Jump to content

Recommended Posts

Run MWB and it finds nothing to remove, but here's the report I get every now and then when TB wants to check the mail server. I removed the domain part as it IS the correct domain to check my mail....

 

Is there anything I should be doing at this point?

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/20/19
Protection Event Time: 6:24 PM
Log File: 590ad016-ab56-11e9-888a-00d8610bc8da.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.0
Update Package Version: 1.0.11646
License: Premium

-System Information-
OS: Windows 10 (Build 17763.615)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Trojan
Domain: [removed]
IP Address: 66.96.147.110
Port: [54264]
Type: Outbound
File: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

 

(end)

Link to post
Share on other sites

scan report:

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/20/19
Scan Time: 11:08 PM
Log File: fcd8c8de-ab7d-11e9-a972-00d8610bc8da.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.527
Update Package Version: 1.0.11652
License: Premium

-System Information-
OS: Windows 10 (Build 17763.615)
CPU: x64
File System: NTFS
User: HEDGIES\Dearmad

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 282870
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 min, 1 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Can this be a synchronization issue?
Check it out.
https://support.mozilla.org/en-US/kb/imap-synchronization#w_synchronization

If the problem persists please run  the Farbar program.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Wait for further instructions


 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Dearmad (administrator) on HEDGIES (Micro-Star International Co., Ltd. MS-7B18) (21-07-2019 12:09:42)
Running from C:\Users\Dearmad\Desktop
Loaded Profiles: Dearmad (Available Profiles: Dearmad)
Platform: Windows 10 Home Version 1809 17763.615 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1905.28.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(Electronic Arts, Inc. -> Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation -> Malwarebytes) D:\Malwarebytes Anti-Malware\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) D:\Malwarebytes Anti-Malware\Anti-Malware\mbamtray.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) E:\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [817232 2019-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [AutoEJCD_0ACE20FF] => [X]
HKLM-x32\...\Run: [Qwest 11n Wireless WPS Tool] => [X]
HKLM-x32\...\Run: [ZDWLan_Utility] => [X]
HKLM-x32\...\Run: [StereoLinksInstall] => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-935524465-3841456996-1072460685-1001\...\MountPoints2: {a5e69c49-0f7e-11e9-b6e7-806e6f6e6963} - "D:\DVDSetup.exe"
HKU\S-1-5-21-935524465-3841456996-1072460685-1001\...\MountPoints2: {d29ab6e5-0f7e-11e9-b6e8-00d8610bc8da} - "L:\Setup.exe"
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2018-09-27] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2018-09-27] (Beepa P/L) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16A8479D-67F5-4C7F-B252-41FBD98D3C21} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {39AEC8AE-5F0A-40CC-9B3E-A4D3DA61F75C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3F779146-03CE-42C2-AB7C-485C6D04F504} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {494FFB9D-7D02-4394-B786-6BD90173B16A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4F454373-61B1-4C6F-906F-BD9B86B337ED} - System32\Tasks\MSI_Toast_Server => C:\Program Files (x86)\MSI\MSI Toast Server\MSIToastServer.exe
Task: {68B29AFD-C803-4793-80A0-E7A0378F5BE6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [562544 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {713E62F3-4B83-4A58-8168-DF119760D60A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8695CF2C-C28A-4F3B-BE20-03B6C79D3E43} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [817352 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {9D18EE03-BEF5-40F7-B1C5-C47FDE41EB46} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [12374968 2018-05-14] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {A8B34947-6443-41E2-AE13-3A21F7151E6D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B939603C-648E-48E9-862F-51EC91FAD08B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D272ECC6-6403-4204-B8DF-B2DFF7156220} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D49C04AB-1F34-4D7A-8397-45DF99EF4587} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D589C30E-3F10-40FA-AB73-9EEB6AC3D5C3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{467e72da-64c8-4646-a28c-eaf42feca215}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{48b5c5e5-29ea-49ee-a419-8d78dc84b49a}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{81fa25c5-db14-418b-aa92-fa745564e022}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{ae51e58f-da35-4373-b3ea-eb7191860381}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-935524465-3841456996-1072460685-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-935524465-3841456996-1072460685-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-03-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-02] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab

FireFox:
========
FF DefaultProfile: fhyz18vj.Dearmad
FF ProfilePath: C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad [2019-07-21]
FF Homepage: Mozilla\Firefox\Profiles\fhyz18vj.Dearmad -> about:blank
FF NewTab: Mozilla\Firefox\Profiles\fhyz18vj.Dearmad -> hxxp://www.bing.com/?pc=COSP&ptag=D031619-N0600A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad\Extensions\adblockpopups@jessehakanen.net.xpi [2016-08-26] [Legacy]
FF Extension: (Password dialog begone) - C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad\Extensions\firefox-password-dialog-begone@8ece4de4-738c-11e2-ba91-14dae923a2d4.xpi [2017-05-03] [Legacy]
FF Extension: (ReviewMeta.com Review Analyzer) - C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad\Extensions\FirefoxExtension@ReviewMeta.com.xpi [2019-04-17]
FF Extension: (uBlock Origin) - C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad\Extensions\uBlock0@raymondhill.net.xpi [2019-07-09]
FF Extension: (Video DownloadHelper) - C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-19]
FF SearchPlugin: C:\Users\Dearmad\AppData\Roaming\Mozilla\Firefox\Profiles\fhyz18vj.Dearmad\searchplugins\bing-lavasoft-ff59.xml [2019-03-15]
FF Plugin: @videolan.org/vlc,version=3.0.5 -> D:\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> D:\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2019-06-23] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-02] (Oracle America, Inc. -> Oracle Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762568 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [File not signed]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-07-12] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; D:\Malwarebytes Anti-Malware\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2329392 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3203888 2019-06-11] (Electronic Arts, Inc. -> Electronic Arts)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [817232 2019-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek Semiconductor Corp -> Realtek)
S2 RunSwUSB; C:\Windows\runSW.exe [44760 2019-01-13] (Realtek Semiconductor Corp -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AFXfilt; C:\Windows\system32\drivers\AFXfilt.sys [35320 2015-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-15] (ASUSTeK Computer Inc. -> )
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e1rexpress; C:\Windows\system32\DRIVERS\e1r65x64.sys [548800 2018-05-02] (Intel(R) INTELNPG1 -> Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2017-05-08] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [116112 2019-07-20] (Malwarebytes Corporation -> Malwarebytes)
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2018-09-15] (Microsoft Windows -> MediaTek Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e7b3660b4830c245\nvlddmkm.sys [20424640 2018-12-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [58816 2018-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 QW720V64; C:\Windows\System32\drivers\WLANUHN.sys [553472 2009-03-23] (Atheros Communications, Inc.) [File not signed]
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [9860816 2019-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 SensorsSimulatorDriver; C:\Windows\System32\drivers\WUDFRd.sys [282112 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47704 2019-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [367032 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
S3 ZDCNDIS6a64; C:\Windows\system32\ZDCNDIS6a64.sys [41280 2019-01-03] (PRINTING COMMUNICATIONS ASSOC., INC. -> Printing Communications Assoc., Inc. (PCAUSA))
S3 cthdb; \SystemRoot\system32\DRIVERS\cthdb.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-21 12:09 - 2019-07-21 12:10 - 000020503 _____ C:\Users\Dearmad\Desktop\FRST.txt
2019-07-21 12:09 - 2019-07-21 12:09 - 000000000 ____D C:\FRST
2019-07-21 12:08 - 2019-07-21 12:08 - 002095104 _____ (Farbar) C:\Users\Dearmad\Desktop\FRST64.exe
2019-07-21 12:04 - 2019-07-21 12:04 - 000007387 _____ C:\Users\Dearmad\AppData\Local\recently-used.xbel
2019-07-20 23:14 - 2019-07-20 23:14 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-20 23:14 - 2019-07-20 23:14 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-07-20 23:14 - 2019-07-20 23:14 - 000116112 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-07-20 23:14 - 2019-07-20 23:14 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-07-20 23:12 - 2019-07-20 23:13 - 000000000 ____D C:\AdwCleaner
2019-07-20 23:12 - 2019-07-20 23:12 - 007025360 _____ (Malwarebytes) C:\Users\Dearmad\Desktop\AdwCleaner.exe
2019-07-20 23:06 - 2019-07-20 23:06 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-07-20 23:06 - 2019-07-20 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-20 23:00 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-07-19 14:28 - 2019-07-20 23:05 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-16 13:03 - 2019-07-16 13:03 - 000000000 ____D C:\Users\Dearmad\AppData\Roaming\LibreOffice
2019-07-16 13:03 - 2019-07-16 13:03 - 000000000 ____D C:\Users\Dearmad\AppData\Local\NVIDIA
2019-07-16 13:02 - 2019-07-16 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.1
2019-07-16 12:48 - 2019-07-16 12:53 - 284606464 _____ C:\Users\Dearmad\Downloads\LibreOffice_6.1.6_Win_x64.msi
2019-07-16 12:41 - 2019-07-16 12:41 - 000000777 _____ C:\Users\Dearmad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gimp-2.8.lnk
2019-07-16 12:13 - 2019-07-21 12:04 - 000000000 ____D C:\Users\Dearmad\AppData\Local\gtk-2.0
2019-07-16 12:13 - 2019-07-16 12:13 - 000000000 ____D C:\Users\Dearmad\.thumbnails
2019-07-16 12:10 - 2019-07-21 12:07 - 000000000 ____D C:\Users\Dearmad\.gimp-2.8
2019-07-16 12:10 - 2019-07-16 12:10 - 000000000 ____D C:\Users\Dearmad\AppData\Local\gegl-0.2
2019-07-16 12:10 - 2019-07-16 12:10 - 000000000 ____D C:\Users\Dearmad\AppData\Local\fontconfig
2019-07-09 14:31 - 2019-07-09 14:31 - 000001216 _____ C:\Users\Dearmad\Desktop\civ vi steam mods.lnk
2019-07-09 13:31 - 2019-07-09 13:31 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 023454208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 019012096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 012938752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 012243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 007876096 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 007727336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 006545304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 006308232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 005587976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 005115384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 004880896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 003818416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 003738624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 003550384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 003427328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002714624 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002693120 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002469432 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-09 13:31 - 2019-07-09 13:31 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-07-09 13:31 - 2019-07-09 13:31 - 002013696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001863168 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001477648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001465464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001427592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001266192 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-07-09 13:31 - 2019-07-09 13:31 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001254400 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2019-07-09 13:31 - 2019-07-09 13:31 - 001223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001162320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001159168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001132032 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001125416 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 001075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000964608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000833536 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000828728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000804744 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000798736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2019-07-09 13:31 - 2019-07-09 13:31 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000747568 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2019-07-09 13:31 - 2019-07-09 13:31 - 000743216 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2019-07-09 13:31 - 2019-07-09 13:31 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000687896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2019-07-09 13:31 - 2019-07-09 13:31 - 000682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000673520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2019-07-09 13:31 - 2019-07-09 13:31 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000660032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000652528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000617784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-07-09 13:31 - 2019-07-09 13:31 - 000414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000333128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000290304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-07-09 13:31 - 2019-07-09 13:31 - 000279920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000219448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\NcaSvc.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-07-09 13:31 - 2019-07-09 13:31 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000137864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000092592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-07-09 13:31 - 2019-07-09 13:31 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\CompMgmtLauncher.exe
