Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I am about to go insane with whatever is going on...


  • Please log in to reply
9 replies to this topic

#1 ryanbozant

ryanbozant

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted 16 April 2018 - 12:42 AM

I am at my breaking point and honestly feel like giving up computers for good. My computers have the same things wrong with each. I have no permission to access anything. Ive used every program you have on this site and every time there is a difficult virus where something extra needs to be done it doesnt work. My pagefile is out of my control as well as indexing. help!

 

Thanks to anyone who helps. I will be forever grateful 



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,138 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:11 AM

Posted 18 April 2018 - 01:16 PM

Greetings ryanbozant and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

What operating system do you have and do you have an Installation Disk?

See if you can do this.

===================================================

Rkill

-------------------
  • Please download all 3 versions of RKill by Grinler, not including the zip version, and save them to your desktop
  • Disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double click on Rkill to launch the program. If one download version does not launch try a different one.
  • Note: You may have to run Rkill a few times before it is successful
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • Please copy and paste the contents of the RKill report that will appear on your desktop in your reply (file is also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill. If your computer reboots run Rkill again before continuing on
  • If nothing happens or if the tool does not run, please let me know in your next reply.
  • Attempt to run a FRST scan and post the results
===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Right click on the icon and select Run as administrator
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of each report in separate reply windows
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Operating System information
  • RKill log
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 ryanbozant

ryanbozant
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted Yesterday, 10:37 AM

Windows 10 Pro x64

 

Version: 1709

 

Rkill 2.9.1 by Lawrence Abrams (Grinler)
Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/19/2018 11:22:32 AM in x64 mode.
Windows Version: Windows 10 Pro 
 
Checking for Windows services to stop:
 
 * Schedule Stopped. [PUP/GEN]
 
1 service stopped!
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
  0.0.0.0 0x1f4b0.com
  0.0.0.0 1q2w3.fun
  0.0.0.0 1q2w3.website
  0.0.0.0 2giga.dowload
  0.0.0.0 2giga.link
  0.0.0.0 8jd2lfsq.me
  0.0.0.0 aalbbh84.info
  0.0.0.0 adless.io
  0.0.0.0 ad-miner.com
  0.0.0.0 adrenali.gq
  0.0.0.0 afflow.18-plus.net
  0.0.0.0 afminer.com
  0.0.0.0 ajcryptominer.com
  0.0.0.0 ajplugins.com
  0.0.0.0 akvideo.stream
  0.0.0.0 allfontshere.press
  0.0.0.0 altavista.ovh
  0.0.0.0 amhixwqagiz.ru
  0.0.0.0 analytics.blue
 
  20 out of 562 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 04/19/2018 11:23:06 AM
Execution time: 0 hours(s), 0 minute(s), and 34 seconds(s)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2018
Ran by Aliens (administrator) on DESKTOP-G62600D (19-04-2018 11:27:34)
Running from C:\Users\Aliens\Desktop
Loaded Profiles: Aliens (Available Profiles: Aliens)
Platform: Windows 10 Pro Version 1709 16299.371 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123065.inf_amd64_2f07c50de2875789\igfxCUIService.exe
(Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123065.inf_amd64_2f07c50de2875789\igfxEM.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123065.inf_amd64_2f07c50de2875789\IntelCpHDCPSvc.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(Qualcomm Technologies Inc.) C:\Windows\System32\QcomWlanSrvx64.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123065.inf_amd64_2f07c50de2875789\IntelCpHeciSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_df0bea5643beeb1b\aesm_service.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17613.18039-0\MsMpEng.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
() C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
() C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.367_none_16d8803832210dee\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9209856 2017-03-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484280 2017-03-23] (Realtek Semiconductor)
HKLM\...\Run: [AWSoundCenterUILauncher] => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe [1217208 2016-12-15] (A-Volute)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13856 2017-03-21] (Alienware)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
HKLM-x32\...\RunOnceEx\@UnHackMe: [1] => C:\PROGRA~2\UnHackMe\UnHackMe.exe /p Partizan
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [5406616 2018-03-06] (Greatis Software)
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 1
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [5849336 2018-03-29] (NordVPN)
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-18\...\Run: [] => [X]
BootExecute: autocheck autochk * sdnclean64.exePartizan
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0cdcd328-a35d-4b3e-80eb-07d806c03f37}: [DhcpNameServer] 103.86.99.99 103.86.96.96 103.86.96.100 103.86.99.100
Tcpip\..\Interfaces\{dc37ba7e-853e-4266-b719-e4d27c35e64b}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
 
FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-18] (Google Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/?gws_rd=ssl"
CHR DefaultSearchURL: Default -> hxxps://matthewbauer.us
CHR Profile: C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default [2018-04-19]
CHR Extension: (Slides) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-18]
CHR Extension: (Docs) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-18]
CHR Extension: (Google Drive) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-18]
CHR Extension: (Destiny Item Manager Shortcut) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\apghicjnekejhfancbkahkhdckhdagna [2018-03-18]
CHR Extension: (Stockfish Chess Engine) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blclgncpmocnakngonanmchfgoehjael [2018-03-18]
CHR Extension: (YouTube) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-18]
CHR Extension: (Advanced Font Settings) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2018-03-18]
CHR Extension: (Adblock Plus) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-04-18]
CHR Extension: (High Contrast) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2018-03-18]
CHR Extension: (Sheets) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-18]
CHR Extension: (iCloud Bookmarks) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2018-03-18]
CHR Extension: (Caret Browsing) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklpgenihifpccgiifchnihilipmbffg [2018-03-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-03-18]
CHR Extension: (Google Docs Offline) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-18]
CHR Extension: (Matthew Bauer) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhficiigpnhhaojldmanflihieepanbb [2018-03-18]
CHR Extension: (Page Ruler) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2018-03-18]
CHR Extension: (SparkChess) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2018-03-18]
CHR Extension: (Google Input Tools) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkkofklkfljcocdinagocijmpgbhab [2018-04-14]
CHR Extension: (Office Online) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2018-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-14]
CHR Extension: (Norton Security Toolbar) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2018-03-18]
CHR Extension: (Long Descriptions in Context Menu) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohbmencljkleiedahijfkagnmmhbilgp [2018-03-18]
CHR Extension: (Virtual Keyboard) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2018-03-18]
CHR Extension: (Gmail) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-18]
CHR Extension: (Chrome Media Router) - C:\Users\Aliens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-18]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESMService; C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_df0bea5643beeb1b\aesm_service.exe [3235112 2018-03-14] (Intel Corporation)
R2 AtherosSvc; C:\Windows\system32\DRIVERS\AdminService.exe [414728 2017-11-08] (Windows ® Win 7 DDK provider)
R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [87992 2016-05-10] (Greatis Software, LLC)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [119840 2017-11-03] (Dell Inc.)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation)
R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [14400 2017-05-01] (Alienware)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 Killer Network Service x64; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2193088 2017-05-05] (Rivet Networks)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6440736 2018-03-03] (Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [429304 2018-03-29] ()
R2 QcomWlanSrv; C:\Windows\System32\QcomWlanSrvx64.exe [229368 2018-02-23] (Qualcomm Technologies Inc.)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [445568 2018-04-02] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943752 2018-04-02] (Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-08-11] (Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [282864 2018-04-17] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-03-23] (Realtek Semiconductor)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2018-03-25] (Razer Inc.)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\NisSrv.exe [4633248 2018-04-17] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\MsMpEng.exe [104680 2018-04-17] (Microsoft Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [70544 2017-11-08] (Qualcomm)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-12] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-12] (Intel Corporation)
S3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [165608 2017-10-25] (Qualcomm Atheros, Inc.)
R0 EMSC; C:\Windows\System32\drivers\EMSC.SYS [35216 2016-08-18] ()
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-08] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69632 2017-11-09] (Intel Corporation)
R3 kiox_ff_driver; C:\Windows\system32\DRIVERS\kiox_ff_driver.sys [50312 2016-09-21] (Kionix, Inc.)
R0 kxdiskprot; C:\Windows\System32\DRIVERS\kxdiskprot.sys [38544 2016-06-13] (Kionix, Inc.)
S3 nhi; C:\Windows\System32\drivers\tbt81x.sys [129608 2016-08-24] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_6678e51023538fa7\nvlddmkm.sys [16898640 2017-12-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-27] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [26560 2017-07-27] (Windows ® Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-07-27] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-06-21] (NVIDIA Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2018-03-23] (Greatis Software)
S3 PtpFilterDriver; C:\Windows\System32\drivers\PtpFilterDriver.sys [51840 2016-12-27] ()
R2 RfeCoSvc; C:\Windows\system32\DRIVERS\RfeCo10X64.sys [123624 2017-05-05] (Rivet Networks, LLC.)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-21] (Realtek Semiconductor Corp.)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [49136 2018-03-14] (Razer Inc)
R3 RzDev_0068; C:\Windows\System32\drivers\RzDev_0068.sys [51184 2018-03-20] (Razer Inc)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [151552 2018-01-03] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [59480 2017-04-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [53816 2017-12-19] (Synaptics Incorporated)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [84432 2017-03-27] (The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-04-17] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [311848 2018-04-17] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60456 2018-04-17] (Microsoft Corporation)
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-04-19 11:27 - 2018-04-19 11:27 - 000022415 _____ C:\Users\Aliens\Desktop\FRST.txt
2018-04-19 11:27 - 2018-04-19 11:27 - 000000000 ____D C:\FRST
2018-04-19 11:26 - 2018-04-19 11:26 - 002403328 _____ (Farbar) C:\Users\Aliens\Desktop\FRST64.exe
2018-04-19 11:22 - 2018-04-19 11:22 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Aliens\Desktop\iExplore.exe
2018-04-19 11:21 - 2018-04-19 11:21 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Aliens\Desktop\rkill.exe
2018-04-19 11:21 - 2018-04-19 11:21 - 001780224 _____ (Bleeping Computer, LLC) C:\Users\Aliens\Desktop\rkill-unsigned.exe
2018-04-19 11:18 - 2018-04-19 11:18 - 000001520 _____ C:\Users\Public\Desktop\Razer Synapse.lnk
2018-04-19 11:03 - 2018-04-19 11:03 - 000000068 _____ C:\Users\Public\Documents\bootracer.tmp
2018-04-18 12:11 - 2018-04-18 12:11 - 000000000 ___HD C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP-
2018-04-18 11:03 - 2018-04-18 11:03 - 000000383 _____ C:\Users\Aliens\Downloads\lichess_study_asaf_chesswithadhd-ltdan_by_ChessWithADHD_2018.04.18.ini
2018-04-18 10:31 - 2018-04-18 10:31 - 000002255 _____ C:\Users\Aliens\Downloads\lichess_study_asaf_chesswithadhd-ltdan_by_ChessWithADHD_2018.04.18.pgn
2018-04-18 07:02 - 2018-04-18 07:02 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-
2018-04-18 07:01 - 2018-04-18 07:01 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup--
2018-04-17 14:06 - 2018-04-17 14:06 - 000000389 _____ C:\Users\Aliens\Downloads\auerswald.ini
2018-04-17 13:24 - 2018-04-17 14:06 - 000014076 _____ C:\Users\Aliens\Downloads\auerswald.pgi
2018-04-16 03:56 - 2018-04-16 03:56 - 000000383 _____ C:\Users\Aliens\Downloads\Position.ini
2018-04-16 03:55 - 2018-04-16 03:56 - 001421421 _____ C:\Users\Aliens\Downloads\auerswald.pgn
2018-04-16 00:58 - 2018-04-16 00:59 - 024265736 _____ (Microsoft) C:\Users\Aliens\Downloads\dotnetfx.exe
