Jump to content

Recommended Posts

Hello,

I accidentally clicked a .lnk file that turned out to be a powershell script. I've now deleted the shortcut but a little worried if anything is being done in the background. Please help! Attached is the farbar tool outputs:

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by abdul (administrator) on AW-MXP (HUAWEI MACH-WX9) (01-05-2019 13:35:40)
Running from C:\Users\abdul\Downloads
Loaded Profiles: abdul (Available Profiles: abdul)
Platform: Windows 10 Pro Version 1809 17763.437 (X64) Language: English (United Kingdom)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\BraveCrashHandler64.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\HwOsd\OSDListener.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\HwOsd\OSDMainService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\PCManager\MateBookService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe
(Huawei Technologies Co., Ltd. -> Microsoft) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c8634ed19e331cda\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c8634ed19e331cda\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c8634ed19e331cda\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c8634ed19e331cda\IntelCpHeciSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1781f8bae8fdf5c0\aesm_service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\abdul\Downloads\adwcleaner_7.3.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11425.20244.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11425.20244.0_x86__8wekyb3d8bbwe\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelperBgt.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\abdul\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\abdul\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Paul Woolcock) [File not signed] C:\Users\abdul\AppData\Local\OutlookGoogleCalendarSync\app-2.7.0-beta\OutlookGoogleCalendarSync.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [821304 2018-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\Run: [Wox] => C:\Users\abdul\AppData\Local\Wox\app-1.3.578\Wox.exe
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-13] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\Run: [Google Update] => C:\Users\abdul\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-03-28] (Google Inc -> Google LLC)
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\Run: [Outlook Google Calendar Sync] => C:\Users\abdul\AppData\Local\OutlookGoogleCalendarSync\app-2.7.0-beta\OutlookGoogleCalendarSync.exe [892928 2019-03-25] (Paul Woolcock) [File not signed]
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\Run: [GoogleChromeAutoLaunch_3AF06501A7038BD0950BA5426D56FC3C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1716720 2019-04-03] (Google LLC -> Google Inc.)
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe [2069992 2019-04-23] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\...\Drivers32: [msacm.pspgru] => C:\Windows\SysWOW64\pspgru.acm [401920 2010-03-22] (Philips Austria GmbH - Speech Processing) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{103BD053-949B-43A8-9120-2E424887DE11}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\74.0.64.60\Installer\chrmstp.exe [2019-04-23] (Brave Software, Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\Users\abdul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2019-01-14]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04034781-1C76-42DE-9C6F-73D0956DBD4C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {0630BFE4-A475-40B9-A138-B6B2441C4270} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {1A0D5C06-5141-4251-9F35-305DA3946B36} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-39583113-2926969717-2907456783-1001UA => C:\Users\abdul\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {34198C60-DF82-4D04-BF0F-49DD3C47C8CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-04] (Google Inc -> Google Inc.)
Task: {3444B22A-C612-418F-9B30-A1103B7D0FD6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856616 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47D869CD-19B5-4BFA-AE65-52446DF629F9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {4FE48B39-7684-4631-881F-E387381DE8DA} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58BB0E22-8712-4636-B533-286DB8456F07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {75F69DB0-30EF-437A-82CC-049FA3C703F7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {7D747631-0B16-4023-833B-6EA13007D605} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-28] (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {803602F5-556D-45A2-B9E6-18B6D683A6DE} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {897BB266-18D8-4381-BB16-E0825CB2643D} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-28] (Brave Software, Inc. -> BraveSoftware Inc.) <==== ATTENTION
Task: {9214F860-655E-4E5A-88EC-7FCAD71095E9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {950F1172-097F-436F-877D-CD6D9498B103} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B33FFE1-F56C-4EE4-B3DA-C5674F308CCB} - System32\Tasks\Run ThrottleStop on Startup => D:\Programmes\ThrottleStop_870\ThrottleStop.exe [463016 2019-01-05] (TechPowerUp LLC -> uWebb Software)
Task: {9ED17ECE-42F0-4B60-8525-14BF57145AC8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [982568 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A08DEEB6-BE75-4C75-BE31-39D2E5D20A29} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-04] (Google Inc -> Google Inc.)
Task: {A9922B29-19D8-4AF9-ACE9-5B15B6C013C8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [647720 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AD55E40A-011A-430D-B65D-180C533BF119} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {AE985FCE-1824-4321-B387-50EA843E99F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-39583113-2926969717-2907456783-1001Core => C:\Users\abdul\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {B8DAF88D-E0BF-427B-A751-12085F61B801} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297832 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3958101-9DA6-4428-9A74-AA4C0008B5C9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {CBAA3EF2-5203-44A8-9F0F-49EBA29E7D93} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DB794646-BE1D-40DA-9007-88891C96126E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [856616 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DD804047-7497-4705-A488-82165BF4119B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {F4FFC411-3A0D-4ACE-B218-E53B14518038} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [927272 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF295DDF-DEE2-4FA0-9F75-A4DF680CAB17} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{651c8d2c-48da-41a1-b052-c4fd807aa544}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{676c31e3-66b9-45ea-9e99-3d25b8fd7f79}: [DhcpNameServer] 172.16.50.12 172.16.50.14