2019-07-09 13:31 - 2019-07-09 13:31 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-07-09 13:31 - 2019-07-09 13:31 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 022115472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 009683472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 007645600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 005561312 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 005528064 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 005297664 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 004588752 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 004351448 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 004303872 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 003636224 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 003630592 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 003335216 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 003081728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002982400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002871816 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 002766136 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 002701000 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002645504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002633216 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002626872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 002593336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002073472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 002050048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 001929728 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001837136 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001794048 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001721352 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001702088 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-09 13:30 - 2019-07-09 13:30 - 001676288 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001662480 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001622016 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001516544 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 001472808 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001345168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-09 13:30 - 2019-07-09 13:30 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001316352 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001308672 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001259520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001199616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001145856 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001054928 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 001052984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 001052672 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 001043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2019-07-09 13:30 - 2019-07-09 13:30 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000998928 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000987736 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000895552 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000871784 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000865272 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000850992 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000810504 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000807480 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000799776 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000771584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000770096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000768224 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000758896 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000756224 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000740664 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000731104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000730936 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000680176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000652296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000651792 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000645120 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000637968 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000553992 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-07-09 13:30 - 2019-07-09 13:30 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000514136 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000511504 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000506408 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000470528 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2019-07-09 13:30 - 2019-07-09 13:30 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000464912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000439096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000431416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000423480 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000415752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000397688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000351432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000310288 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000298296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000294000 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000292152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WiFiCloudStore.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000241944 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2019-07-09 13:30 - 2019-07-09 13:30 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000203272 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000198456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000197832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2019-07-09 13:30 - 2019-07-09 13:30 - 000192824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000157024 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000149232 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000141216 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000121896 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000117720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-07-09 13:30 - 2019-07-09 13:30 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-07-09 13:30 - 2019-07-09 13:30 - 000071696 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2019-07-09 13:30 - 2019-07-09 13:30 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000036360 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-07-09 13:30 - 2019-07-09 13:30 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-07-08 00:49 - 2019-07-08 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-07-06 14:04 - 2019-07-06 14:04 - 000000000 ____D C:\Users\Dearmad\AppData\Local\Colossal Order
2019-07-06 14:04 - 2019-07-06 14:04 - 000000000 ____D C:\ProgramData\.mono
2019-07-04 19:33 - 2019-07-04 19:33 - 085773505 _____ (The Scribus Team) C:\Users\Dearmad\Downloads\scribus-1.4.8-windows.exe
2019-07-01 19:05 - 2019-07-01 19:05 - 002178003 _____ C:\Users\Dearmad\Desktop\rachelsong.mp4
2019-07-01 13:51 - 2019-07-01 13:51 - 000999839 _____ C:\Users\Dearmad\Desktop\Misc. Instrumental Pieces Associated With Hildegard Recordin(c1).mp4
2019-07-01 13:46 - 2019-07-01 13:46 - 001810698 _____ C:\Users\Dearmad\Desktop\Misc. Instrumental Pieces Associated With Hildegard Recordin(1).mp4
2019-06-30 11:57 - 2019-06-30 11:57 - 000000000 ____D C:\Users\Dearmad\AppData\Local\Introversion
2019-06-25 21:00 - 2019-06-25 21:00 - 000000202 _____ C:\Users\Dearmad\Desktop\Total War ATTILA.url
2019-06-25 15:14 - 2019-06-25 15:14 - 000000202 _____ C:\Users\Dearmad\Desktop\Total War ROME II - Emperor Edition.url
2019-06-24 14:41 - 2019-06-24 14:41 - 000000202 _____ C:\Users\Dearmad\Desktop\Crusader Kings II.url
2019-06-24 14:17 - 2019-06-24 14:17 - 000000000 ____D C:\Users\Dearmad\Documents\Paradox Interactive
2019-06-24 14:17 - 2019-06-24 14:17 - 000000000 ____D C:\Users\Dearmad\AppData\Roaming\GameSparks
2019-06-23 12:02 - 2019-06-23 12:02 - 000000000 ____D C:\Users\Dearmad\AppData\Roaming\Macromedia

