A18E1D2E-9238-46E6-98D6-E0818AB61044}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E898ADA7-93EF-4011-9D1F-9CEEF096BF6B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CEFA82F1-C612-4B97-87CD-4E03917EB88C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{25DC02FA-E541-4520-B6E0-B0D9589F45A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{69520D8E-5D74-4EB7-851F-408274C4E12B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A8FCBA9A-0C47-47E6-BA11-511534340AC3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{F503E34B-BDBE-4A94-8C86-CC8370BE8D0B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{E6310DEC-048B-4710-BB68-F260FEB982AA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{8191C496-2AF7-4E33-8521-D9BEB8B31257}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{D342F441-0647-4CA7-B61C-3E092AAF42F5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{C631CE36-A858-490B-A8EB-D8B1461D49BE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{2A62502E-5962-402E-B307-E410DE1D2DB8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{DA84530D-6ABA-40F8-93AF-145EEEC8C937}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{482F7627-9F57-4FC0-B329-2B1BA47EB4D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{870EA809-F62C-4AE9-87E9-83940ABB5FDB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{D746F72E-84DA-4456-BEC5-009FA5F5C8A7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{8F02B381-6AB6-4EC8-BBD8-10EDA6BC8BF2}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{0B8C79B5-8287-4E03-BE0A-0518BC1DA41E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{62C78DC3-07D3-446E-A6BA-AC2B10473310}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E03F44EA-DB93-4A7E-BB25-DB08998EBAF2}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9290F4DF-35AF-4069-A040-55D83E0DB4B6}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [{FF0537E8-325F-470C-9307-F13CE79BF5F3}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{C990710B-D064-4AA2-96BF-0FA801D492A5}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{0336F7B1-166B-4B4B-9F3B-A50670750A23}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\HITMAN2\Launcher.exe
FirewallRules: [{87483157-FB07-4DFB-BFE9-925190BE15BB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\HITMAN2\Launcher.exe
FirewallRules: [TCP Query User{ED131632-A45E-48D4-91BB-8E15EEF045B9}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C9666551-EBF4-42E8-BE14-874F360E4967}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [{8FF5222C-5CF7-46B0-8AF8-9F584990650A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{01C3AD61-5EF7-4663-8AFE-6DA45C575342}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{635F48C2-F132-4C3C-9291-633A15443555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F67529C3-B374-4E9C-9A01-6D588F9D0CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7E06880E-9D41-4CBD-B479-6193560937B3}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsF354.tmp
FirewallRules: [{00F2932B-7626-475C-88D2-AA0AA31FC362}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsED1A.tmp
FirewallRules: [{68403086-8B6C-4E61-BB8E-041DC508325D}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsEC10.tmp
FirewallRules: [{441AE39C-A54C-4E49-A513-ACFB2C2BA93E}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsEC10.tmp

==================== Restore Points =========================

06-12-2018 04:33:36 Restore Point Created by FRST
06-12-2018 15:03:24 Driver Booster : Generic Non-PnP Monitor
06-12-2018 21:19:51 Installed Sophos Virus Removal Tool.

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2018 11:51:30 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/06/2018 11:35:27 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/06/2018 11:19:24 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/06/2018 11:03:21 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/06/2018 10:47:18 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/06/2018 10:31:15 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/06/2018 10:15:12 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/06/2018 09:59:08 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.


System errors:
=============
Error: (12/06/2018 11:58:38 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 11:01:32 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 10:41:59 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 10:01:01 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 09:39:45 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 09:19:57 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 09:13:55 PM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/06/2018 09:13:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-12-04 17:58:02.680
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:58:02.668
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:57:27.100
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Unwaders.C!ml&threatid=242874&enterprise=0
Name: Program:Win32/Unwaders.C!ml
ID: 242874
Severity: Severe
Category: Potentially Unwanted Software
Path: file:_C:\Users\PC\AppData\Local\Temp\4314625\ic-0.611060b53f4af4.exe; process:_pid:17572,ProcessStart:131884045777468702
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\Users\PC\AppData\Local\Temp\4314625\ic-0.611060b53f4af4.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:57:27.098
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe; process:_pid:12232,ProcessStart:131884050440058139
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:56:53.852
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Vigram.A&threatid=232718&enterprise=0
Name: Program:Win32/Vigram.A
ID: 232718
Severity: Severe
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPicoActivator.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-06 02:56:48.151
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===================================

Date: 2018-12-04 18:39:46.597
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.579
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.487
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.473
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-30 12:01:41.782
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-30 12:01:41.780
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-16 10:12:49.134
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-16 10:12:49.133
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 27%
Total physical RAM: 16341.29 MB
Available physical RAM: 11887.08 MB
Total Virtual: 38613.29 MB
Available Virtual: 31173.77 MB

==================== Drives ================================

Drive 😄 (SSD) (Fixed) (Total:462.04 GB) (Free:190.33 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (SSHD) (Fixed) (Total:1862.67 GB) (Free:651.47 GB) NTFS
Drive g: (HDD) (Fixed) (Total:931.17 GB) (Free:319.47 GB) NTFS

\\?\Volume{fcce612f-2b1c-11e5-8257-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.04 GB) NTFS
\\?\Volume{fcce612d-2b1c-11e5-8257-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.02 GB) NTFS
\\?\Volume{054f3ebd-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:1.42 GB) (Free:1.07 GB) NTFS
\\?\Volume{054f3ebd-0000-0000-0000-00de73000000}\ () (Fixed) (Total:0.45 GB) (Free:0.04 GB) NTFS
\\?\Volume{054f3ebd-0000-0000-0000-e0fa73000000}\ () (Fixed) (Total:1.84 GB) (Free:1.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 958718AE)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 054F3EBD)
Partition 1: (Not Active) - (Size=1.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=462 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=461 MB) - (Type=27)
Partition 4: (Not Active) - (Size=1.8 GB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: BE0158D9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

 

Share this post


Link to post
Share on other sites

After restarting my system post completing all the above, the 360 popup still came up after a minute post startup. 

Share this post


Link to post
Share on other sites

Can you show me a better screenshot of the popups, I cannot see as the images you post are too small, if I expand they are not readable...

I thought they would be back as bad firewall rules have also returned...

Share this post


Link to post
Share on other sites

Yeah that is the software. It's not installed anywhere on my PC, the pop up is basically an installer window asking me to install the program. 

360 .tmp popup.jpg

Share this post


Link to post
Share on other sites

That is some type of security software, have you had that installed previously...?

Share this post


Link to post
Share on other sites

No I did not, my younger brother installed something from a pirating website that brought this with it, KMS or something similar. I deleted everything from that download and all that remains is this popup that gets triggered on each startup. Another user on a different forum is also complaining of the same issue but it is more ingrained in his system. If you'd like to look at it for reference here's the link: https://www.bleepingcomputer.com/forums/t/687511/360-safe-popup-after-reboot/   The post is still being updated and the poster has not resolved the issue.  

Share this post


Link to post
Share on other sites

Yes i`ve seen the BC thread, run this please:

Run FRST one more time:

Type or copy/paste the following in the edit box after "Search:".

*360*

Click Search Registry button and post the log (Search.txt) it makes to your reply.

Edited by kevinf80

Share this post


Link to post
Share on other sites

The scan log has way too much text to post here, keeps lagging the website, I attached it instead. By the way I went through registry by searching directly from regedit and deleted some entries related to the Chinese app. I searched for keywords like "InsEC10" "360安全卫士" and deleted 4 or 5 entries. I've done this earlier as well but they seem to come back on each startup. 

SearchReg.txt

Share this post


Link to post
Share on other sites

Yes the search has brought up XBox 360...  can you do another reg search with frst for this 360safe

Share this post


Link to post
Share on other sites

Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by PC (07-12-2018 02:08:41)
Running from C:\Users\PC\Desktop\FRST
Boot Mode: Normal

================== Search Registry: "360safe" ===========

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe]

====== End of Search ======

Share this post


Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

fixlist.txt

Share this post


Link to post
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by PC (07-12-2018 02:25:58) Run:11
Running from C:\Users\PC\Desktop\FRST
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
C:\Program Files(x86)\360
2018-12-04 18:13 - 2018-12-04 18:13 - 000000000 ____H C:\asc_rdflag
2018-12-04 17:50 - 2018-12-04 18:13 - 000000000 ____D C:\ProgramData\zVmiMcGqez
2015-07-16 22:55 - 2015-07-16 22:55 - 006420480 _____ () C:\Program Files (x86)\GUT84CB.tmp
2018-02-16 10:54 - 2018-02-16 10:54 - 000000000 _____ () C:\Users\PC\AppData\Roaming\User Loops
2018-12-03 22:22 - 2018-12-05 22:29 - 002128896 _____ () C:\Users\PC\AppData\Local\file__0.localstorage
2018-09-28 22:12 - 2018-09-28 22:12 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
2015-10-19 05:35 - 2015-10-19 05:35 - 000000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg
2015-11-18 15:53 - 2015-11-18 15:53 - 000000000 _____ () C:\Users\PC\AppData\Local\{25481B64-D937-4BC8-B287-02EA2C4949D9} 
2018-12-06 21:10 - 2018-12-06 21:10 - 001639936 _____ (CPUID) C:\Users\PC\AppData\Local\Temp\speccycpuid.dll 
FirewallRules: [{7E06880E-9D41-4CBD-B479-6193560937B3}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsF354.tmp
FirewallRules: [{00F2932B-7626-475C-88D2-AA0AA31FC362}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsED1A.tmp
FirewallRules: [{68403086-8B6C-4E61-BB8E-041DC508325D}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsEC10.tmp
FirewallRules: [{441AE39C-A54C-4E49-A513-ACFB2C2BA93E}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsEC10.tmp 
C:\Users\PC\AppData\Local\Temp\4314625
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe
emptytemp:
end 