Internet Explorer:
==================
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-39583113-2926969717-2907456783-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgnriaie_x64.dll [2014-07-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [2014-07-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2019-04-17] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2018-12-25] (Foxit Software Incorporated -> )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2018-12-25] (Foxit Software Incorporated -> )

FireFox:
========
FF DefaultProfile: yco2z8wz.default
FF DefaultProfile: fbnxrmqu.default
FF ProfilePath: C:\Users\abdul\AppData\Roaming\Zotero\Zotero\Profiles\yco2z8wz.default [2019-03-07]
FF Extension: (Better BibTex for Zotero) - C:\Users\abdul\AppData\Roaming\Zotero\Zotero\Profiles\yco2z8wz.default\Extensions\better-bibtex@iris-advies.com.xpi [2019-03-07] [Legacy] [not signed]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero\extensions\zoteroOpenOfficeIntegration@zotero.org [2019-01-14] [Legacy] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero\extensions\zoteroWinWordIntegration@zotero.org [2019-01-14] [Legacy] [not signed]
FF ProfilePath: C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default [2019-04-25]
FF NewTabOverride: Mozilla\Firefox\Profiles\fbnxrmqu.default -> Disabled: {c3065ed0-5d6f-4622-b597-c2cefdde9d50}
FF NewTabOverride: Mozilla\Firefox\Profiles\fbnxrmqu.default -> Enabled: uBlock0@raymondhill.net
FF Extension: (Bing to Google) - C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default\Extensions\bingtogoogle@louisgrasset.fr.xpi [2019-02-21]
FF Extension: (LeechBlock NG) - C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default\Extensions\leechblockng@proginosko.com.xpi [2019-04-07]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default\Extensions\sp@avast.com.xpi [2019-02-14]
FF Extension: (uBlock Origin) - C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-13]
FF Extension: (Avast Online Security) - C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default\Extensions\wrc@avast.com.xpi [2019-01-04]
FF Extension: (Zotero Connector) - C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default\Extensions\zotero@chnm.gmu.edu.xpi [2019-03-25] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Bing2Google) - C:\Users\abdul\AppData\Roaming\Mozilla\Firefox\Profiles\fbnxrmqu.default\Extensions\{5f4e7d3d-9e51-459e-9dab-2a2a70415ae7}.xpi [2019-03-03]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2018-12-06] [Legacy]
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2018-12-06]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-12-20] (VideoLAN -> VideoLAN)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [2014-07-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-03-28] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-03-28] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll [2014-07-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-39583113-2926969717-2907456783-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\abdul\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-39583113-2926969717-2907456783-1001: @talk.google.com/O1DPlugin -> C:\Users\abdul\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-39583113-2926969717-2907456783-1001: @tools.google.com/Google Update;version=3 -> C:\Users\abdul\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-39583113-2926969717-2907456783-1001: @tools.google.com/Google Update;version=9 -> C:\Users\abdul\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\abdul\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2019-03-18]
FF Plugin ProgramFiles/Appdata: C:\Users\abdul\AppData\Roaming\mozilla\plugins\npo1d.dll [2019-03-18]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/?gfe_rd=cr&ei=QLxOWKqFEMeN8QeRzI-ADQ&gws_rd=ssl","chrome://newtab/"
CHR Profile: C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default [2019-05-01]
CHR Extension: (Slides) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Save to Google Photos™) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoanickgmocpddnppajakfcafbkncdab [2019-04-09]
CHR Extension: (Docs) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Google Drive) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-18]
CHR Extension: (YouTube) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Foxit PDF Creator) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2019-03-18]
CHR Extension: (uBlock Origin) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-04-03]
CHR Extension: (Zotero Connector) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2019-03-30]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-18]
CHR Extension: (Sheets) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Google Docs Offline) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-18]
CHR Extension: (AdBlock) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-13]
CHR Extension: (Avast Online Security) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-01]
CHR Extension: (Google Play Music) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2019-03-18]