2018-04-16 00:57 - 2018-04-16 00:57 - 002654158 _____ C:\Users\Aliens\Downloads\cpt_setup_3_3_english.zip
2018-04-16 00:57 - 2018-04-16 00:57 - 000000000 ____D C:\Users\Aliens\Downloads\cpt_setup_3_3_english
2018-04-15 23:40 - 2018-04-15 23:40 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-04-14 21:12 - 2018-04-03 15:37 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-14 21:12 - 2018-04-03 15:37 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-14 05:39 - 2018-03-30 01:12 - 000599448 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2018-04-14 05:39 - 2018-03-30 01:06 - 000166304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2018-04-14 05:39 - 2018-03-30 01:03 - 000319864 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-04-14 05:39 - 2018-03-30 01:03 - 000059808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bam.sys
2018-04-14 05:39 - 2018-03-30 01:03 - 000022400 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-04-14 05:39 - 2018-03-30 01:01 - 000649304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-04-14 05:39 - 2018-03-30 01:01 - 000471968 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-04-14 05:39 - 2018-03-30 00:59 - 000398744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-04-14 05:39 - 2018-03-30 00:57 - 000081304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2018-04-14 05:39 - 2018-03-30 00:55 - 000062880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2018-04-14 05:39 - 2018-03-30 00:54 - 000749984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-04-14 05:39 - 2018-03-30 00:54 - 000408992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-04-14 05:39 - 2018-03-30 00:53 - 000246176 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-04-14 05:39 - 2018-03-30 00:53 - 000163744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2018-04-14 05:39 - 2018-03-30 00:52 - 000727456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-04-14 05:39 - 2018-03-30 00:52 - 000428960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-04-14 05:39 - 2018-03-30 00:51 - 000902928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-04-14 05:39 - 2018-03-30 00:51 - 000147872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-04-14 05:39 - 2018-03-30 00:50 - 000057760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-04-14 05:39 - 2018-03-30 00:28 - 001929712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-04-14 05:39 - 2018-03-30 00:27 - 000481464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-04-14 05:39 - 2018-03-30 00:23 - 000566664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-04-14 05:39 - 2018-03-30 00:13 - 002193176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-04-14 05:39 - 2018-03-30 00:10 - 000704080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-04-14 05:39 - 2018-03-30 00:07 - 001003160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-04-14 05:39 - 2018-03-30 00:05 - 000027040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVClientPS.dll
2018-04-14 05:39 - 2018-03-29 23:46 - 018925056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-04-14 05:39 - 2018-03-29 23:46 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-04-14 05:39 - 2018-03-29 23:46 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-04-14 05:39 - 2018-03-29 23:45 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-04-14 05:39 - 2018-03-29 23:45 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-04-14 05:39 - 2018-03-29 23:43 - 019355136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-04-14 05:39 - 2018-03-29 23:43 - 006576128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-04-14 05:39 - 2018-03-29 23:43 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-04-14 05:39 - 2018-03-29 23:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2018-04-14 05:39 - 2018-03-29 23:43 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2018-04-14 05:39 - 2018-03-29 23:42 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-04-14 05:39 - 2018-03-29 23:42 - 000268288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-04-14 05:39 - 2018-03-29 23:42 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-04-14 05:39 - 2018-03-29 23:42 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-04-14 05:39 - 2018-03-29 23:41 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-04-14 05:39 - 2018-03-29 23:41 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2018-04-14 05:39 - 2018-03-29 23:41 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-04-14 05:39 - 2018-03-29 23:41 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2018-04-14 05:39 - 2018-03-29 23:41 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-04-14 05:39 - 2018-03-29 23:40 - 011924992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-04-14 05:39 - 2018-03-29 23:40 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-04-14 05:39 - 2018-03-29 23:40 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-04-14 05:39 - 2018-03-29 23:39 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2018-04-14 05:39 - 2018-03-29 23:39 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-04-14 05:39 - 2018-03-29 23:38 - 006032384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-04-14 05:39 - 2018-03-29 23:38 - 000966656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2018-04-14 05:39 - 2018-03-29 23:38 - 000956928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2018-04-14 05:39 - 2018-03-29 23:38 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-04-14 05:39 - 2018-03-29 23:38 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-04-14 05:39 - 2018-03-29 23:38 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-04-14 05:39 - 2018-03-29 23:38 - 000235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-04-14 05:39 - 2018-03-29 23:37 - 003677184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-04-14 05:39 - 2018-03-29 23:36 - 002014720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-04-14 05:39 - 2018-03-29 23:36 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-04-14 05:39 - 2018-03-29 23:36 - 000897024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-04-14 05:39 - 2018-03-29 23:35 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-04-14 05:39 - 2018-03-29 23:35 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2018-04-14 05:39 - 2018-03-29 23:33 - 000331264 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2018-04-14 05:39 - 2018-03-29 23:33 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-04-14 05:39 - 2018-03-29 23:33 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2018-04-14 05:39 - 2018-03-29 23:33 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2018-04-14 05:39 - 2018-03-29 23:32 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-04-14 05:39 - 2018-03-29 23:32 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-04-14 05:39 - 2018-03-29 23:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-04-14 05:39 - 2018-03-29 23:31 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-04-14 05:39 - 2018-03-29 23:30 - 000748032 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2018-04-14 05:39 - 2018-03-29 23:30 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2018-04-14 05:39 - 2018-03-29 23:30 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-04-14 05:39 - 2018-03-29 23:30 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-04-14 05:39 - 2018-03-29 23:29 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-04-14 05:39 - 2018-03-29 23:28 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2018-04-14 05:39 - 2018-03-29 23:28 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-04-14 05:39 - 2018-03-29 23:28 - 000595456 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-04-14 05:39 - 2018-03-29 23:27 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2018-04-14 05:39 - 2018-03-29 23:27 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2018-04-14 05:39 - 2018-03-29 23:27 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-04-14 05:39 - 2018-03-29 23:26 - 004747776 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-04-14 05:39 - 2018-03-29 23:25 - 002083840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-04-14 05:39 - 2018-03-29 23:25 - 001822720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-04-14 05:39 - 2018-03-29 23:23 - 000963584 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-04-14 05:39 - 2018-03-29 23:23 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-04-14 05:39 - 2018-03-29 23:23 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-04-14 05:39 - 2018-03-29 23:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2018-04-14 05:39 - 2018-03-13 03:02 - 001954048 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-04-14 05:39 - 2018-03-13 02:59 - 000535968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-04-14 05:39 - 2018-03-13 02:58 - 000170904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-04-14 05:39 - 2018-03-13 02:54 - 000555936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-04-14 05:39 - 2018-03-13 02:50 - 000617312 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-04-14 05:39 - 2018-03-13 01:40 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-04-14 05:39 - 2018-03-13 01:33 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-04-14 05:39 - 2018-03-13 01:32 - 000286720 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-04-14 05:39 - 2018-03-13 01:19 - 001615712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-04-14 05:39 - 2018-03-13 01:15 - 000597160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-04-14 05:39 - 2018-03-13 00:43 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-04-14 05:39 - 2018-03-13 00:39 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2018-04-14 05:39 - 2018-03-13 00:37 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-04-14 05:39 - 2018-03-13 00:33 - 002464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-04-14 05:39 - 2018-03-13 00:31 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2018-04-14 05:39 - 2018-03-13 00:30 - 002349568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2018-04-14 05:39 - 2018-03-13 00:27 - 000078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2018-04-14 05:39 - 2017-11-26 08:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2018-04-14 05:38 - 2018-03-30 08:34 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-04-14 05:38 - 2018-03-30 01:18 - 001092008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-04-14 05:38 - 2018-03-30 01:14 - 000423320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-14 05:38 - 2018-03-30 01:12 - 000270208 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2018-04-14 05:38 - 2018-03-30 01:12 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2018-04-14 05:38 - 2018-03-30 01:10 - 000924648 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-04-14 05:38 - 2018-03-30 01:08 - 002513920 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-04-14 05:38 - 2018-03-30 01:08 - 001568160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-14 05:38 - 2018-03-30 01:08 - 001415296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-04-14 05:38 - 2018-03-30 01:08 - 000137112 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-14 05:38 - 2018-03-30 01:07 - 000300448 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-14 05:38 - 2018-03-30 01:07 - 000069528 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-04-14 05:38 - 2018-03-30 01:06 - 000053152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys
2018-04-14 05:38 - 2018-03-30 01:05 - 001206688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-04-14 05:38 - 2018-03-30 01:05 - 001056152 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-04-14 05:38 - 2018-03-30 01:05 - 000748448 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000191824 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000073120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-04-14 05:38 - 2018-03-30 01:05 - 000066720 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000059808 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000035744 _____ (Microsoft Corporation) C:\Windows\system32\SDFHost.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000022800 _____ (Microsoft Corporation) C:\Windows\system32\iumbase.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000022208 _____ (Microsoft Corporation) C:\Windows\system32\IumSdk.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000020888 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2018-04-14 05:38 - 2018-03-30 01:05 - 000015632 _____ (Microsoft Corporation) C:\Windows\system32\iumdll.dll
2018-04-14 05:38 - 2018-03-30 01:04 - 002002336 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-14 05:38 - 2018-03-30 01:04 - 000608160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-14 05:38 - 2018-03-30 01:04 - 000035224 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-04-14 05:38 - 2018-03-30 01:03 - 001277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-04-14 05:38 - 2018-03-30 01:03 - 000664992 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-14 05:38 - 2018-03-30 01:03 - 000508272 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2018-04-14 05:38 - 2018-03-30 01:03 - 000479920 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2018-04-14 05:38 - 2018-03-30 01:03 - 000460704 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-04-14 05:38 - 2018-03-30 01:03 - 000292384 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2018-04-14 05:38 - 2018-03-30 01:03 - 000272288 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-14 05:38 - 2018-03-30 01:03 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll
2018-04-14 05:38 - 2018-03-30 01:03 - 000139680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-04-14 05:38 - 2018-03-30 01:03 - 000077216 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-04-14 05:38 - 2018-03-30 01:02 - 000128416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-04-14 05:38 - 2018-03-30 01:01 - 008600480 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-04-14 05:38 - 2018-03-30 01:01 - 001209760 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-04-14 05:38 - 2018-03-30 01:01 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-04-14 05:38 - 2018-03-30 01:01 - 000034208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2018-04-14 05:38 - 2018-03-30 01:00 - 002395040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-04-14 05:38 - 2018-03-30 01:00 - 000103320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-04-14 05:38 - 2018-03-30 01:00 - 000094104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-04-14 05:38 - 2018-03-30 00:59 - 000082840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-04-14 05:38 - 2018-03-30 00:58 - 000898216 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-04-14 05:38 - 2018-03-30 00:58 - 000129432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys
2018-04-14 05:38 - 2018-03-30 00:58 - 000039328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2018-04-14 05:38 - 2018-03-30 00:57 - 001173576 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-04-14 05:38 - 2018-03-30 00:57 - 000711944 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-04-14 05:38 - 2018-03-30 00:57 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-04-14 05:38 - 2018-03-30 00:57 - 000121248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-04-14 05:38 - 2018-03-30 00:57 - 000109976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-04-14 05:38 - 2018-03-30 00:57 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2018-04-14 05:38 - 2018-03-30 00:56 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\wshhyperv.dll
2018-04-14 05:38 - 2018-03-30 00:55 - 000367344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2018-04-14 05:38 - 2018-03-30 00:54 - 002574240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-04-14 05:38 - 2018-03-30 00:54 - 000670112 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2018-04-14 05:38 - 2018-03-30 00:54 - 000645536 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2018-04-14 05:38 - 2018-03-30 00:54 - 000461728 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2018-04-14 05:38 - 2018-03-30 00:53 - 007676304 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-04-14 05:38 - 2018-03-30 00:53 - 002710736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-04-14 05:38 - 2018-03-30 00:53 - 002220952 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2018-04-14 05:38 - 2018-03-30 00:53 - 000831392 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2018-04-14 05:38 - 2018-03-30 00:53 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-04-14 05:38 - 2018-03-30 00:53 - 000549552 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2018-04-14 05:38 - 2018-03-30 00:53 - 000495008 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2018-04-14 05:38 - 2018-03-30 00:53 - 000094080 _____ (Microsoft Corporation) C:\Windows\system32\wwapi.dll
2018-04-14 05:38 - 2018-03-30 00:53 - 000040352 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll
2018-04-14 05:38 - 2018-03-30 00:52 - 021351632 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-04-14 05:38 - 2018-03-30 00:52 - 002457504 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2018-04-14 05:38 - 2018-03-30 00:52 - 000677280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-04-14 05:38 - 2018-03-30 00:52 - 000282528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-04-14 05:38 - 2018-03-30 00:52 - 000247480 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2018-04-14 05:38 - 2018-03-30 00:52 - 000192416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-04-14 05:38 - 2018-03-30 00:52 - 000054688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-04-14 05:38 - 2018-03-30 00:52 - 000047512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2018-04-14 05:38 - 2018-03-30 00:52 - 000028520 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2018-04-14 05:38 - 2018-03-30 00:51 - 000125568 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2018-04-14 05:38 - 2018-03-30 00:51 - 000123800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2018-04-14 05:38 - 2018-03-30 00:51 - 000071208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
2018-04-14 05:38 - 2018-03-30 00:50 - 001336344 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-04-14 05:38 - 2018-03-30 00:49 - 000204184 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 001778584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 001628064 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 001420696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 001101728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-04-14 05:38 - 2018-03-30 00:48 - 000819104 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2018-04-14 05:38 - 2018-03-30 00:48 - 000813984 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 000744856 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 000614304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-04-14 05:38 - 2018-03-30 00:48 - 000586800 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_win.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 000397720 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2018-04-14 05:38 - 2018-03-30 00:48 - 000231328 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2018-04-14 05:38 - 2018-03-30 00:28 - 000777912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-04-14 05:38 - 2018-03-30 00:24 - 000212896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-04-14 05:38 - 2018-03-30 00:19 - 006092152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-04-14 05:38 - 2018-03-30 00:18 - 000016600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshhyperv.dll
2018-04-14 05:38 - 2018-03-30 00:16 - 000289824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2018-04-14 05:38 - 2018-03-30 00:13 - 000450936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2018-04-14 05:38 - 2018-03-30 00:13 - 000073896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
2018-04-14 05:38 - 2018-03-30 00:12 - 000186520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2018-04-14 05:38 - 2018-03-30 00:10 - 000099240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2018-04-14 05:38 - 2018-03-30 00:09 - 020286120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-04-14 05:38 - 2018-03-30 00:06 - 000180632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-04-14 05:38 - 2018-03-30 00:05 - 001491360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2018-04-14 05:38 - 2018-03-30 00:04 - 000417368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_win.dll
2018-04-14 05:38 - 2018-03-29 23:55 - 025253888 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-04-14 05:38 - 2018-03-29 23:46 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-04-14 05:38 - 2018-03-29 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-04-14 05:38 - 2018-03-29 23:43 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-04-14 05:38 - 2018-03-29 23:42 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-04-14 05:38 - 2018-03-29 23:42 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-04-14 05:38 - 2018-03-29 23:42 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2018-04-14 05:38 - 2018-03-29 23:41 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-04-14 05:38 - 2018-03-29 23:41 - 000149504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2018-04-14 05:38 - 2018-03-29 23:41 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-04-14 05:38 - 2018-03-29 23:40 - 000524800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2018-04-14 05:38 - 2018-03-29 23:40 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2018-04-14 05:38 - 2018-03-29 23:37 - 001298944 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-04-14 05:38 - 2018-03-29 23:36 - 003664384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-04-14 05:38 - 2018-03-29 23:36 - 002869760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-04-14 05:38 - 2018-03-29 23:36 - 001474560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-04-14 05:38 - 2018-03-29 23:36 - 000825856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-04-14 05:38 - 2018-03-29 23:36 - 000098304 _____ C:\Windows\system32\runexehelper.exe
2018-04-14 05:38 - 2018-03-29 23:35 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-04-14 05:38 - 2018-03-29 23:35 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-04-14 05:38 - 2018-03-29 23:35 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-04-14 05:38 - 2018-03-29 23:35 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-04-14 05:38 - 2018-03-29 23:35 - 000400384 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-04-14 05:38 - 2018-03-29 23:35 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-04-14 05:38 - 2018-03-29 23:35 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\convertvhd.exe
2018-04-14 05:38 - 2018-03-29 23:35 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-04-14 05:38 - 2018-03-29 23:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 008031744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\IcsEntitlementHost.exe
2018-04-14 05:38 - 2018-03-29 23:33 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HyperVideo.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe
2018-04-14 05:38 - 2018-03-29 23:33 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
2018-04-14 05:38 - 2018-03-29 23:33 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
2018-04-14 05:38 - 2018-03-29 23:33 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2018-04-14 05:38 - 2018-03-29 23:32 - 023674880 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-04-14 05:38 - 2018-03-29 23:32 - 000186368 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2018-04-14 05:38 - 2018-03-29 23:32 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2018-04-14 05:38 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
2018-04-14 05:38 - 2018-03-29 23:32 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
2018-04-14 05:38 - 2018-03-29 23:32 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-04-14 05:38 - 2018-03-29 23:32 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-04-14 05:38 - 2018-03-29 23:32 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-04-14 05:38 - 2018-03-29 23:31 - 000795136 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000416768 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-04-14 05:38 - 2018-03-29 23:31 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-04-14 05:38 - 2018-03-29 23:31 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-04-14 05:38 - 2018-03-29 23:31 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2018-04-14 05:38 - 2018-03-29 23:31 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 012833280 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 001498112 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2018-04-14 05:38 - 2018-03-29 23:30 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 001495552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000791552 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-04-14 05:38 - 2018-03-29 23:29 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-04-14 05:38 - 2018-03-29 23:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 003121664 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 001245184 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 000984064 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-04-14 05:38 - 2018-03-29 23:28 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 000951808 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 000721408 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 000624128 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-04-14 05:38 - 2018-03-29 23:28 