*****************

"C:\Program Files(x86)\360" => not found
C:\asc_rdflag => moved successfully
C:\ProgramData\zVmiMcGqez => moved successfully
2015-07-16 22:55 - 2015-07-16 22:55 - 006420480 _____ () C:\Program Files (x86)\GUT84CB.tmp => Error: No automatic fix found for this entry.
"C:\Users\PC\AppData\Roaming\User Loops" => not found
C:\Users\PC\AppData\Local\file__0.localstorage => moved successfully
"C:\Users\PC\AppData\Local\oobelibMkey.log" => not found
C:\Users\PC\AppData\Local\resmon.resmoncfg => moved successfully
"C:\Users\PC\AppData\Local\{25481B64-D937-4BC8-B287-02EA2C4949D9}" => not found
C:\Users\PC\AppData\Local\Temp\speccycpuid.dll => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7E06880E-9D41-4CBD-B479-6193560937B3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00F2932B-7626-475C-88D2-AA0AA31FC362}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68403086-8B6C-4E61-BB8E-041DC508325D}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{441AE39C-A54C-4E49-A513-ACFB2C2BA93E}" => not found
C:\Users\PC\AppData\Local\Temp\4314625 => Error: No automatic fix found for this entry.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\360Safe => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20288761 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 166193 B
Edge => 3584 B
Chrome => 1050562 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1814 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
PC => 203842 B

RecycleBin => 0 B
EmptyTemp: => 30.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 02:26:33 ====

Share this post


Link to post
Share on other sites

The popup occurred again post startup.... Unbelievable how stubborn this thing is. Would deleting these files in safe mode change anything? 

Share this post


Link to post
Share on other sites

Is well worth trying from safe mode...

Can you also post fresh logs from FRST

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

 