CHR Extension: (90kids Games) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\illbbfoihflomkbpcaaakhijinbnejom [2019-03-18]
CHR Extension: (Dropbox) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2019-03-18]
CHR Extension: (Pocket Website) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2019-03-18]
CHR Extension: (Google Scholar Button) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2019-03-18]
CHR Extension: (Instapaper) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2019-05-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-03-18]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2019-03-18]
CHR Extension: (Google Hangouts) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2019-05-01]
CHR Extension: (Save to Pocket) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-05-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-18]
CHR Extension: (Material Simple Dark Grey) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2019-03-18]
CHR Extension: (Gmail) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\abdul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-18]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2018-12-06]
CHR HKU\S-1-5-21-39583113-2926969717-2907456783-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2018-12-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1781f8bae8fdf5c0\aesm_service.exe [3226664 2018-02-02] (Intel(R) pGFX -> Intel Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-28] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-28] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [271280 2018-08-13] (Dolby Laboratories, Inc. -> )
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-12] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [306040 2018-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [21832 2019-01-18] (Huawei Technologies Co., Ltd. -> Microsoft)
R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [1077576 2019-01-18] (Huawei Technologies Co., Ltd. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-20] (NVIDIA Corporation -> NVIDIA Corporation)
R2 OSDMainService; C:\Program Files\Huawei\HwOsd\OSDMainService.exe [665928 2019-01-18] (Huawei Technologies Co., Ltd. -> )
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [821304 2018-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SessionSvc; C:\WINDOWS\System32\drivers\SessionService.exe [30200 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302184 2018-01-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74144 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 hwnetstat; C:\Program Files\Huawei\PCManager\WFPDriver.sys [32144 2019-01-18] (Huawei Technologies Co., Ltd. -> )
R2 HwOs2ECx64; C:\Program Files\Huawei\PCManager\HwOs2EC10x64.sys [57152 2019-01-18] (Huawei Technologies Co., Ltd. -> Huawei)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [199192 2018-05-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-05-01] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8822392 2018-09-26] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhwi.inf_amd64_594d9a2331c578e6\nvlddmkm.sys [20736208 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [282112 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WDTDrv; C:\WINDOWS\System32\Drivers\WDTDrv.sys [27048 2018-06-14] (Huawei Technologies Co., Ltd. -> Huawei Device)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 13:35 - 2019-05-01 13:36 - 000047440 _____ C:\Users\abdul\Downloads\FRST.txt
2019-05-01 13:35 - 2019-05-01 13:35 - 000000000 ____D C:\FRST
2019-05-01 13:34 - 2019-05-01 13:34 - 002430464 _____ (Farbar) C:\Users\abdul\Downloads\FRST64.exe
2019-05-01 13:33 - 2019-05-01 13:33 - 001788928 _____ (Farbar) C:\Users\abdul\Downloads\FRST.exe
2019-05-01 13:32 - 2019-05-01 13:32 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-05-01 13:31 - 2019-05-01 13:31 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-05-01 13:31 - 2019-05-01 13:31 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-05-01 13:31 - 2019-05-01 13:31 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-05-01 13:29 - 2019-05-01 13:30 - 000000000 ____D C:\AdwCleaner
2019-05-01 13:29 - 2019-05-01 13:29 - 007025360 _____ (Malwarebytes) C:\Users\abdul\Downloads\adwcleaner_7.3.exe
2019-05-01 13:21 - 2019-05-01 13:21 - 000000000 ____D C:\Users\abdul\AppData\Local\mbam
2019-05-01 13:20 - 2019-05-01 13:20 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-05-01 13:20 - 2019-05-01 13:20 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-01 13:20 - 2019-05-01 13:20 - 000000000 ____D C:\Users\abdul\AppData\Local\mbamtray
2019-05-01 13:20 - 2019-05-01 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-01 13:20 - 2019-05-01 13:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-01 13:20 - 2019-05-01 13:20 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-01 13:20 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-05-01 13:20 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-05-01 13:19 - 2019-05-01 13:19 - 063166624 _____ (Malwarebytes ) C:\Users\abdul\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10398.exe