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-04-14 05:38 - 2018-03-29 23:27 - 008104960 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-04-14 05:38 - 2018-03-29 23:27 - 003170816 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-04-14 05:38 - 2018-03-29 23:27 - 001002496 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-04-14 05:38 - 2018-03-29 23:27 - 000985600 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-04-14 05:38 - 2018-03-29 23:27 - 000889856 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2018-04-14 05:38 - 2018-03-29 23:27 - 000813568 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-04-14 05:38 - 2018-03-29 23:27 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-04-14 05:38 - 2018-03-29 23:26 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-04-14 05:38 - 2018-03-29 23:26 - 002209280 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-04-14 05:38 - 2018-03-29 23:26 - 002086400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-04-14 05:38 - 2018-03-29 23:26 - 001955328 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-04-14 05:38 - 2018-03-29 23:26 - 001816576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-04-14 05:38 - 2018-03-29 23:26 - 001573376 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2018-04-14 05:38 - 2018-03-29 23:26 - 001343488 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2018-04-14 05:38 - 2018-03-29 23:26 - 000765952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-04-14 05:38 - 2018-03-29 23:26 - 000716288 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-04-14 05:38 - 2018-03-29 23:25 - 002628608 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 002528256 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 001597952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 001055744 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-04-14 05:38 - 2018-03-29 23:25 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2018-04-14 05:38 - 2018-03-29 23:24 - 000925184 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-04-14 05:38 - 2018-03-29 23:24 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-04-14 05:38 - 2018-03-29 23:23 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2018-04-14 05:38 - 2018-03-29 23:23 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2018-04-14 05:38 - 2018-03-29 23:22 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-04-14 05:38 - 2018-03-29 23:22 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
2018-04-14 05:38 - 2018-03-29 23:22 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
2018-04-14 05:38 - 2018-03-29 23:21 - 002511360 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2018-04-14 05:38 - 2018-03-29 23:21 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2018-04-14 05:38 - 2018-03-29 23:20 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2018-04-14 05:38 - 2018-03-29 23:20 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-04-14 05:38 - 2018-03-29 23:20 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-04-14 05:38 - 2018-03-29 23:20 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-04-14 05:38 - 2018-03-29 23:20 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-04-14 05:38 - 2018-03-29 23:20 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-04-14 05:38 - 2018-03-29 23:20 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2018-04-14 05:38 - 2018-03-29 23:20 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
2018-04-14 05:38 - 2018-03-28 15:54 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-04-14 05:38 - 2018-03-13 03:03 - 005907288 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-04-14 05:38 - 2018-03-13 03:03 - 000779960 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-04-14 05:38 - 2018-03-13 03:03 - 000739696 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-04-14 05:38 - 2018-03-13 03:03 - 000382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-04-14 05:38 - 2018-03-13 03:03 - 000279960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-04-14 05:38 - 2018-03-13 02:58 - 000441248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-04-14 05:38 - 2018-03-13 02:58 - 000377760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-04-14 05:38 - 2018-03-13 02:55 - 001778360 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2018-04-14 05:38 - 2018-03-13 02:55 - 000979352 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2018-04-14 05:38 - 2018-03-13 02:55 - 000417440 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2018-04-14 05:38 - 2018-03-13 02:55 - 000334240 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2018-04-14 05:38 - 2018-03-13 02:54 - 000128928 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-04-14 05:38 - 2018-03-13 02:53 - 001054272 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-04-14 05:38 - 2018-03-13 02:53 - 000774560 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2018-04-14 05:38 - 2018-03-13 02:53 - 000143264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2018-04-14 05:38 - 2018-03-13 02:53 - 000113568 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-04-14 05:38 - 2018-03-13 02:53 - 000091152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2018-04-14 05:38 - 2018-03-13 02:52 - 007384576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-04-14 05:38 - 2018-03-13 02:52 - 000172112 _____ (Microsoft Corporation) C:\Windows\system32\RTWorkQ.dll
2018-04-14 05:38 - 2018-03-13 02:52 - 000127136 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2018-04-14 05:38 - 2018-03-13 02:51 - 002773408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-04-14 05:38 - 2018-03-13 01:41 - 003995136 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2018-04-14 05:38 - 2018-03-13 01:38 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2018-04-14 05:38 - 2018-03-13 01:38 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2018-04-14 05:38 - 2018-03-13 01:38 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2018-04-14 05:38 - 2018-03-13 01:37 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\NetDriverInstall.dll
2018-04-14 05:38 - 2018-03-13 01:37 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2018-04-14 05:38 - 2018-03-13 01:37 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2018-04-14 05:38 - 2018-03-13 01:36 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\mfksproxy.dll
2018-04-14 05:38 - 2018-03-13 01:36 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2018-04-14 05:38 - 2018-03-13 01:35 - 000758272 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2018-04-14 05:38 - 2018-03-13 01:35 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-04-14 05:38 - 2018-03-13 01:35 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-04-14 05:38 - 2018-03-13 01:35 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-04-14 05:38 - 2018-03-13 01:35 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\TtlsAuth.dll
2018-04-14 05:38 - 2018-03-13 01:35 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\TtlsCfg.dll
2018-04-14 05:38 - 2018-03-13 01:35 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2018-04-14 05:38 - 2018-03-13 01:34 - 008727552 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-04-14 05:38 - 2018-03-13 01:34 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2018-04-14 05:38 - 2018-03-13 01:34 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\TtlsExt.dll
2018-04-14 05:38 - 2018-03-13 01:34 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\BrowserSettingSync.dll