Share this post


Link to post
Share on other sites

FRST Scan Log: 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by PC (administrator) on SHELBY (07-12-2018 02:43:05)
Running from C:\Users\PC\Desktop\FRST
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Pro Version 1803 17134.407 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Electronic Arts) F:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Locktime Software) C:\Program Files (x86)\NetLimiter 4\NLSvc.exe
(Thalonet, Inc. (dba Haste)) C:\Program Files\Haste\Haste Esports Accelerator\UserEdgeService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\Monitor.exe
(Beepa P/L) F:\Program Files (x86)\Fraps\fraps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\RealTimeProtector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Beepa P/L) F:\Program Files (x86)\Fraps\fraps64.dat
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(IObit) C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe
() C:\Program Files (x86)\PS4 Controller\DS4Windows.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\Scheduler.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\pub\PubMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => F:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2018-09-07] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-07] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5608208 2018-10-23] (IObit)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7088408 2015-01-22] (Piriform Ltd)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [NetLimiter] => C:\Program Files (x86)\NetLimiter 4\nlclientapp.exe [52656 2015-10-10] (Locktime Software)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCTray.exe [3703568 2018-08-15] (IObit)
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Mystify.scr [149504 2018-04-12] (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2015-12-01]
ShortcutTarget: DS4Windows.lnk -> C:\Program Files (x86)\PS4 Controller\DS4Windows.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{554704bb-761d-459e-9f6a-a3600d29fdbd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fbcfbc8f-310f-4428-bbf8-f8ace88c2de0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-11-30] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2018-09-07] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-20] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2018-09-07] (Logitech, Inc.)
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2018-03-20] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-20] (Oracle Corporation)
BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2018-04-17] (IObit)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-14] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-09-27] [not signed]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-08-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1745146063-4005962234-3562053907-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://blank/","hxxp://google.com/","hxxps://www.google.com/","hxxp://www.google.com"
CHR NewTab: Default ->  Active:"chrome-extension://ddjdamcnphfdljlojajeoiogkanilahc/pages/newtab.html"
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2018-12-07]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-06-09]
CHR Extension: (BetterTTV) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (The New Tab - Customize Your Start Page) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjdamcnphfdljlojajeoiogkanilahc [2018-11-30]
CHR Extension: (AHA Music - Music Identifier) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2018-12-06]
CHR Extension: (AdBlock) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-04]
CHR Extension: (Battleship) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjgmfhnanfbghmpcbdfgpigcgdbaggfm [2016-05-13]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (PDF Viewer) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2018-07-09]
CHR Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofgbpoabipfcfjapgnbbjjaenockbdp [2018-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-27]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-06]
CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-20]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-20]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-20]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-20]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-20]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-20]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService11; C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCService.exe [1066256 2018-03-28] (IObit)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ASCAntivirusSrv; C:\Program Files (x86)\Advanced SystemCare Ultimate\ascavsvc.exe [1990928 2018-01-18] (IObit)
R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [463112 2014-07-31] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-11-20] (Microsoft Corporation)
S3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34512 2018-03-30] (Corsair Components, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [277056 2016-08-28] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6514752 2016-08-28] (GOG.com)
R2 HasteUEService; C:\Program Files\Haste\Haste Esports Accelerator\UserEdgeService.exe [1516328 2017-05-04] (Thalonet, Inc. (dba Haste))
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2355472 2018-10-19] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc.)
R2 nlsvc; C:\Program Files (x86)\NetLimiter 4\NLSvc.exe [322480 2015-10-10] (Locktime Software)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 Origin Client Service; F:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-10-25] (Electronic Arts)
R2 Origin Web Helper Service; F:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-10-25] (Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [435328 2017-10-10] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [916096 2017-10-17] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-12-04] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2015-07-15] (ASRock Incorporation)
R0 AsrRamDisk; C:\WINDOWS\System32\drivers\AsrRamDisk.sys [40200 2013-08-02] (ASRock Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4321160 2018-07-19] (Qualcomm Atheros Communications, Inc.)
R3 cpuz138; C:\Users\PC\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [28392 2018-12-07] (CPUID) <==== ATTENTION
R3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2018-12-07] (CPUID)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-18] (ELAN Microelectronic Corp.)
R2 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [183576 2016-10-27] (BitDefender LLC)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-11-01] (Hewlett-Packard.) [File not signed]
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.) [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-16] (REALiX(tm))
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44032 2018-03-20] (IObit.com)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39232 2018-08-14] (IObit.com)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40384 2018-03-20] (IObit)
R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [34048 2018-03-20] (IObit.com)
R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [41920 2018-08-12] (IObit.com)
R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [51256 2018-08-27] (IObit.com)
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
S3 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 iobit_monitor_server; C:\Program Files (x86)\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-22] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc.)
S3 lgLowAudio; C:\WINDOWS\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Apple Inc.) [File not signed]
R2 nldrv; C:\Program Files (x86)\NetLimiter 4\nldrv.sys [120720 2015-10-10] (Locktime Software)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9db4450b8107f59a\nvlddmkm.sys [20420352 2018-12-01] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-29] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52728 2018-03-20] (IObit.com)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [43256 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137208 2017-07-16] (Razer, Inc.)
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (BitDefender S.R.L.)
U5 UnlockerDriver5; F:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBus; C:\WINDOWS\System32\drivers\NkVBus.sys [26400 2007-09-05] (Nikon Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-12-04] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-12-04] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-12-04] (Microsoft Corporation)
R4 WinDivert1.2; C:\Program Files\Haste\Haste Esports Accelerator\WinDivert64.sys [37672 2016-10-05] (Basil)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-07 02:27 - 2018-12-07 02:27 - 000003214 _____ C:\WINDOWS\System32\Tasks\FRAPS
2018-12-07 02:27 - 2018-12-07 02:27 - 000003010 _____ C:\WINDOWS\System32\Tasks\AsrSP.exe
2018-12-07 02:21 - 2018-12-07 02:21 - 000000000 ____D C:\Users\PC\AppData\Roaming\MAXON
2018-12-07 02:19 - 2018-12-07 02:20 - 085916232 _____ C:\Users\PC\Downloads\CINEBENCHR15.038.zip
2018-12-06 23:56 - 2018-12-06 21:10 - 000016269 _____ C:\Users\PC\Downloads\Fixlog.txt
2018-12-06 23:15 - 2018-12-01 08:01 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-06 23:15 - 2018-12-01 08:01 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-06 21:24 - 2018-12-06 21:24 - 000000424 _____ C:\Users\PC\Desktop\Computer.lnk
2018-12-06 21:21 - 2018-12-06 21:21 - 000000000 ____D C:\ProgramData\Sophos
2018-12-06 21:20 - 2018-12-06 21:20 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-12-06 21:20 - 2018-12-06 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-12-06 21:20 - 2018-12-06 21:20 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-12-06 21:16 - 2018-12-06 21:19 - 214045168 _____ (Sophos Limited) C:\Users\PC\Downloads\Sophos Virus Removal Tool.exe
2018-12-06 21:12 - 2016-11-02 19:11 - 000520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2018-12-06 21:08 - 2018-12-06 21:03 - 000004353 _____ C:\Users\PC\Desktop\fixlist IMP.txt
2018-12-06 15:36 - 2018-12-06 15:36 - 000010393 _____ C:\Users\PC\Downloads\657463004_MalwareBytesScanlog.txt
2018-12-06 15:03 - 2018-12-06 15:03 - 000003158 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2018-12-06 15:02 - 2018-11-29 20:11 - 005338608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 002620624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-12-06 15:02 - 2018-11-29 20:11 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-12-06 15:02 - 2018-11-28 03:28 - 008453862 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-12-06 15:02 - 2018-11-14 16:00 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-12-06 15:01 - 2018-12-06 15:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-12-06 15:00 - 2018-12-01 08:59 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000552416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000456832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-06 15:00 - 2018-12-01 08:59 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-12-06 15:00 - 2018-12-01 08:59 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-06 15:00 - 2018-12-01 08:59 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-06 15:00 - 2018-12-01 08:59 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-06 15:00 - 2018-12-01 08:56 - 002018080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441722.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 002003856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001511880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001468032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441722.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001461016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 001126688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 000631688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-12-06 15:00 - 2018-12-01 08:56 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 040260352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 035156424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 015909720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 013204104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 004946016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 004316440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 000750472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-12-06 15:00 - 2018-12-01 08:55 - 000608864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 019714064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 016989840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 004999872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 004258384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001471616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001462216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001167600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001152176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 001145736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000914592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000822768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000794824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-12-06 15:00 - 2018-12-01 08:54 - 000637672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-12-06 15:00 - 2018-11-29 21:52 - 001682896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-12-06 15:00 - 2018-11-29 21:52 - 000227896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-12-06 15:00 - 2018-11-29 21:52 - 000074576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-12-06 15:00 - 2018-11-29 21:52 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb
2018-12-06 15:00 - 2018-11-29 21:52 - 000047384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-12-06 14:50 - 2018-12-06 14:50 - 000002684 _____ C:\Users\PC\Desktop\ADWCleaner Scan Log.txt
2018-12-06 14:42 - 2018-12-06 14:42 - 000010393 _____ C:\Users\PC\Desktop\MalwareBytes Scan log.txt
2018-12-06 14:23 - 2016-10-27 13:54 - 000183576 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2018-12-06 14:03 - 2018-12-06 14:03 - 000002238 _____ C:\Users\PC\Desktop\Advanced SystemCare Ultimate 11.lnk
2018-12-06 13:41 - 2018-12-06 13:41 - 000003112 _____ C:\WINDOWS\System32\Tasks\ASCU_ASCTray_Auto
2018-12-06 13:41 - 2018-12-06 13:41 - 000003092 _____ C:\WINDOWS\System32\Tasks\ASCU11_PerformanceMonitor
2018-12-06 13:41 - 2018-12-06 13:41 - 000002876 _____ C:\WINDOWS\System32\Tasks\ASCU11_SkipUac_PC
2018-12-06 13:41 - 2018-12-06 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2018-12-06 13:40 - 2018-12-07 02:36 - 000000000 ____D C:\Program Files (x86)\Advanced SystemCare Ultimate
2018-12-06 13:40 - 2018-12-06 13:40 - 096657856 _____ (IObit ) C:\Users\PC\Downloads\asc-ultimate-setup11.2.0.84.exe
2018-12-06 13:38 - 2018-12-06 14:02 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-06 13:38 - 2018-12-06 13:38 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\131C0D2C.sys
2018-12-06 13:37 - 2018-12-06 13:37 - 014178840 _____ (Malwarebytes Corp.) C:\Users\PC\Downloads\mbar-1.10.3.1001.exe
2018-12-06 04:46 - 2018-12-06 04:46 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-SHELBY-Windows-10-Pro-(64-bit).dat
2018-12-06 04:46 - 2018-12-06 04:46 - 000000000 ____D C:\RegBackup
2018-12-06 04:44 - 2018-12-06 04:45 - 000000000 ____D C:\Users\PC\Desktop\Windows Repair Tool
2018-12-06 04:44 - 2018-12-06 04:44 - 037626408 _____ C:\Users\PC\Downloads\tweaking.com_windows_repair_aio.zip
2018-12-06 04:09 - 2018-12-06 04:09 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:09 - 2018-12-06 04:09 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:09 - 2018-12-06 04:09 - 000000940 _____ C:\Users\PC\Downloads\fixlist.txt
2018-12-06 04:09 - 2018-11-16 15:55 - 002864496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-12-06 04:08 - 2018-12-06 04:08 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-12-06 04:08 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-06 04:08 - 2018-10-01 22:47 - 000070024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-12-06 03:14 - 2018-12-06 03:14 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_399
2018-12-06 02:32 - 2018-12-06 02:41 - 000280336 _____ C:\WINDOWS\ntbtlog.txt
2018-12-06 02:32 - 2018-12-06 02:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-12-06 02:21 - 2018-12-06 02:21 - 000448512 _____ (OldTimer Tools) C:\Users\PC\Desktop\TempFilecleaner.exe
2018-12-06 02:10 - 2018-12-06 15:17 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-06 01:59 - 2018-12-06 14:06 - 000000952 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-12-06 01:59 - 2018-12-06 02:41 - 000000000 ____D C:\ProgramData\RogueKiller
2018-12-06 01:59 - 2018-12-06 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-12-06 01:59 - 2018-12-06 01:59 - 000000000 ____D C:\Program Files\RogueKiller
2018-12-06 01:57 - 2018-12-06 01:57 - 029094792 _____ (Adlice Software ) C:\Users\PC\Downloads\RogueKiller_setup.exe
2018-12-06 01:51 - 2018-12-06 01:53 - 000000000 ____D C:\AdwCleaner
2018-12-06 01:51 - 2018-12-06 01:51 - 007321808 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.5.0.exe
2018-12-06 01:47 - 2018-12-07 02:26 - 000000000 ____D C:\Users\PC\Desktop\FRST
2018-12-06 01:45 - 2018-12-07 02:43 - 000000000 ____D C:\FRST
2018-12-06 01:34 - 2018-12-06 01:34 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B}
2018-12-06 01:14 - 2018-12-07 02:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-06 01:14 - 2018-12-06 01:14 - 000000000 ____D C:\Users\PC\AppData\Local\mbamtray
2018-12-06 00:42 - 2018-12-06 00:42 - 009379840 _____ C:\Users\PC\NTUSER.rhk
2018-12-06 00:39 - 2018-12-06 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Wise Registry Cleaner
2018-12-06 00:39 - 2018-12-06 00:39 - 000000898 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2018-12-06 00:39 - 2018-12-06 00:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2018-12-06 00:39 - 2018-12-06 00:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2018-12-06 00:35 - 2018-12-06 00:35 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2018-12-06 00:27 - 2018-12-06 00:27 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-12-06 00:27 - 2018-12-06 00:27 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-06 00:26 - 2018-12-06 00:45 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-06 00:26 - 2018-12-06 00:28 - 000000805 _____ C:\Users\PC\Desktop\CCleaner.lnk
2018-12-06 00:18 - 2018-12-06 00:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\GlarySoft
2018-12-05 21:18 - 2018-12-05 21:18 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-12-05 01:53 - 2018-12-05 02:04 - 000000000 ____D C:\Users\PC\Heaven
2018-12-05 01:21 - 2018-12-05 01:25 - 000000000 ____D C:\ProgramData\HitmanPro
2018-12-04 18:13 - 2018-12-07 02:26 - 112984064 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-12-04 18:13 - 2018-12-07 02:26 - 003043328 _____ C:\WINDOWS\system32\config\DEFAULT
2018-12-04 18:13 - 2018-12-07 02:26 - 000139264 _____ C:\WINDOWS\system32\config\SAM
2018-12-04 18:13 - 2018-12-07 02:26 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY
2018-12-03 22:30 - 2018-12-03 22:30 - 000002735 _____ C:\Users\PC\Unigine_Valley_Benchmark_1.0_20181203_2229.html
2018-12-03 22:22 - 2018-12-04 13:31 - 000000000 ____D C:\Users\PC\Valley
2018-12-03 19:28 - 2018-12-03 19:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\IO Interactive
2018-11-30 12:08 - 2018-11-30 12:08 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-11-30 12:08 - 2018-11-30 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-11-16 18:19 - 2018-11-16 18:19 - 000000000 ____D C:\Program Files\rempl
2018-11-16 16:57 - 2018-12-04 17:59 - 000000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2018-11-14 23:03 - 2018-11-16 15:55 - 002264432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 001322864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-11-14 23:03 - 2018-11-14 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-11-14 23:03 - 2018-10-04 16:33 - 000203760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-11-14 23:03 - 2018-10-04 16:33 - 000179696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-11-14 22:58 - 2018-11-01 08:47 - 000407244 __RSH C:\bootmgr
2018-11-14 22:58 - 2018-04-12 03:34 - 000000001 ___SH C:\BOOTNXT
2018-11-14 16:36 - 2018-11-01 15:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 16:36 - 2018-11-01 15:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 16:36 - 2018-11-01 15:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 16:36 - 2018-11-01 15:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 16:36 - 2018-11-01 15:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 16:36 - 2018-11-01 15:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 16:36 - 2018-11-01 15:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 16:36 - 2018-11-01 15:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 16:36 - 2018-11-01 15:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 16:36 - 2018-11-01 15:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 16:36 - 2018-11-01 15:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 16:36 - 2018-11-01 15:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 16:36 - 2018-11-01 15:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 16:36 - 2018-11-01 15:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 16:36 - 2018-11-01 15:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 16:36 - 2018-11-01 15:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 16:36 - 2018-11-01 15:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 16:36 - 2018-11-01 15:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 16:36 - 2018-11-01 15:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 16:36 - 2018-11-01 14:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 16:36 - 2018-11-01 13:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 16:36 - 2018-11-01 13:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 16:36 - 2018-11-01 13:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 16:36 - 2018-11-01 13:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 16:36 - 2018-11-01 13:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 16:36 - 2018-11-01 13:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 16:36 - 2018-11-01 13:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 16:36 - 2018-11-01 13:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 16:36 - 2018-11-01 11:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 16:36 - 2018-11-01 11:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 16:36 - 2018-11-01 11:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 16:36 - 2018-11-01 11:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 16:36 - 2018-11-01 11:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 16:36 - 2018-11-01 11:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 16:36 - 2018-11-01 11:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 16:36 - 2018-11-01 11:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 16:36 - 2018-11-01 11:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 16:36 - 2018-11-01 11:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 16:36 - 2018-11-01 11:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 16:36 - 2018-11-01 11:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 16:36 - 2018-11-01 11:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 16:36 - 2018-11-01 11:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 16:36 - 2018-11-01 11:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 16:36 - 2018-11-01 11:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 16:36 - 2018-11-01 11:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 16:36 - 2018-11-01 11:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 16:36 - 2018-11-01 11:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 16:36 - 2018-11-01 11:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 16:36 - 2018-11-01 11:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 16:36 - 2018-11-01 11:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 16:36 - 2018-11-01 11:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 16:36 - 2018-11-01 10:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 16:36 - 2018-11-01 10:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 16:36 - 2018-11-01 10:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 16:36 - 2018-11-01 10:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 16:36 - 2018-11-01 10:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 16:36 - 2018-11-01 10:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 16:36 - 2018-11-01 10:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 16:36 - 2018-11-01 10:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 16:36 - 2018-11-01 09:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 16:36 - 2018-11-01 09:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 16:36 - 2018-11-01 08:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 16:36 - 2018-11-01 08:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 16:36 - 2018-11-01 08:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 16:36 - 2018-11-01 08:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 16:36 - 2018-11-01 08:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 16:36 - 2018-11-01 08:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 16:36 - 2018-11-01 08:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 