2019-04-30 16:32 - 2019-04-30 16:32 - 000028982 _____ C:\Users\abdul\Downloads\ASHARIF_P60ESS2018_3042019163218_99413422yA.pdf
2019-04-29 06:04 - 2019-05-01 13:06 - 000000000 ____D C:\Users\abdul\AppData\LocalLow\uTorrent
2019-04-27 12:08 - 2019-04-27 12:08 - 000002523 _____ C:\Users\Public\Desktop\Evernote.lnk
2019-04-27 12:08 - 2019-04-27 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2019-04-27 11:58 - 2019-04-27 11:58 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2019-04-27 11:58 - 2019-04-27 11:58 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2019-04-25 16:09 - 2019-04-25 16:09 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-19 08:40 - 2019-04-19 08:40 - 000000915 _____ C:\Users\abdul\AppData\Roaming\SAS7_000.DAT
2019-04-18 15:55 - 2019-04-18 15:55 - 000000324 _____ C:\Users\abdul\Desktop\VLC Controls.ahk
2019-04-18 15:54 - 2019-04-18 15:54 - 003493216 _____ C:\Users\abdul\Downloads\AutoHotkey_1.1.30.03_setup.exe
2019-04-18 15:54 - 2019-04-18 15:54 - 000000000 ____D C:\WINDOWS\ShellNew
2019-04-18 15:54 - 2019-04-18 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2019-04-18 15:54 - 2019-04-18 15:54 - 000000000 ____D C:\Program Files\AutoHotkey
2019-04-18 12:37 - 2019-04-18 12:37 - 000019507 _____ C:\Users\abdul\Downloads\ASHARIF_ONPAYSLIP_1842019123717_03054121e7.pdf
2019-04-15 11:17 - 2019-05-01 02:16 - 000000000 ____D C:\Users\abdul\AppData\Local\BitTorrentHelper
2019-04-13 13:38 - 2019-04-25 16:09 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-11 13:06 - 2019-04-11 13:06 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-11 13:06 - 2019-04-11 13:06 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-11 13:06 - 2019-04-11 13:06 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-11 13:06 - 2019-04-11 13:06 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-11 13:06 - 2019-04-11 13:06 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-11 13:06 - 2019-04-11 13:06 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-11 13:06 - 2019-04-11 13:06 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-11 13:06 - 2019-04-11 13:06 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-11 13:06 - 2019-04-11 13:06 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000300344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-11 13:06 - 2019-04-11 13:06 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-11 13:06 - 2019-04-11 13:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-04-11 13:06 - 2019-04-11 13:06 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-04-08 15:20 - 2019-04-08 15:20 - 000003801 _____ C:\Users\abdul\Downloads\Education SIG - Pump sizing and how to prevent oversizing - Martin Atkins.ics
2019-04-08 15:02 - 2019-04-08 15:02 - 000000521 _____ C:\Users\abdul\Downloads\calendar.ics
2019-04-07 16:17 - 2019-04-15 13:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-04 07:41 - 2019-04-23 23:36 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave Beta.lnk
2019-04-04 07:41 - 2019-04-23 23:36 - 000002437 _____ C:\Users\Public\Desktop\Brave Beta.lnk
2019-04-04 07:40 - 2019-04-04 07:40 - 001281752 _____ (BraveSoftware Inc.) C:\Users\abdul\Downloads\BraveBrowserBetaSetup.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-01 13:35 - 2019-01-21 16:06 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-01 13:35 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-01 13:33 - 2019-03-28 07:05 - 000003364 _____ C:\WINDOWS\System32\Tasks\BraveSoftwareUpdateTaskMachineUA
2019-05-01 13:33 - 2019-03-28 07:05 - 000003140 _____ C:\WINDOWS\System32\Tasks\BraveSoftwareUpdateTaskMachineCore
2019-05-01 13:33 - 2019-03-18 02:18 - 000003514 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-39583113-2926969717-2907456783-1001UA
2019-05-01 13:33 - 2019-03-18 02:18 - 000003246 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-39583113-2926969717-2907456783-1001Core
2019-05-01 13:33 - 2019-02-07 12:45 - 000002646 _____ C:\WINDOWS\System32\Tasks\Run ThrottleStop on Startup
2019-05-01 13:33 - 2019-02-06 01:04 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-05-01 13:33 - 2019-01-21 16:02 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-01 13:33 - 2019-01-21 16:02 - 000003306 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3AEF965C-1C1B-48C9-BB38-FFACF40F348C}
2019-05-01 13:33 - 2019-01-21 16:02 - 000003196 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000003152 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-01 13:33 - 2019-01-21 16:02 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000002854 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-39583113-2926969717-2907456783-1001
2019-05-01 13:33 - 2019-01-21 16:02 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000002766 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2019-05-01 13:33 - 2019-01-21 16:02 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-01 13:33 - 2019-01-21 16:02 - 000002586 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-05-01 13:33 - 2019-01-21 16:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-01 13:33 - 2019-01-04 22:37 - 000000000 ____D C:\Users\abdul\AppData\Roaming\HwSynergy