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-21 11:25 - 2019-01-03 18:53 - 000000000 ____D C:\Users\Dearmad\AppData\LocalLow\Mozilla
2019-07-21 10:12 - 2018-09-15 00:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-21 10:03 - 2019-01-03 20:25 - 000003082 _____ C:\Windows\System32\Tasks\GPU Tweak II
2019-07-21 00:46 - 2019-01-03 20:24 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-21 00:28 - 2019-01-03 19:22 - 000000000 ____D C:\Users\Dearmad\AppData\Roaming\vlc
2019-07-20 23:18 - 2019-01-03 10:47 - 000840848 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-20 23:18 - 2018-09-15 00:31 - 000000000 ____D C:\Windows\INF
2019-07-20 23:14 - 2019-01-03 10:40 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-20 23:13 - 2018-09-14 23:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-07-20 23:06 - 2019-01-03 21:24 - 000000893 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-20 23:06 - 2019-01-03 21:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-20 23:06 - 2018-09-15 00:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-07-20 23:05 - 2019-01-03 19:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-07-20 23:05 - 2019-01-03 18:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-20 23:05 - 2019-01-03 10:40 - 000907208 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-20 12:10 - 2019-01-03 10:40 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-19 22:09 - 2018-09-15 00:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-19 22:09 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\AppReadiness
2019-07-19 16:37 - 2019-01-03 18:53 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-19 14:09 - 2019-01-03 23:14 - 000000000 ____D C:\ProgramData\Origin
2019-07-19 12:51 - 2019-01-03 23:14 - 000000000 ____D C:\Users\Dearmad\AppData\Roaming\Origin
2019-07-16 12:13 - 2019-01-03 10:46 - 000000000 ____D C:\Users\Dearmad
2019-07-15 19:04 - 2019-01-06 06:41 - 000000000 ____D C:\Users\Dearmad\AppData\Local\CrashDumps
2019-07-10 10:17 - 2019-01-12 20:13 - 000000593 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2019-07-10 08:47 - 2019-01-02 19:05 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-07-10 08:37 - 2019-01-03 10:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 08:37 - 2019-01-03 10:47 - 000000000 ___RD C:\Users\Dearmad\3D Objects
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\system32\oobe
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\ShellComponents
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\Provisioning
2019-07-10 01:01 - 2018-09-15 00:33 - 000000000 ____D C:\Windows\bcastdvr
2019-07-10 01:01 - 2018-09-14 23:09 - 000000000 ____D C:\Windows\system32\Dism
2019-07-09 13:33 - 2018-09-15 00:23 - 000000000 ____D C:\Windows\CbsTemp
2019-07-09 13:32 - 2019-01-02 19:41 - 000000000 ____D C:\Windows\system32\MRT
2019-07-09 13:31 - 2019-01-02 19:41 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-09 13:25 - 2019-01-03 10:40 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-07-04 19:28 - 2019-01-05 17:09 - 000000000 ____D C:\Users\Dearmad\AppData\Roaming\Scribus
2019-06-26 13:32 - 2019-01-02 19:30 - 000000000 ____D C:\Users\Dearmad\AppData\Local\D3DSCache
2019-06-25 15:21 - 2019-03-02 22:59 - 000000000 ____D C:\Users\Dearmad\AppData\Local\Ubisoft Game Launcher
2019-06-25 15:21 - 2019-03-02 22:59 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2019-06-25 14:36 - 2019-01-12 20:13 - 000000000 ____D C:\Users\Dearmad\AppData\Roaming\Notepad++
2019-06-23 12:02 - 2018-09-15 00:36 - 000414368 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories ================