2018-04-14 05:38 - 2018-03-13 01:34 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2018-04-14 05:38 - 2018-03-13 01:33 - 007544832 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-04-14 05:38 - 2018-03-13 01:33 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2018-04-14 05:38 - 2018-03-13 01:33 - 001015296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2018-04-14 05:38 - 2018-03-13 01:33 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2018-04-14 05:38 - 2018-03-13 01:33 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2018-04-14 05:38 - 2018-03-13 01:33 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-04-14 05:38 - 2018-03-13 01:33 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2018-04-14 05:38 - 2018-03-13 01:32 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-04-14 05:38 - 2018-03-13 01:32 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2018-04-14 05:38 - 2018-03-13 01:32 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-04-14 05:38 - 2018-03-13 01:32 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-04-14 05:38 - 2018-03-13 01:31 - 001263104 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-04-14 05:38 - 2018-03-13 01:31 - 001173504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-04-14 05:38 - 2018-03-13 01:31 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-04-14 05:38 - 2018-03-13 01:30 - 007145472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-04-14 05:38 - 2018-03-13 01:30 - 003400192 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-04-14 05:38 - 2018-03-13 01:30 - 000893440 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2018-04-14 05:38 - 2018-03-13 01:30 - 000863744 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2018-04-14 05:38 - 2018-03-13 01:30 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2018-04-14 05:38 - 2018-03-13 01:30 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-04-14 05:38 - 2018-03-13 01:29 - 003211776 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 003160576 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 002857984 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 001967104 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 001157632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 000939520 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 000837120 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-04-14 05:38 - 2018-03-13 01:28 - 000508928 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2018-04-14 05:38 - 2018-03-13 01:27 - 003125760 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2018-04-14 05:38 - 2018-03-13 01:27 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2018-04-14 05:38 - 2018-03-13 01:27 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2018-04-14 05:38 - 2018-03-13 01:26 - 001737728 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-04-14 05:38 - 2018-03-13 01:26 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2018-04-14 05:38 - 2018-03-13 01:25 - 001346560 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2018-04-14 05:38 - 2018-03-13 01:25 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2018-04-14 05:38 - 2018-03-13 01:24 - 001275904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2018-04-14 05:38 - 2018-03-13 01:24 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2018-04-14 05:38 - 2018-03-13 01:24 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2018-04-14 05:38 - 2018-03-13 01:23 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2018-04-14 05:38 - 2018-03-13 01:23 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2018-04-14 05:38 - 2018-03-13 01:23 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2018-04-14 05:38 - 2018-03-13 01:22 - 000568320 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-04-14 05:38 - 2018-03-13 01:22 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2018-04-14 05:38 - 2018-03-13 01:22 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-04-14 05:38 - 2018-03-13 01:22 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-04-14 05:38 - 2018-03-13 01:19 - 000649304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-04-14 05:38 - 2018-03-13 01:19 - 000311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-04-14 05:38 - 2018-03-13 01:08 - 001555784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2018-04-14 05:38 - 2018-03-13 01:08 - 000747416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2018-04-14 05:38 - 2018-03-13 01:07 - 000115104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-04-14 05:38 - 2018-03-13 01:06 - 000564640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2018-04-14 05:38 - 2018-03-13 01:04 - 006481096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-14 05:38 - 2018-03-13 01:04 - 001057824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-04-14 05:38 - 2018-03-13 01:04 - 000140592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2018-04-14 05:38 - 2018-03-13 00:44 - 003490816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2018-04-14 05:38 - 2018-03-13 00:40 - 006118400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-04-14 05:38 - 2018-03-13 00:40 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-04-14 05:38 - 2018-03-13 00:40 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll
2018-04-14 05:38 - 2018-03-13 00:39 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-04-14 05:38 - 2018-03-13 00:39 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-04-14 05:38 - 2018-03-13 00:39 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TtlsCfg.dll
2018-04-14 05:38 - 2018-03-13 00:38 - 006466560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-04-14 05:38 - 2018-03-13 00:38 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlgpclnt.dll
2018-04-14 05:38 - 2018-03-13 00:37 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-04-14 05:38 - 2018-03-13 00:37 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2018-04-14 05:38 - 2018-03-13 00:37 - 000537088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-04-14 05:38 - 2018-03-13 00:37 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2018-04-14 05:38 - 2018-03-13 00:37 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2018-04-14 05:38 - 2018-03-13 00:37 - 000169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2018-04-14 05:38 - 2018-03-13 00:37 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2018-04-14 05:38 - 2018-03-13 00:36 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-04-14 05:38 - 2018-03-13 00:36 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-04-14 05:38 - 2018-03-13 00:35 - 006204416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-04-14 05:38 - 2018-03-13 00:34 - 002409984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-04-14 05:38 - 2018-03-13 00:34 - 000706048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2018-04-14 05:38 - 2018-03-13 00:33 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-04-14 05:38 - 2018-03-13 00:32 - 002577408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-04-14 05:38 - 2018-03-13 00:31 - 001348608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-04-14 05:38 - 2018-03-13 00:31 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2018-04-14 05:38 - 2018-03-13 00:31 - 000402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2018-04-14 05:38 - 2018-03-13 00:30 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2018-04-14 05:38 - 2018-03-13 00:28 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2018-04-14 05:38 - 2018-03-13 00:27 - 000190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2018-04-14 05:38 - 2018-03-13 00:26 - 000483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2018-04-14 05:38 - 2017-11-26 09:32 - 000184984 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-04-14 05:38 - 2017-11-26 07:12 - 000123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-04-14 05:37 - 2018-03-29 23:45 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2018-04-14 05:37 - 2018-03-29 23:44 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2018-04-14 05:37 - 2018-03-29 23:44 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-04-14 05:37 - 2018-03-29 23:43 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2018-04-14 05:37 - 2018-03-29 23:43 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2018-04-14 05:37 - 2018-03-29 23:43 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-04-14 05:37 - 2018-03-29 23:43 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-14 05:37 - 2018-03-29 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-04-14 05:37 - 2018-03-29 23:43 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-04-14 05:37 - 2018-03-29 23:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2018-04-14 05:37 - 2018-03-29 23:43 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2018-04-14 05:37 - 2018-03-29 23:43 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-04-14 05:37 - 2018-03-29 23:42 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2018-04-14 05:37 - 2018-03-29 23:42 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-04-14 05:37 - 2018-03-29 23:42 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2018-04-14 05:37 - 2018-03-29 23:40 - 000314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2018-04-14 05:37 - 2018-03-29 23:40 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2018-04-14 05:37 - 2018-03-29 23:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2018-04-14 05:37 - 2018-03-29 23:39 - 000776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-04-14 05:37 - 2018-03-29 23:36 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2018-04-14 05:37 - 2018-03-29 23:35 - 000371200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-04-14 05:37 - 2018-03-29 23:35 - 000233984 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-04-14 05:37 - 2018-03-29 23:35 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2018-04-14 05:37 - 2018-03-29 23:34 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2018-04-14 05:37 - 2018-03-29 23:33 - 000707584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-04-14 05:37 - 2018-03-29 23:33 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-04-14 05:37 - 2018-03-29 23:33 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2018-04-14 05:37 - 2018-03-29 23:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-04-14 05:37 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\sysntfy.dll