2019-05-01 13:33 - 2018-11-14 12:10 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-01 13:32 - 2019-03-25 16:18 - 000000000 ____D C:\Users\abdul\AppData\Roaming\Outlook Google Calendar Sync
2019-05-01 13:32 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-01 13:32 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-01 13:31 - 2019-01-21 16:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-01 13:31 - 2019-01-04 22:52 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-05-01 13:31 - 2018-11-14 12:44 - 000000000 __SHD C:\Users\abdul\IntelGraphicsProfiles
2019-05-01 13:30 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-05-01 13:30 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-01 13:28 - 2018-09-07 17:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-05-01 13:27 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-05-01 13:20 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-01 13:17 - 2018-09-15 07:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-05-01 13:06 - 2019-01-05 00:17 - 000000000 ____D C:\Users\abdul\AppData\Roaming\uTorrent
2019-05-01 13:05 - 2018-11-14 12:44 - 000000000 ____D C:\Users\abdul\AppData\Local\Packages
2019-05-01 13:05 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-01 13:01 - 2019-01-21 15:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-01 13:01 - 2018-09-08 08:51 - 000000000 ____D C:\ProgramData\Goodix
2019-04-30 16:49 - 2019-01-25 20:39 - 000000000 ____D C:\Users\abdul\AppData\Roaming\vlc
2019-04-29 14:25 - 2019-01-21 16:02 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-29 08:38 - 2019-01-05 01:40 - 000000000 ____D C:\Users\abdul\AppData\Local\D3DSCache
2019-04-29 08:17 - 2019-01-21 15:58 - 000000000 ____D C:\Users\abdul
2019-04-29 08:17 - 2019-01-05 00:32 - 000000000 ____D C:\Users\abdul\AppData\Local\CrashDumps
2019-04-29 08:16 - 2019-03-01 13:10 - 000000000 ____D C:\ProgramData\TEMP
2019-04-29 08:16 - 2019-01-05 14:32 - 000000000 ____D C:\WINDOWS\Firmware
2019-04-27 19:13 - 2019-02-14 01:09 - 000000000 ____D C:\Users\abdul\AppData\Roaming\WhatsApp
2019-04-27 11:59 - 2019-01-05 03:00 - 000002080 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-27 11:59 - 2019-01-05 03:00 - 000002078 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-27 11:59 - 2019-01-05 03:00 - 000002068 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-27 11:59 - 2019-01-05 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-25 16:09 - 2019-02-13 15:14 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-25 16:09 - 2019-01-14 15:48 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-25 16:09 - 2019-01-04 23:03 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-23 23:33 - 2019-01-14 12:39 - 000000000 ____D C:\Users\abdul\AppData\LocalLow\Mozilla
2019-04-18 17:30 - 2019-01-07 17:53 - 000000000 ____D C:\Users\abdul\AppData\Roaming\Everdo
2019-04-18 17:29 - 2019-01-05 02:41 - 000000000 ____D C:\Users\abdul\.Zettelkasten
2019-04-17 12:44 - 2019-02-14 01:09 - 000002268 _____ C:\Users\abdul\Desktop\WhatsApp.lnk
2019-04-17 12:44 - 2019-02-14 01:09 - 000000000 ____D C:\Users\abdul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-04-17 12:44 - 2019-02-14 01:08 - 000000000 ____D C:\Users\abdul\AppData\Local\WhatsApp
2019-04-17 08:47 - 2019-01-05 01:50 - 000000000 ____D C:\Users\abdul\AppData\Local\ElevatedDiagnostics
2019-04-16 13:22 - 2019-01-21 15:58 - 000002370 _____ C:\Users\abdul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-15 13:10 - 2019-02-11 17:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-15 11:02 - 2019-02-11 17:22 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-13 17:20 - 2019-01-21 15:57 - 000284904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-13 17:19 - 2018-09-15 18:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-13 17:19 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-13 17:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-13 17:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-13 17:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-13 17:19 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-13 17:19 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-12 15:58 - 2019-03-28 07:05 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2019-04-12 15:10 - 2019-02-06 01:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 13:39 - 2019-03-18 02:12 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 13:39 - 2019-03-18 02:12 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 13:07 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-11 13:04 - 2018-09-15 08:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-11 13:04 - 2018-09-15 08:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-11 13:03 - 2019-01-04 22:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-11 13:01 - 2019-01-04 22:53 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-05 15:46 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-04 07:41 - 2019-03-28 07:05 - 000000000 ____D C:\Users\abdul\AppData\Local\BraveSoftware