2019-07-21 12:04 - 2019-07-21 12:04 - 000007387 _____ () C:\Users\Dearmad\AppData\Local\recently-used.xbel
2019-01-02 19:57 - 2019-01-02 19:57 - 000000017 _____ () C:\Users\Dearmad\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Please post the Fixlog.txt and let me know what p

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Dearmad (23-07-2019 11:29:51) Run:1
Running from C:\Users\Dearmad\Desktop
Loaded Profiles: Dearmad (Available Profiles: Dearmad)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKLM-x32\...\Run: [AutoEJCD_0ACE20FF] => [X]
HKLM-x32\...\Run: [ZDWLan_Utility] => [X]
HKU\S-1-5-21-935524465-3841456996-1072460685-1001\...\MountPoints2: {a5e69c49-0f7e-11e9-b6e7-806e6f6e6963} - "D:\D?VDSetup.exe"
HKU\S-1-5-21-935524465-3841456996-1072460685-1001\...\MountPoints2: {d29ab6e5-0f7e-11e9-b6e8-00d8610bc8da} - "L:\Setup.exe"
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-935524465-3841456996-1072460685-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
FF NewTab: Mozilla\Firefox\Profiles\fhyz18vj.Dearmad -> hxxp://www.bing.com/?pc=COSP&ptag=D031619-N0600A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016
S3 ct?hdb; \SystemRoot\system32\DRIVERS\cthdb.sys [X]
CustomCLSID: HKU\S-1-5-21-935524465-3841456996-1072460685-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Dearmad\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-935524465-3841456996-1072460685-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Dearmad\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-935524465-3841456996-1072460685-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Dearmad\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
FirewallRules: [{1109CD4D-C4C8-4D46-AC71-D7EB0E5887CE}] => (Allow) E:\Steam\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe No File
FirewallRules: [{3CA7C58F-61AC-45D6-9401-6A4111779421}] => (Allow) E:\Steam\steamapps\common\WeHappyFew\GlimpseGame\Binaries\Win64\GlimpseGame.exe No File
FirewallRules: [{FBDC0AE9-29AD-4DDB-930D-E3BA571EF162}] => (Allow) E:\New folder\Settlers 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe No File
FirewallRules: [{AB030D2E-4719-49EC-8D84-6FA45657EC91}] => (Allow) E:\New folder\Settlers 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe No File
FirewallRules: [TCP Query User{32B0D047-4C79-42F7-AD2B-857B9AB60A6C}E:\new folder\settlers 7\data\base\_dbg\bin\release\uplaybrowser.exe] => (Allow) E:\new folder\settlers 7\data\base\_dbg\bin\release\uplaybrowser.exe No File
FirewallRules: [UDP Query User{2167E044-F5E2-4ECB-8DE3-A14D45879AE0}E:\new folder\settlers 7\data\base\_dbg\bin\release\uplaybrowser.exe] => (Allow) E:\new folder\settlers 7\data\base\_dbg\bin\release\uplaybrowser.exe No File
CMD: netsh int ip reset
CMD: ipconfig /flushDNS