16:36 - 2018-11-01 08:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 16:36 - 2018-11-01 08:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 16:36 - 2018-11-01 08:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 16:36 - 2018-11-01 08:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 16:36 - 2018-11-01 08:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 16:36 - 2018-11-01 08:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 16:36 - 2018-11-01 08:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 16:36 - 2018-11-01 08:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 16:36 - 2018-11-01 08:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:36 - 2018-11-01 08:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 16:36 - 2018-11-01 08:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-14 16:36 - 2018-10-21 17:04 - 002267448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-14 16:36 - 2018-10-21 17:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-14 16:36 - 2018-10-21 17:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-14 16:36 - 2018-10-21 16:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-14 16:36 - 2018-10-21 16:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-14 16:36 - 2018-10-21 16:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-14 16:36 - 2018-10-21 16:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-14 16:36 - 2018-10-21 16:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-14 16:36 - 2018-10-21 16:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-14 16:36 - 2018-10-21 16:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-14 16:36 - 2018-10-21 16:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-14 16:36 - 2018-10-21 16:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-14 16:36 - 2018-10-21 16:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-14 16:36 - 2018-10-21 15:41 - 001540408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-11-14 16:36 - 2018-10-21 15:41 - 000023056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-14 16:36 - 2018-10-21 15:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-14 16:36 - 2018-10-21 15:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-14 16:36 - 2018-10-21 15:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-14 16:36 - 2018-10-21 15:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-14 16:36 - 2018-10-21 15:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-14 16:36 - 2018-10-21 15:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-14 16:36 - 2018-10-21 15:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-14 16:36 - 2018-10-21 15:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-14 16:36 - 2018-10-21 15:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-14 16:36 - 2018-10-21 15:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-14 16:36 - 2018-10-21 13:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:36 - 2018-10-21 12:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:36 - 2018-10-21 11:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-14 16:36 - 2018-10-21 11:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-14 16:36 - 2018-10-21 11:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-14 16:36 - 2018-10-21 11:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-14 16:36 - 2018-10-21 11:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-14 16:36 - 2018-10-21 11:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-14 16:36 - 2018-10-21 11:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-14 16:36 - 2018-10-21 11:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-14 16:36 - 2018-10-21 11:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-14 16:36 - 2018-10-21 11:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-14 16:36 - 2018-10-21 11:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-14 16:36 - 2018-10-21 11:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-14 16:36 - 2018-10-21 11:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-14 16:36 - 2018-10-21 11:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-14 16:36 - 2018-10-21 11:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-14 16:36 - 2018-10-21 11:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2018-11-14 16:36 - 2018-10-21 11:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-14 16:36 - 2018-10-21 11:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-14 16:36 - 2018-10-21 11:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-14 16:36 - 2018-10-21 11:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-14 16:36 - 2018-10-21 11:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-14 16:36 - 2018-10-21 11:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-14 16:36 - 2018-10-21 11:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-14 16:36 - 2018-10-21 11:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-11-14 16:36 - 2018-10-21 11:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-14 16:36 - 2018-10-21 11:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-14 16:36 - 2018-10-21 11:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-14 16:36 - 2018-10-21 11:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-14 16:36 - 2018-10-21 11:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-14 16:36 - 2018-10-21 11:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-14 16:36 - 2018-10-21 11:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-14 16:36 - 2018-10-21 11:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-14 16:36 - 2018-10-21 10:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-14 16:36 - 2018-10-21 10:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-14 16:36 - 2018-10-21 10:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-14 16:36 - 2018-10-21 09:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-14 16:36 - 2018-10-21 09:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-14 02:17 - 2018-11-14 02:17 - 000039504 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2018-11-14 02:07 - 2018-11-14 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2018-11-12 21:44 - 2018-11-15 17:36 - 000002339 _____ C:\Users\PC\Desktop\Deezer.lnk
2018-11-12 21:44 - 2018-11-15 17:36 - 000000000 ____D C:\Users\PC\AppData\Roaming\Deezer
2018-11-12 21:44 - 2018-11-12 21:44 - 000002347 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Deezer.lnk
2018-11-12 18:46 - 2018-11-12 18:46 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2018-11-12 18:14 - 2018-11-12 18:14 - 000000000 ____D C:\Program Files\Bonjour
2018-11-12 18:14 - 2018-11-12 18:14 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-11-11 21:57 - 2018-11-11 21:57 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1745146063-4005962234-3562053907-1001
2018-11-11 21:57 - 2018-11-11 21:57 - 000002361 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-07 02:31 - 2018-05-16 21:41 - 000428644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-07 02:31 - 2018-04-12 03:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-07 02:29 - 2018-03-21 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-07 02:27 - 2018-05-16 21:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-07 02:27 - 2018-04-12 03:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-07 02:27 - 2015-07-21 07:58 - 000000000 ____D C:\Users\PC\Documents\Assassin's Creed Unity
2018-12-07 02:26 - 2018-04-12 01:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-12-07 02:24 - 2015-07-16 17:43 - 000000000 ___RD C:\Users\PC\Desktop\OverClockin'
2018-12-07 02:21 - 2018-03-25 16:06 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA
2018-12-07 02:00 - 2016-12-03 12:30 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2018-12-07 01:15 - 2016-01-28 21:12 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2018-12-06 23:43 - 2018-05-16 21:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-06 23:15 - 2018-04-12 03:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-06 21:25 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-06 21:21 - 2015-07-16 16:57 - 000000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2018-12-06 21:10 - 2016-10-13 23:57 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-12-06 15:17 - 2018-05-18 21:33 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2018-12-06 15:02 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\Help
2018-12-06 15:02 - 2018-03-21 18:46 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-06 15:01 - 2018-03-21 18:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-06 15:01 - 2018-03-21 18:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-06 05:11 - 2018-05-16 21:36 - 000269920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-06 05:11 - 2015-07-15 20:25 - 000000000 ____D C:\WINDOWS\CSC
2018-12-06 04:01 - 2013-08-22 19:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-12-06 03:50 - 2015-07-16 21:37 - 000000000 ____D C:\Users\PC\Downloads\Applications
2018-12-06 03:14 - 2015-08-20 00:01 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Temp
2018-12-06 02:56 - 2018-04-12 01:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-06 02:31 - 2018-05-16 21:37 - 000000000 ____D C:\Users\PC
2018-12-06 02:11 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-06 01:34 - 2015-07-16 17:41 - 000000000 ____D C:\ProgramData\ProductData
2018-12-06 00:36 - 2018-02-17 08:58 - 000000000 ____D C:\Users\PC\Downloads\GTA V Mods
2018-12-06 00:27 - 2018-04-12 03:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-05 23:06 - 2018-04-01 14:10 - 000000000 ____D C:\ProgramData\CLink4
2018-12-05 21:22 - 2015-07-16 21:38 - 000000000 ____D C:\Users\PC\Downloads\Overclocking
2018-12-05 20:53 - 2018-04-12 03:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-05 20:50 - 2018-05-16 21:41 - 000004576 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-05 20:49 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-05 20:49 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-04 18:13 - 2018-08-02 17:40 - 112558080 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 005513216 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 003043328 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 000069632 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2018-12-04 18:13 - 2018-08-02 17:40 - 000045056 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2018-12-04 17:56 - 2018-04-06 13:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-04 17:46 - 2015-07-16 18:15 - 000592416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-04 17:45 - 2017-11-19 01:48 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2018-12-03 19:27 - 2018-03-25 17:24 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA Corporation
2018-12-03 17:18 - 2015-07-16 18:32 - 000000000 ___RD C:\Users\PC\Desktop\Games
2018-12-02 16:08 - 2015-07-16 22:42 - 000000000 ____D C:\ProgramData\Origin
2018-12-02 13:22 - 2015-07-16 17:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Origin
2018-12-02 13:21 - 2017-03-15 12:41 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-12-01 14:17 - 2017-05-15 10:05 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2018-12-01 14:17 - 2016-07-29 23:58 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2018-11-30 12:07 - 2015-12-18 17:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-11-17 10:32 - 2015-07-16 21:22 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2018-11-16 08:41 - 2015-07-19 13:44 - 000000000 ____D C:\Program Files\Rockstar Games
2018-11-16 08:41 - 2015-07-19 13:44 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-11-15 23:28 - 2018-03-25 16:04 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-11-14 22:58 - 2018-10-12 14:31 - 078589952 _____ C:\WINDOWS\system32\config\COMPONENTS.iodefrag.bak
2018-11-14 22:58 - 2015-08-18 23:30 - 000000000 ___RD C:\Users\PC\3D Objects
2018-11-14 22:58 - 2015-08-05 22:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 22:57 - 2018-04-12 03:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 16:41 - 2015-07-16 23:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 16:40 - 2015-07-16 23:32 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 02:15 - 2018-08-02 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
2018-11-14 02:15 - 2018-08-02 03:44 - 000002912 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (PC)
2018-11-14 02:07 - 2015-07-16 17:41 - 000000000 ____D C:\ProgramData\IObit
2018-11-14 01:43 - 2015-07-17 15:40 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2018-11-12 18:46 - 2015-12-19 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-11-11 21:57 - 2015-07-16 17:26 - 000000000 ___RD C:\Users\PC\OneDrive
2018-11-10 16:28 - 2015-07-20 22:25 - 000000000 ____D C:\Users\PC\Documents\The Witcher 3
2018-11-08 14:34 - 2016-08-31 11:56 - 000000000 ____D C:\Users\PC\Documents\Overwatch