==================== Files in the root of some directories =======

2019-02-07 22:22 - 2019-02-07 22:22 - 000099678 _____ () C:\Users\abdul\AppData\Roaming\logo_bigfarm_desktop.ico
2019-02-07 22:22 - 2019-02-07 22:22 - 000370070 _____ () C:\Users\abdul\AppData\Roaming\logo_empire_desktop.ico
2019-04-19 08:40 - 2019-04-19 08:40 - 000000915 _____ () C:\Users\abdul\AppData\Roaming\SAS7_000.DAT
2019-01-09 16:10 - 2019-01-09 16:16 - 000001024 _____ () C:\Users\abdul\AppData\Local\EnclaveTrustCircle.token

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

 

And the Addition.txt file output:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by abdul (01-05-2019 13:36:39)
Running from C:\Users\abdul\Downloads
Windows 10 Pro Version 1809 17763.437 (X64) (2019-01-21 15:02:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

abdul (S-1-5-21-39583113-2926969717-2907456783-1001 - Administrator - Enabled) => C:\Users\abdul
Administrator (S-1-5-21-39583113-2926969717-2907456783-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-39583113-2926969717-2907456783-503 - Limited - Disabled)
Guest (S-1-5-21-39583113-2926969717-2907456783-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-39583113-2926969717-2907456783-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Alt-Latin (HKLM\...\{C5A049E3-BF9C-4509-96DA-5A09DF2C40B5}) (Version: 1.0.3.40 - MEDOC)
AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Brave Beta (HKLM-x32\...\BraveSoftware Brave-Browser-Beta) (Version: 74.0.64.60 - The Brave Authors)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
EdgeDeflector (HKLM-x32\...\EdgeDeflector) (Version:  - )
Everdo 1.2.6 (HKLM\...\91b2f2c9-70a4-5956-8455-6ebd327bdfe8) (Version: 1.2.6 - Intellation Ltd.)
Evernote v. 6.17.7 (HKLM-x32\...\{B47B6F80-6143-11E9-9F8E-005056951CAD}) (Version: 6.17.7.8474 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{8982CD7A-1CF4-11E9-AAEA-000C296BF2A5}) (Version: 9.4.1.16828 - Foxit Software Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.37.5299 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HwOsd 9.0.1.66 (HKLM\...\HwOsd) (Version: 9.0.1.66 - Huawei Technologies Co., Ltd.)
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6286 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1746.4 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{3d609846-847c-46e5-9a23-682bec1569ea}) (Version: 20.90.0.0u - Intel Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 66.0.2 (x64 en-GB)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Outlook Google Calendar Sync (HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\OutlookGoogleCalendarSync) (Version: 2.7.0-beta - Paul Woolcock)
Pandoc 2.5 (HKLM-x32\...\{57818303-B408-4BF0-A467-AD3743466CAD}) (Version: 2.5 - John MacFarlane)
PC Manager (HKLM\...\PC Manager) (Version: 9.0.1.66 - Huawei Technologies Co., Ltd.)
Poll Everywhere (HKLM-x32\...\{267357A0-ADBC-40D3-9E90-8B9791C7FB6C}) (Version: 2.6.0 - Poll Everywhere)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8544 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\Spotify) (Version: 1.1.2.285.ga97985ef - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{6ECDE40C-4023-419A-8A4E-50FB71275876}) (Version: 17.3.73.350 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.5 - VideoLAN)
WDT Device Driver version 1.0.2.7 (HKLM-x32\...\{5B06CB06-0929-48BC-BE1F-7E41461440C7}_is1) (Version: 1.0.2.7 - Huawei Technologies Co., Ltd.)
WhatsApp (HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\WhatsApp) (Version: 0.3.2848 - WhatsApp)
Zotero (HKLM-x32\...\Zotero 5.0.60 (x86 en-US)) (Version: 5.0.60 - Corporation for Digital Scholarship)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-39583113-2926969717-2907456783-1001_Classes\CLSID\{04271989-4A69-8162-859A-CC4695CE8913} -> [OneDrive - Glasgow Clyde College] => D:\OneDrive Storage\OneDrive - Glasgow Clyde College [2019-02-09 10:15]
CustomCLSID: HKU\S-1-5-21-39583113-2926969717-2907456783-1001_Classes\CLSID\{04271989-C4D2-7C4A-C5A5-2964CD2915B3} -> [OneDrive - University of Strathclyde] => D:\OneDrive Storage\OneDrive - University of Strathclyde [2019-02-09 10:07]
CustomCLSID: HKU\S-1-5-21-39583113-2926969717-2907456783-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\abdul\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-39583113-2926969717-2907456783-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\abdul\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-39583113-2926969717-2907456783-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\abdul\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [HwShareMenu] -> {d1ba8da7-80aa-3098-a8af-c26df58f7881} => C:\Program Files\Huawei\PCManager\HwShellMenu\HwShareMenu6.DLL [2019-01-18] (Huawei Technologies Co., Ltd. -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_c8634ed19e331cda\igfxDTCM.dll [2018-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\abdul\Desktop\Goodgame Big Farm.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://bigfarm.goodgamestudios.com/?w=357274