*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AutoEJCD_0ACE20FF" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ZDWLan_Utility" => removed successfully
HKU\S-1-5-21-935524465-3841456996-1072460685-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5e69c49-0f7e-11e9-b6e7-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{a5e69c49-0f7e-11e9-b6e7-806e6f6e6963} => not found
HKU\S-1-5-21-935524465-3841456996-1072460685-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d29ab6e5-0f7e-11e9-b6e8-00d8610bc8da} => removed successfully
HKLM\Software\Classes\CLSID\{d29ab6e5-0f7e-11e9-b6e8-00d8610bc8da} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-935524465-3841456996-1072460685-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"Firefox newtab" => removed successfully
ct?hdb => service not found.
HKU\S-1-5-21-935524465-3841456996-1072460685-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-935524465-3841456996-1072460685-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-935524465-3841456996-1072460685-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1109CD4D-C4C8-4D46-AC71-D7EB0E5887CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CA7C58F-61AC-45D6-9401-6A4111779421}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBDC0AE9-29AD-4DDB-930D-E3BA571EF162}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB030D2E-4719-49EC-8D84-6FA45657EC91}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{32B0D047-4C79-42F7-AD2B-857B9AB60A6C}E:\new folder\settlers 7\data\base\_dbg\bin\release\uplaybrowser.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2167E044-F5E2-4ECB-8DE3-A14D45879AE0}E:\new folder\settlers 7\data\base\_dbg\bin\release\uplaybrowser.exe" => removed successfully

========= netsh int ip reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /flushDNS =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 427877178 B
Java, Flash, Steam htmlcache => 412142691 B
Windows/system/drivers => 2126704 B
Edge => 7993170 B
Chrome => 0 B
Firefox => 41618437 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 396030 B
NetworkService => 0 B
Dearmad => 190579800 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:30:14 ====

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.