==================== Files in the root of some directories =======

2016-08-28 12:38 - 2016-08-28 12:38 - 130403753 _____ () C:\Users\PC\Razer Synapse Tournament Drivers 20160828_1202.exe
2015-07-16 22:55 - 2015-07-16 22:55 - 006420480 _____ () C:\Program Files (x86)\GUT84CB.tmp
2018-02-16 10:54 - 2018-02-16 10:54 - 000000000 _____ () C:\Users\PC\AppData\Roaming\User Loops
2018-09-28 22:12 - 2018-09-28 22:12 - 000000000 _____ () C:\Users\PC\AppData\Local\oobelibMkey.log
2015-11-18 15:53 - 2015-11-18 15:53 - 000000000 _____ () C:\Users\PC\AppData\Local\{25481B64-D937-4BC8-B287-02EA2C4949D9}

Some files in TEMP:
====================
2018-12-07 02:27 - 2018-12-07 02:27 - 001639936 _____ (CPUID) C:\Users\PC\AppData\Local\Temp\speccycpuid.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-16 21:36

==================== End of FRST.txt ============================

FRST Addition Scan Log: 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by PC (07-12-2018 02:43:40)
Running from C:\Users\PC\Desktop\FRST
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-16 17:42:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1745146063-4005962234-3562053907-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1745146063-4005962234-3562053907-503 - Limited - Disabled)
Guest (S-1-5-21-1745146063-4005962234-3562053907-501 - Limited - Disabled)
PC (S-1-5-21-1745146063-4005962234-3562053907-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-1745146063-4005962234-3562053907-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Enabled - Up to date) {B0E01426-BAA5-1238-3149-39CD9D517112}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"BioShock Infinite" (HKLM-x32\...\{D081C29C-1DDC-4C55-BCBF-DF8519636331}_is1) (Version: 1.1.25.5165 - )
µTorrent (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 11 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 11.2.0 - IObit)
Alan Wake (HKLM-x32\...\Alan Wake_is1) (Version:  - )
APP Shop v1.0.20 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.20 - ASRock Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASRock XFast RAM v3.0.3 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assassin’s Creed Syndicate version 1.0.0 (HKLM-x32\...\Assassin’s Creed Syndicate_is1) (Version: 1.0.0 - Ubisoft)
Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC (HKLM-x32\...\Assassin's Creed 4.Black Flag.Deluxe Edition.v 1~0EF22208_is1) (Version: Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.04 + 7 DLC - RiP by Fenixx (22.12.2013))
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
A-Tuning v2.0.271 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.271 - ASRock Inc.)
Batman Arkham Origins, версия Complete Edition (HKLM-x32\...\Batman Arkham Origins_is1) (Version: Complete Edition - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.2.0.6 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 Repack (HKLM-x32\...\Borderlands 2_is1) (Version: 1.8.0 - 2K Games, Repack by Joker_RETURNS)
Borderlands The Pre-Sequel version 1.0 (HKLM-x32\...\Borderlands The Pre-Sequel_is1) (Version: 1.0 - GMT-MAX.ORG)
Call of Duty Advanced Warfare Update 2 (HKLM-x32\...\Q2FsbG9mRHV0eUFkdmFuY2VkV2FyZmFyZQ==_is1) (Version: 1 - )
Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - )
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{40036d0c-634b-4fc0-be89-13343b4bea96}) (Version: 4.9.7.35 - Corsair Components, Inc.)
Corsair LINK 4 (HKLM-x32\...\{D97F4B31-5A7D-4A07-AC85-16D64FAB93E1}) (Version: 4.9.7.35 - Corsair Components, Inc.) Hidden
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Deezer 0.17.5 (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\67490f87-0893-5593-ae76-b1e5d0acd13f) (Version: 0.17.5 - Deezer)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.22 - NVIDIA Corporation) Hidden
DMC Devi May Cry (c) Capcom version 1 (HKLM-x32\...\DMC Devi May Cry (c) Capcom_is1) (Version: 1 - )
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.0.2 - IObit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Far Cry 3 Blood Dragon (HKLM-x32\...\Far Cry 3 Blood Dragon_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition (HKLM-x32\...\Far Cry 4 - Gold Edition_is1) (Version: Far Cry 4 - Gold Edition - )
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts)
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
Haste Esports Accelerator (HKLM\...\{0CE25888-B1A7-425C-8782-EE25F5D03430}) (Version: 0.99.2300 - Haste)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HitFilm 4 Express (HKLM\...\{F8BB3662-69A1-4EF1-8674-ADD90AAD3D08}) (Version: 4.0.5723.10801 - FXHOME)
iBackup Viewer 3.23.1 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
Intel(R) Chipset Device Software (HKLM-x32\...\{da2de8c3-61b9-4b3b-916d-6b2fb2b1a90c}) (Version: 10.0.21 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
IObit Malware Fighter 6 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 6.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
League of Legends (HKLM-x32\...\{DB179A5E-BDE5-4565-AE14-AA10C64C0572}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.114 - Logitech)
Max Payne 3 (HKLM-x32\...\Max Payne 3_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Metro: Last Light Redux (HKLM-x32\...\Metro: Last Light Redux_is1) (Version:  - Deep Silver)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle-earth Shadow of War v.1.0 (HKLM-x32\...\Middle-earth Shadow of War_is1) (Version:  - )
MiniTool Partition Wizard Professional Edition 8.1.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version:  - MiniTool Solution Ltd.)
NetLimiter 4 (HKLM\...\{A92DB91D-4B0D-4B77-A961-CC446220345B}) (Version: 4.0.15.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.15.0) (Version: 4.0.15.0 - Locktime Software)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Graphics Driver 417.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.22 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\OpenIV) (Version: 2.9.1.926 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Project CARS (HKLM-x32\...\Project CARS_is1) (Version: 1.0.1.1 - Релиз от R.G. Steamgames)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RAPID Mode (HKLM\...\{34EF1328-6F71-4077-99AA-E44690F42043}) (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.7.5 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RogueKiller version 13.0.15.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.0.15.0 - Adlice Software)
Ryse - Son of Rome (HKLM-x32\...\Ryse - Son of Rome_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.22.0.0 - GOG.com)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\{41D34B39-34A5-4FBC-94E6-810615A25781}_is1) (Version:  - )
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.02 - Ubisoft)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB  (07/14/2017 3.3) (HKLM\...\A2206C09905C467F30CB24DCBB49F056D7F0A290) (Version: 07/14/2017 3.3 - Corsair Components, Inc.)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Registry Cleaner 10.1.3 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.3 - WiseCleaner.com, Inc.)
Wolfenstein - The Old Blood (HKLM-x32\...\Wolfenstein - The Old Blood_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [                    IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2018-06-22] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2008-07-07] (PowerISO Computing, Inc.)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-11-29] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\Program Files (x86)\WinRar\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {094E40CA-9FA0-4B4C-9429-5F4A7C130A32} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-30] (Microsoft Corporation)
Task: {107F6077-7941-499B-9897-F015F5F6C59F} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {1572ABED-8747-40C5-93B0-E6493FAD9C29} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {1A6C9138-9C9D-49BD-9A8F-09D1F171636F} - System32\Tasks\Driver Booster SkipUAC (PC) => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe [2018-09-25] (IObit)
Task: {1BCD583E-0417-4CA5-B675-64F8A549DD8F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-30] (Microsoft Corporation)
Task: {24C96D9F-2113-47D3-8E81-0CACDFCAE53E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-30] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {355DD47D-2CAF-48FD-AF89-C316FB79C7DD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {36986958-1771-46DB-B0B6-929D81ECF1D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {37026F39-AAD4-4E94-A280-2B654870A26A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-30] (Microsoft Corporation)
Task: {3B927973-A40C-45BE-8B1B-C8D7E6608981} - System32\Tasks\ASCU11_PerformanceMonitor => C:\Program Files (x86)\Advanced SystemCare Ultimate\Monitor.exe [2018-03-28] (IObit)
Task: {43F1C8C5-31A1-46D0-A4A1-9C4F97751712} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {452B0ADE-9B6B-4E70-8431-20ECA32D033C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {45C89C0E-0C57-40BE-B33E-EA9098B63816} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {5A8B83AC-230D-44C7-9E1C-190964FF002D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {5B4443C3-1DF8-4E6A-8C57-8F70D57C6E62} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {681FFCEC-59AE-48AC-B984-E7267C980B82} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {7BBAAB8B-F70A-4BF6-B77F-EA61D51890A7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {879DA368-9E0A-4AAC-B94F-59B55DBC6F2B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {8EFE5D52-8858-4071-827D-1B3306BB3A9A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {94285C42-F61C-4539-B758-B1D28B6AABDA} - System32\Tasks\AsrSP.exe => C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe [2014-12-02] ()
Task: {9AE31C1E-396E-40F3-8258-64BF5CF258B2} - System32\Tasks\FRAPS => F:\Program Files (x86)\Fraps\fraps.exe [2013-02-26] (Beepa P/L) <==== ATTENTION
Task: {9CBA99EE-778B-410E-9539-A179262BD785} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-30] (Microsoft Corporation)
Task: {9E3A1A93-A752-432B-8656-7157EFAB553C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {A3FB2426-67F9-4444-9F9B-B21E9369802F} - System32\Tasks\SamsungMagician => F:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {B26DD016-3EA7-45D4-93B3-DEB505193BA9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B3272292-37DC-4E67-A82B-8C96B67F364A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {B8213C22-4FBF-4DA2-9C40-8BF38CADAAB2} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-seif_mohd@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BDBF8FA3-279B-42E8-B7BF-C35A43C7A164} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.0.2\Scheduler.exe [2018-09-20] (IObit)
Task: {C39135AD-7BCA-46BD-847B-D4A6D47FDA8C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {C3F4073B-D2E3-41D2-926D-77288D816DA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-11-30] (Microsoft Corporation)
Task: {C68BAC8D-9DD8-4E5E-AC6D-86D5DB803CF3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {C899A2DD-EC8F-4952-B755-400E9AFA1AD5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-seif_mohd@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {CFF925E7-F747-4A69-9AE3-7DAD19080F6E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-12-06] (AVAST Software)
Task: {D244A761-889C-46A7-8008-FAF201CBD8D0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {D38BFE08-E612-448D-BF4A-894613BA52A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {D8EDF002-8D41-4AAF-94B9-029D1D1BFF1A} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {D930690D-0BF2-4EED-8E4F-A2F31C40602A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {DA83BC84-2930-41BE-B7C6-3CB8EA2CA518} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {DCEED95F-FA38-4057-8A04-02DD829C4927} - System32\Tasks\WiseCleaner\WRCSkipUAC => F:\Program Files (x86)\Wise Registry Cleaner\WiseRegCleaner.exe [2018-11-27] (WiseCleaner.com)
Task: {DCFF51E4-75E2-4CE7-A9CC-BDE5F3EAAA6D} - System32\Tasks\PS4 Controller => C:\Program Files (x86)\PS4 Controller\DS4Windows.exe [2015-12-18] ()
Task: {E34342F2-B941-4B1E-B86C-B25A3FEB45D5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E753B0C1-564D-47CC-9981-0C650254366C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {FD9F43B3-DE0A-40E9-992B-424C16853689} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 03:34 - 2018-04-12 03:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 000444416 _____ () c:\windows\system32\SSDM.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-25 23:11 - 2014-07-31 16:17 - 000463112 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2018-11-14 23:03 - 2018-11-16 15:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-20 02:09 - 2017-07-20 02:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-05-04 15:27 - 2017-05-04 15:27 - 000061440 _____ () C:\Program Files\Haste\Haste Esports Accelerator\WinDivert.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 03:34 - 2018-04-12 03:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-14 16:36 - 2018-11-01 10:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 17:27 - 2018-10-04 17:27 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 010885632 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 002850816 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-05 20:53 - 2018-12-05 20:53 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-30 12:00 - 2018-11-16 09:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-30 12:00 - 2018-11-16 09:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2015-12-31 18:54 - 2015-12-18 23:07 - 003214848 _____ () C:\Program Files (x86)\PS4 Controller\DS4Windows.exe
2017-01-11 02:17 - 2016-06-21 19:30 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-01-11 02:17 - 2016-06-21 19:29 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-01-11 02:17 - 2016-06-21 19:29 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-12-06 13:41 - 2017-08-04 13:44 - 000082720 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\GetProcessDLL.dll
2018-11-14 23:03 - 2018-11-16 15:55 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-12-06 13:41 - 2016-08-18 18:43 - 000442144 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madExcept_.bpl
2018-12-06 13:41 - 2016-08-18 18:43 - 000210720 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madBasic_.bpl
2018-12-06 13:41 - 2016-08-18 18:43 - 000059680 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\madDisAsm_.bpl
2018-12-06 13:41 - 2017-06-10 15:33 - 000631584 _____ () C:\Program Files (x86)\Advanced SystemCare Ultimate\ProductStatistics.dll
2018-11-14 02:15 - 2017-10-16 10:14 - 000442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\6.0.2\madExcept_.bpl
2018-11-14 02:15 - 2017-10-16 10:14 - 000210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\6.0.2\madBasic_.bpl
2018-11-14 02:15 - 2017-10-16 10:14 - 000059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\6.0.2\madDisAsm_.bpl