==================== Loaded Modules (Whitelisted) ==============

2019-03-25 16:18 - 2019-03-25 16:18 - 000892928 _____ (Paul Woolcock) [File not signed] C:\Users\abdul\AppData\Local\OutlookGoogleCalendarSync\app-2.7.0-beta\OutlookGoogleCalendarSync.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [273]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Pandoc\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\abdul\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\c&h.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\StartupApproved\Run: => "Wox"
HKU\S-1-5-21-39583113-2926969717-2907456783-1001\...\StartupApproved\Run: => "ISUSPM"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9A01B526-8C44-4C4F-B2AA-B966B5D5AD41}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{49E01011-5596-44EF-9043-22206C3914EC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{316853D3-EB7E-4DCB-B6F5-575D3415D631}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C6DCAEE9-F6A6-4133-879E-CB8297BD2612}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{D7B1535D-EEB6-43A8-A678-9B75E776B99C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0A900629-FFA0-4406-B3DB-827674CD44D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{35A5287E-AA21-441B-BCCB-955C481B5548}C:\users\abdul\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abdul\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{D672001A-3AF5-4067-BF72-D99F48BBA931}C:\users\abdul\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abdul\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{595D0636-E305-4200-9264-583F74FA0902}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E23B8CC2-B933-49FA-AF6D-87E65430A314}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C69DF00-09A9-4858-9712-15CFE493517C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{97C4F33B-7AB0-4B7D-8AE8-2AD15E0A530C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E2310D4-AF90-4552-BF78-8BF0305860AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77341C68-618F-4AB2-8282-0D5DD312A4E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{37801D07-2958-46F6-8A7B-86A340566CF4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{41F0E892-E4FF-4E0D-AA1B-6EA16B224333}] => (Allow) C:\Users\abdul\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C3D6F93B-FAD6-4E89-9ACA-BF5F13E6D709}] => (Allow) C:\Users\abdul\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3D53A5FD-EB88-4966-99F4-BAD1FA3BFC4A}] => (Allow) LPort=443
FirewallRules: [{7B538AA9-5720-48C0-87E7-50BD2EE6843C}] => (Allow) LPort=443
FirewallRules: [TCP Query User{A83A56EA-C61B-4DC8-BF66-B8B142B1C9A9}C:\users\abdul\appdata\local\mersive\solsticeclient\solsticeclient.exe] => (Allow) C:\users\abdul\appdata\local\mersive\solsticeclient\solsticeclient.exe No File
FirewallRules: [UDP Query User{EFD97BEB-BC71-4595-8671-8323CE6C9B51}C:\users\abdul\appdata\local\mersive\solsticeclient\solsticeclient.exe] => (Allow) C:\users\abdul\appdata\local\mersive\solsticeclient\solsticeclient.exe No File
FirewallRules: [{467E1353-F7B1-4C95-86C4-8DF6950D6021}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{58A26F26-27CA-4FF2-860D-FF079B5A4429}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{335AD25A-2DA4-4AF4-92F2-47D8A37803DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{43DE520B-EDE0-46D9-BD03-C1BD33F9D6C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{24C7FC23-82F4-43BE-8E93-C5F58AF2F8A9}D:\origin games\apex\r5apex.exe] => (Allow) D:\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{1D7894F7-92FB-456A-9FBB-CD0288C42FAE}D:\origin games\apex\r5apex.exe] => (Allow) D:\origin games\apex\r5apex.exe No File
FirewallRules: [{73E12441-B7D1-4A1A-B43B-958E2562BFB2}] => (Block) D:\origin games\apex\r5apex.exe No File
FirewallRules: [{DA73499E-4A90-4ADA-B35B-757627BC7A60}] => (Block) D:\origin games\apex\r5apex.exe No File
FirewallRules: [{4E55D2A7-C5AB-485A-B97C-2E6D21473ED8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E74B94E9-3835-4B36-A31C-67A698540D3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{02CE3509-E9EF-4971-BBFB-407C3D87BBFB}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{AB345D67-D9BC-43E8-9CC5-62F0836E8820}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{965E9497-1E97-46A8-9EFF-41039A5EC66D}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [UDP Query User{A74DE71D-9554-473E-8FFC-C5100CB6518D}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe No File
FirewallRules: [{D0501797-0516-406E-A838-6C2439833827}] => (Allow) LPort=51001
FirewallRules: [{EDFB25BE-45A0-47C0-A8E9-FCA6A4E60A6A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{73A23E54-5913-4281-8E47-7ECD3571E493}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{417581DD-743C-47FC-8DB2-F5B8E0BEF65C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{15618548-1F3A-47D2-BF70-CCA2CF79FB2B}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser-Beta\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{936B22FE-B99D-4891-9F3A-FD2E3926B9CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11425.20244.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DBC9499E-E10F-4235-8509-C6765A522F3C}] => (Allow) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe (Huawei Technologies Co., Ltd. -> )

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2019 01:31:01 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 11466 ms

DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1027
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Active Policy: Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 649
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]


Policy:  Active Policy [0]

Error: (05/01/2019 01:09:27 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/30/2019 05:48:14 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/30/2019 05:46:47 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/30/2019 05:41:50 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/29/2019 08:19:27 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 16000 ms

DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1027
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Active Policy: Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 649
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]


Policy:  Active Policy [0]

Error: (04/29/2019 08:16:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17763.1, time stamp: 0xb900eeff
Faulting module name: wpnuserservice.dll, version: 10.0.17763.1, time stamp: 0xcb4f608f
Exception code: 0xc0000409
Fault offset: 0x0000000000008a6d
Faulting process ID: 0x1752c
Faulting application start time: 0x01d4fe5b3e38980c
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: c:\windows\system32\wpnuserservice.dll
Report ID: 5d64a93f-02f5-4b55-91d7-83a3b924c26f
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/29/2019 08:16:23 AM) (Source: DNS logging) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (05/01/2019 01:33:04 PM) (Source: DCOM) (EventID: 10016) (User: AW-MXP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user AW-MXP\abdul SID (S-1-5-21-39583113-2926969717-2907456783-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/01/2019 01:32:33 PM) (Source: DCOM) (EventID: 10016) (User: AW-MXP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user AW-MXP\abdul SID (S-1-5-21-39583113-2926969717-2907456783-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/01/2019 01:32:14 PM) (Source: DCOM) (EventID: 10001) (User: AW-MXP)
Description: Unable to start a DCOM Server: ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r!App.AppX0kb1wv51yacfv58jnrprgtyj3c0t775x.mca as Unavailable/Unavailable. The error:
"0"
Happened while starting this command:
"C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe" -ServerName:App.AppX9n879r3et3x3b24eqasexpgc3412rn2m.mca

Error: (05/01/2019 01:31:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/01/2019 01:31:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/01/2019 01:31:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/01/2019 01:30:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\IntelWifiIhv06.dll

Error: (05/01/2019 01:30:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\IntelWifiIhv06.dll


CodeIntegrity:
===================================

Date: 2019-05-01 13:31:09.801
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-01 13:31:09.725
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-01 13:31:09.595
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-01 13:31:09.394
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-01 13:31:09.168
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-01 13:31:09.130
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-01 13:30:59.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\altlatin.dll that did not meet the Windows signing level requirements.

Date: 2019-05-01 13:25:53.484
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

==================== Memory info =========================== 

BIOS: HUAWEI 1.28 03/15/2019
Motherboard: HUAWEI MACH-WX9
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 63%
Total physical RAM: 8034.72 MB
Available physical RAM: 2915.34 MB
Total Virtual: 12130.72 MB
Available Virtual: 5504.07 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:80 GB) (Free:24.32 GB) NTFS
Drive d: (Data) (Fixed) (Total:381.33 GB) (Free:229.29 GB) NTFS

\\?\Volume{10992105-dc0a-4db1-9adb-10fb278d84ff}\ (WINPE) (Fixed) (Total:0.5 GB) (Free:0.14 GB) FAT32
\\?\Volume{b62ff6c2-ab38-4fa6-be34-5d3fc5ad6f43}\ (Onekey) (Fixed) (Total:14 GB) (Free:2.44 GB) NTFS
\\?\Volume{c79c1666-8a36-46e9-8fca-7cbb70c76e8b}\ (WinRE) (Fixed) (Total:1 GB) (Free:0.52 GB) NTFS
\\?\Volume{5b2fb071-150d-47fa-a517-75a75a6fea35}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

Many thanks for your help.

AW

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.