2014-03-20 14:43 - 2014-03-20 14:43 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-11 02:17 - 2015-12-28 13:50 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2017-01-11 02:17 - 2016-11-09 14:35 - 000631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-06 21:09 - 2018-12-06 21:09 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SamsungRapidApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "DiscWizardMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\StartupFolder: => "Auto Profiles.xml"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\StartupFolder: => "Actions.xml"
HKU\S-1-5-21-1745146063-4005962234-3562053907-1001\...\StartupApproved\Run: => "NetLimiter"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A931A79-316D-4EA0-81F1-122076D6A748}] => (Allow) F:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{51D24A82-17C4-4CFF-A20E-32DAC92624BC}] => (Allow) F:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{19E1AEE8-0FD5-4EFC-B269-E0BD6F816C35}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D21CC886-EF0F-42B8-81D1-DFE309279B91}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{6C05C3AB-AD1B-4C70-8483-2F2CDEA05C32}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{4A9638C7-A095-4B37-93B6-C9DD8A5E23A0}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [UDP Query User{CC81CCAC-9A78-4E6D-8BA9-44AD376DA3AF}F:\program files (x86)\call of duty black ops iii\blackops3.exe] => (Allow) F:\program files (x86)\call of duty black ops iii\blackops3.exe
FirewallRules: [TCP Query User{D676CDA2-80D0-43F7-B0CA-5B546E806B3E}F:\program files (x86)\call of duty black ops iii\blackops3.exe] => (Allow) F:\program files (x86)\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{46B8FE51-6FAC-435D-B707-5F70CD3893B4}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [TCP Query User{DBA0E5FE-46A6-414F-B6BF-A07F7BEFE9CA}F:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) F:\program files (x86)\origin games\bfh\bfh.exe
FirewallRules: [UDP Query User{92FED833-91CA-45BD-96FF-1501D12010F3}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [TCP Query User{AA8E28B7-C09C-4DAC-8372-3396AA842713}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{B67E3AAD-C0A6-4325-9C6D-DE7D1F98C63F}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [{AA48F697-8F80-44A7-B825-C3BA5A6D9ACF}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe
FirewallRules: [UDP Query User{2C1659E9-6E5D-40E0-AD6B-CD209218AF89}F:\program files (x86)\origin games\titanfall\titanfall.exe] => (Allow) F:\program files (x86)\origin games\titanfall\titanfall.exe
FirewallRules: [TCP Query User{6F2663DC-A78F-4C61-B913-13D2F847D4CA}F:\program files (x86)\origin games\titanfall\titanfall.exe] => (Allow) F:\program files (x86)\origin games\titanfall\titanfall.exe
FirewallRules: [UDP Query User{713B34A5-2C25-4BB6-9B75-DDAE8369B7EE}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{71DCE148-6A82-451F-994B-377C30BF8416}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{6C34AF8F-3583-4251-8DE5-5E5B123C1E6B}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Allow) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{8DAA2235-1759-48A4-ABD4-B2C21647473C}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Allow) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{A53816F8-DF7F-4244-BD87-D3AABD1DBCD3}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{9FD730B9-8213-4D4A-81D2-ADB7CA4A716B}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{BEEBDB06-4221-4771-9C67-D37F49898536}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{650F68DB-0AEC-4AB7-959C-1A7C64EF6526}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [UDP Query User{F3E7999A-A228-4843-BCCA-7DBA250028F4}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{4C5A4382-A05C-436A-B8E9-AD6D9BC27B8A}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Block) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [{F1BCB19A-3C93-4AD6-8D78-425820B4E6EF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{CC613C48-5758-435D-9EC9-5B2B13FD169C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [UDP Query User{BC6A45FF-8997-4DE5-B792-DAEA53D51FED}F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe
FirewallRules: [TCP Query User{0543600B-AC1C-44E8-90D2-6DC50F0EB95E}F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe] => (Allow) F:\program files (x86)\ubisoft game launcher\games\assassin's creed unity\acu.exe
FirewallRules: [{D8B88B63-A2B2-4E9D-932B-EDCCA45ADE84}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{38FF5CCA-A2E2-4D1C-BF01-65E5D6470DAF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{B84E6423-6C17-4E75-8C31-6C22F01949A7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [UDP Query User{D96B48AA-8280-45BF-AFF5-71AF2A86DF3B}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{A595A762-6BE4-487A-BEE3-BA0314569C31}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{EFFF15ED-1116-481B-BD6D-71F690EE0765}] => (Allow) LPort=3389
FirewallRules: [{77CBFEC0-BFD4-45D1-8299-9C6616738ACC}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2A9397A-835B-42C9-A126-C25567EE4C59}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F1B731EA-02EC-432C-AE13-2C9037989E68}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F9977F04-045D-4F3E-9B20-A431AFA68689}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FA02BBE6-4F59-4CC9-B9F7-7FF585A77B14}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2050E3BA-A60D-45C6-AA43-C67737ED347A}] => (Allow) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B62BB7EE-BE99-461C-9689-368E70A18493}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{1FE7F81F-D899-4E70-80B7-EF9192180E84}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4ADDC7BB-CC29-495B-BC18-E3FA8D91B320}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{BE1F0A7E-61EC-4B99-B257-A264C7FFB3C1}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{08C0C41F-01CE-49A3-BD6C-DE77083231C7}F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\program files (x86)\borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{5B8489EA-2510-4EC2-B900-D4E599BD1299}] => (Allow) F:\Program Files (x86)\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{99A321F0-62E0-4EB2-AFE5-19E672910A75}] => (Allow) F:\Program Files (x86)\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{20D461BC-B1DD-4E53-A8B2-45968C6E7026}] => (Allow) F:\Program Files (x86)\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C5D33200-E39A-4332-8A86-7DEDE7FCD832}] => (Allow) F:\Program Files (x86)\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{CB68F46B-309A-465D-86E2-87CCD6A6666E}F:\program files (x86)\dying light\dying light\dyinglightgame.exe] => (Allow) F:\program files (x86)\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{55B2103E-090E-4CC4-9FBF-B1D9B61E1F19}F:\program files (x86)\dying light\dying light\dyinglightgame.exe] => (Allow) F:\program files (x86)\dying light\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{A8524EEB-AD57-4E7D-94E2-9DEF23B9EEEA}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [UDP Query User{2CB642D2-ED8E-4DB5-8D5C-EB494A26BFD9}F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe] => (Allow) F:\program files (x86)\devi may cry\binaries\win32\dmc-devilmaycry.exe
FirewallRules: [TCP Query User{8691C369-44F1-49E4-BBA8-5E65DD22A481}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [UDP Query User{BB2F7EE7-CCD9-482E-930F-A31021DAD63A}F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Allow) F:\program files (x86)\splinter cell blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{5759C3A8-D650-479E-8E6E-38222F1F8326}C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [UDP Query User{A79B5677-D198-416C-93A5-946085894F8A}C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [{138F68C4-E9CA-4626-A86E-4816912D73A9}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6F7F27E7-17F6-4A5C-B8B1-CDBB3C9CD375}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{4E22E97E-E871-4BDD-88BE-B80D7F512A48}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EBE3EE69-903E-4B86-9A96-3489D40FE541}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{02DFF792-D556-4195-BD2A-C63E2F389CE9}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Block) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{D77C35D1-5CF2-47F5-937F-E4E3F2C6FE88}F:\program files (x86)\max payne 3\maxpayne3.exe] => (Block) F:\program files (x86)\max payne 3\maxpayne3.exe
FirewallRules: [{2136905A-BA76-4DDA-AA11-4EBD761A4C7E}] => (Allow) F:\Program Files (x86)\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{EB5575AD-F408-4B31-B759-E4FF10FF63BD}] => (Allow) F:\Program Files (x86)\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{2EA5A25C-0A1E-4DB0-B6F1-282E0065BB78}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{03A71D46-84BE-4E58-AD2A-83CC11228ADA}] => (Allow) F:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{7D448BFC-806F-437C-A2E5-CED70E56D513}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{28ED70E9-0D68-494A-9759-07EAF89DD80B}] => (Allow) F:\Program Files (x86)\Origin Games\BFH\bfh.exe
FirewallRules: [{EBEC9A76-1200-4562-A580-6C77E604A9B6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{2C1291AA-5B7E-49B6-BC28-C13486C68A9D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{D499320B-09D5-4D4A-BCE4-B518399E34F3}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{F6CF7435-829D-4DAB-BCDB-165D1E601145}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{AA1880D2-E06F-4AA6-975E-9D664BDABD0D}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{DD5B0D15-BE2D-47DA-8026-E4A377694163}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B9F2D1CA-FA32-41D4-A911-00557E363075}] => (Allow) F:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{32585163-6D5E-4D6A-B5F6-715432C152E5}] => (Allow) F:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{2FF5B205-5C4C-425F-B718-F9E71AB74E06}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{6B5C9E52-B1E2-456D-BA1B-4ED5EF5F4BD6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [TCP Query User{FA654C9D-1628-4332-A956-35D36D659593}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{A1E4F801-8E3C-48A4-B953-274C18B5B3B0}F:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) F:\program files (x86)\far cry 4\bin\farcry4.exe
FirewallRules: [{6F216D94-8D57-4D64-BCE7-8B90FD923D11}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{A91F86F6-D18A-4009-AE53-F621CFDB8B5D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{9BCA7EC2-7255-41A3-A91B-A9AC45F6F5B4}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{DE745EED-E69F-4052-A6F0-AA390208A112}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{EB0D1673-3C96-44AD-8E2C-9F7A10FB525D}F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Block) F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [UDP Query User{34D2BAC1-9028-4BC9-A190-F456A81C91D7}F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe] => (Block) F:\program files (x86)\borderlands 2\binaries\win32\borderlands2.exe
FirewallRules: [{91EBA601-BAB8-4C0F-9052-908237280363}] => (Allow) LPort=3724
FirewallRules: [TCP Query User{990A1E3B-3E52-45D8-ACFA-862BDC2F9377}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{27C9E56D-87B2-41AD-A00B-4BE922B419FE}F:\program files (x86)\overwatch\overwatch.exe] => (Allow) F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4D4885A5-83CD-4528-8B70-D20E77EABFA0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{E18E0BEA-CA34-4F29-8889-013C80A8D145}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [TCP Query User{229538CB-B306-4A19-B236-8656E8B4DF1F}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{76F521A4-09DC-40FF-BE76-D1F3FE8579A7}F:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) F:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{03844735-56B2-43D2-904A-866183ABE4C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A18E1D2E-9238-46E6-98D6-E0818AB61044}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E898ADA7-93EF-4011-9D1F-9CEEF096BF6B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CEFA82F1-C612-4B97-87CD-4E03917EB88C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{25DC02FA-E541-4520-B6E0-B0D9589F45A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{69520D8E-5D74-4EB7-851F-408274C4E12B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{A8FCBA9A-0C47-47E6-BA11-511534340AC3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{F503E34B-BDBE-4A94-8C86-CC8370BE8D0B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{E6310DEC-048B-4710-BB68-F260FEB982AA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DriverBooster.exe
FirewallRules: [{8191C496-2AF7-4E33-8521-D9BEB8B31257}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{D342F441-0647-4CA7-B61C-3E092AAF42F5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\DBDownloader.exe
FirewallRules: [{C631CE36-A858-490B-A8EB-D8B1461D49BE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{2A62502E-5962-402E-B307-E410DE1D2DB8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.0.2\AutoUpdate.exe
FirewallRules: [{DA84530D-6ABA-40F8-93AF-145EEEC8C937}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{482F7627-9F57-4FC0-B329-2B1BA47EB4D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{870EA809-F62C-4AE9-87E9-83940ABB5FDB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{D746F72E-84DA-4456-BEC5-009FA5F5C8A7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{8F02B381-6AB6-4EC8-BBD8-10EDA6BC8BF2}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{0B8C79B5-8287-4E03-BE0A-0518BC1DA41E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{62C78DC3-07D3-446E-A6BA-AC2B10473310}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{E03F44EA-DB93-4A7E-BB25-DB08998EBAF2}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9290F4DF-35AF-4069-A040-55D83E0DB4B6}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe
FirewallRules: [{FF0537E8-325F-470C-9307-F13CE79BF5F3}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{C990710B-D064-4AA2-96BF-0FA801D492A5}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{0336F7B1-166B-4B4B-9F3B-A50670750A23}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\HITMAN2\Launcher.exe
FirewallRules: [{87483157-FB07-4DFB-BFE9-925190BE15BB}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\HITMAN2\Launcher.exe
FirewallRules: [TCP Query User{ED131632-A45E-48D4-91BB-8E15EEF045B9}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [UDP Query User{C9666551-EBF4-42E8-BE14-874F360E4967}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.176\deploy\leagueclient.exe
FirewallRules: [{8FF5222C-5CF7-46B0-8AF8-9F584990650A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{01C3AD61-5EF7-4663-8AFE-6DA45C575342}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{635F48C2-F132-4C3C-9291-633A15443555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F67529C3-B374-4E9C-9A01-6D588F9D0CD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{AB348629-713C-4857-B5FD-23218BE6BEAE}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe
FirewallRules: [UDP Query User{7C500594-BF71-4778-91DA-70A8DD6E750D}C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe] => (Allow) C:\program files (x86)\riot games\league of legends\rads\projects\league_client\releases\0.0.0.177\deploy\leagueclient.exe
FirewallRules: [{114F3CBD-C645-4BC8-BBFF-23B36F7EB519}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsEC01.tmp
FirewallRules: [{015FD867-BFB4-46FB-9628-0093DE3DFF45}] => (Allow) C:\Users\PC\AppData\Local\Temp\InsEC01.tmp

==================== Restore Points =========================

06-12-2018 04:33:36 Restore Point Created by FRST
06-12-2018 15:03:24 Driver Booster : Generic Non-PnP Monitor
06-12-2018 21:19:51 Installed Sophos Virus Removal Tool.

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2018 02:43:33 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/07/2018 02:27:30 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/07/2018 02:17:52 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/07/2018 02:01:49 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/07/2018 01:45:46 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/07/2018 01:29:43 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (12/07/2018 01:15:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2018.18091.17210.0, time stamp: 0x5be87e15
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17134.376, time stamp: 0x35659a8d
Exception code: 0xc000027b
Fault offset: 0x00000000006a56b2
Faulting process id: 0x3974
Faulting application start time: 0x01d48da8b7cde49c
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 4e6221d2-375f-46b4-9071-7fc5f9517d03
Faulting package full name: Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (12/07/2018 01:13:40 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.


System errors:
=============
Error: (12/07/2018 02:30:09 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (12/07/2018 02:27:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
Unable to access a key.

Error: (12/07/2018 02:27:25 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630203.

Error: (12/07/2018 02:27:16 AM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/07/2018 02:27:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/07/2018 02:27:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/07/2018 02:27:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMPNetworkSvc service terminated with the following error: 
An attempt was made to reference a token that does not exist.

Error: (12/07/2018 01:47:28 AM) (Source: DCOM) (EventID: 10016) (User: SHELBY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user SHELBY\PC SID (S-1-5-21-1745146063-4005962234-3562053907-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-12-04 17:58:02.680
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:58:02.668
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:57:27.100
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Unwaders.C!ml&threatid=242874&enterprise=0
Name: Program:Win32/Unwaders.C!ml
ID: 242874
Severity: Severe
Category: Potentially Unwanted Software
Path: file:_C:\Users\PC\AppData\Local\Temp\4314625\ic-0.611060b53f4af4.exe; process:_pid:17572,ProcessStart:131884045777468702
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: C:\Users\PC\AppData\Local\Temp\4314625\ic-0.611060b53f4af4.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:57:27.098
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CoinMiner.BW!bit&threatid=2147723499&enterprise=0
Name: Trojan:Win32/CoinMiner.BW!bit
ID: 2147723499
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe; process:_pid:12232,ProcessStart:131884050440058139
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Program Files (x86)\KMSPico 10.2.1 Final\activation.exe
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-04 17:56:53.852
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Vigram.A&threatid=232718&enterprise=0
Name: Program:Win32/Vigram.A
ID: 232718
Severity: Severe
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\KMSPico 10.2.1 Final\KMSPicoActivator.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.281.1358.0, AS: 1.281.1358.0, NIS: 1.281.1358.0
Engine Version: AM: 1.1.15400.5, NIS: 1.1.15400.5

Date: 2018-12-06 02:56:48.151
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===================================

Date: 2018-12-04 18:39:46.597
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.579
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.487
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-04 18:39:46.473
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-30 12:01:41.782
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-30 12:01:41.780
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-16 10:12:49.134
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2018-11-16 10:12:49.133
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 29%
Total physical RAM: 16341.29 MB
Available physical RAM: 11532.34 MB
Total Virtual: 38613.29 MB
Available Virtual: 31551.07 MB

==================== Drives ================================

Drive 😄 (SSD) (Fixed) (Total:462.04 GB) (Free:189.92 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (SSHD) (Fixed) (Total:1862.67 GB) (Free:651.63 GB) NTFS
Drive g: (HDD) (Fixed) (Total:931.17 GB) (Free:319.47 GB) NTFS

\\?\Volume{fcce612f-2b1c-11e5-8257-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.04 GB) NTFS
\\?\Volume{fcce612d-2b1c-11e5-8257-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.02 GB) NTFS
\\?\Volume{054f3ebd-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:1.42 GB) (Free:1.07 GB) NTFS
\\?\Volume{054f3ebd-0000-0000-0000-00de73000000}\ () (Fixed) (Total:0.45 GB) (Free:0.04 GB) NTFS
\\?\Volume{054f3ebd-0000-0000-0000-e0fa73000000}\ () (Fixed) (Total:1.84 GB) (Free:1.45 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 958718AE)
Partition 1: (Not Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 054F3EBD)
Partition 1: (Not Active) - (Size=1.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=462 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=461 MB) - (Type=27)
Partition 4: (Not Active) - (Size=1.8 GB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: BE0158D9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×