2018-04-14 05:37 - 2018-03-29 23:33 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2018-04-14 05:37 - 2018-03-29 23:33 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-04-14 05:37 - 2018-03-29 23:33 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2018-04-14 05:37 - 2018-03-29 23:32 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2018-04-14 05:37 - 2018-03-29 23:32 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\efslsaext.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdPnp.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
2018-04-14 05:37 - 2018-03-29 23:32 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
2018-04-14 05:37 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2018-04-14 05:37 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2018-04-14 05:37 - 2018-03-29 23:32 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2018-04-14 05:37 - 2018-03-29 23:31 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2018-04-14 05:37 - 2018-03-29 23:31 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2018-04-14 05:37 - 2018-03-29 23:31 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2018-04-14 05:37 - 2018-03-29 23:30 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
2018-04-14 05:37 - 2018-03-29 23:30 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-04-14 05:37 - 2018-03-29 23:30 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2018-04-14 05:37 - 2018-03-29 23:29 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2018-04-14 05:37 - 2018-03-29 23:29 - 000298496 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2018-04-14 05:37 - 2018-03-29 23:29 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2018-04-14 05:37 - 2018-03-29 23:28 - 000820224 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2018-04-14 05:37 - 2018-03-29 23:27 - 000947712 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-04-14 05:37 - 2018-03-29 23:27 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2018-04-14 05:37 - 2018-03-29 23:27 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2018-04-14 05:37 - 2018-03-29 23:25 - 000841216 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-04-14 05:37 - 2018-03-29 23:25 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-04-14 05:37 - 2018-03-29 23:25 - 000270848 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-04-14 05:37 - 2018-03-29 23:23 - 000387584 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2018-04-14 05:37 - 2018-03-29 23:20 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\fdPnp.dll
2018-04-14 05:37 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
2018-04-14 05:37 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
2018-04-14 05:37 - 2018-03-13 01:40 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2018-04-14 05:37 - 2018-03-13 01:32 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2018-04-14 05:37 - 2018-03-13 01:31 - 002849792 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-04-14 05:37 - 2018-03-13 01:31 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2018-04-14 05:37 - 2018-03-13 00:44 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2018-04-14 05:37 - 2018-03-13 00:36 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BrowserSettingSync.dll
2018-04-14 05:37 - 2018-03-13 00:32 - 001948672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-04-14 05:15 - 2018-04-14 05:15 - 000001944 _____ C:\Users\Public\Desktop\NordVPN.lnk
2018-04-14 05:12 - 2018-04-14 05:12 - 000000000 ____D C:\Program Files (x86)\NordVPN
2018-04-14 05:11 - 2018-04-14 05:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2018-03-28 04:20 - 2018-03-28 04:20 - 000028734 _____ C:\Users\Aliens\Documents\HKLM_SYSTEM_CurrentControlSet_Control_Print_Backup-2018_03_28-04_20.reg
2018-03-28 03:32 - 2018-03-28 03:32 - 000000000 ____D C:\Users\Aliens\Downloads\gmer
2018-03-28 03:22 - 2018-03-28 03:22 - 000371282 _____ C:\Users\Aliens\Downloads\gmer.zip
2018-03-28 03:21 - 2018-03-28 03:22 - 005198336 _____ (AVAST Software) C:\Users\Aliens\Downloads\aswMBR.exe
2018-03-28 03:02 - 2018-03-28 02:19 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts.20180328-030236.backup
2018-03-28 02:44 - 2018-03-28 02:44 - 000001968 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-03-28 02:44 - 2018-03-28 02:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-03-28 02:38 - 2018-03-28 02:44 - 000000000 ____D C:\Program Files\HitmanPro
2018-03-28 02:37 - 2018-03-28 02:47 - 000000000 ____D C:\ProgramData\HitmanPro
2018-03-28 02:37 - 2018-03-28 02:39 - 000155320 _____ C:\Users\Aliens\Desktop\Show-Hidden.txt
2018-03-28 02:37 - 2018-03-28 02:38 - 011605440 _____ (SurfRight B.V.) C:\Users\Aliens\Downloads\HitmanPro_x64.exe
2018-03-28 02:37 - 2018-03-28 02:37 - 000393168 _____ (Bleeping Computer, LLC) C:\Users\Aliens\Downloads\show-hidden.exe
2018-03-28 02:31 - 2018-03-28 02:36 - 000000630 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2018-03-28 02:31 - 2018-03-28 02:36 - 000000460 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2018-03-28 02:31 - 2018-03-28 02:31 - 000001426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-03-28 02:31 - 2018-03-28 02:31 - 000001414 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-03-28 02:31 - 2018-03-28 02:31 - 000000656 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2018-03-28 02:08 - 2018-03-28 02:08 - 000983168 _____ (Bleeping Computer, LLC) C:\Users\Aliens\Downloads\rkill_2.9.1.064.exe
2018-03-28 01:28 - 2018-03-28 01:28 - 000163230 _____ C:\Users\Aliens\Documents\HKLM_SYSTEM_CurrentControlSet_Control_Print_Backup-2018_03_28-01_28.reg
2018-03-28 01:23 - 2018-03-28 02:41 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-03-27 23:49 - 2018-03-27 23:49 - 000000383 _____ C:\Users\Aliens\Downloads\lichess_study_candidates-2018-rd-14_grischuk-alexander-caruana-fabiano_by_broadcaster_2018.03.27.ini
2018-03-27 23:46 - 2018-03-27 23:46 - 000005368 _____ C:\Users\Aliens\Downloads\lichess_study_candidates-2018-rd-14_grischuk-alexander-caruana-fabiano_by_broadcaster_2018.03.27.pgn
2018-03-27 04:58 - 2018-03-27 04:58 - 000131744 _____ (Razer Inc.) C:\Windows\system32\RzChromaSDK64.dll
2018-03-27 04:58 - 2018-03-27 04:58 - 000113312 _____ (Razer Inc.) C:\Windows\SysWOW64\RzChromaSDK.dll
2018-03-23 20:09 - 2018-04-18 12:09 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2018-03-23 18:37 - 2018-03-23 18:37 - 000000000 ___DL C:\Users\All Users
2018-03-23 17:26 - 2018-04-19 11:02 - 000000252 _____ C:\Windows\SysWOW64\PARTIZAN.TXT
2018-03-23 17:26 - 2018-04-18 12:14 - 000069632 _____ C:\Users\Public\Documents\bootracer.his
2018-03-23 17:13 - 2018-03-23 17:13 - 000000000 _____ C:\Users\Aliens\Desktop\New Text Document.txt
2018-03-23 17:10 - 2018-04-19 11:25 - 000003074 _____ C:\Users\Aliens\Desktop\Rkill.txt
2018-03-23 15:57 - 2018-03-23 15:57 - 000000000 _RSHD C:\comment.htt
2018-03-23 15:52 - 2018-03-23 15:52 - 000000000 ____D C:\@RestoreQuarantine
2018-03-23 15:35 - 2018-03-23 15:35 - 000737116 _____ C:\Users\Aliens\Desktop\regrunlog.txt
2018-03-23 15:26 - 2018-03-23 15:27 - 018220930 _____ C:\Users\Aliens\Downloads\unhackmeb.zip
2018-03-23 15:26 - 2018-03-23 15:26 - 000001126 _____ C:\Users\Aliens\Desktop\Reset Edge Home.lnk
2018-03-23 15:26 - 2018-03-23 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EdgeResetButton
2018-03-23 15:26 - 2018-03-23 15:26 - 000000000 ____D C:\Program Files (x86)\EdgeResetButton
2018-03-23 15:25 - 2018-03-23 15:25 - 000000000 ____D C:\Users\Aliens\Downloads\edge_reset_button_setup
2018-03-23 15:21 - 2018-03-23 15:21 - 000608174 _____ C:\Users\Aliens\Downloads\edge_reset_button_setup.zip
2018-03-23 15:14 - 2018-03-23 15:14 - 000000000 ____D C:\Users\Aliens\AppData\Local\BootRacer
2018-03-23 15:07 - 2018-04-19 11:04 - 000000791 _____ C:\Users\Public\Documents\bootracer.ini
2018-03-23 15:07 - 2018-04-19 11:03 - 000000000 ____D C:\Program Files (x86)\BootRacer
2018-03-23 15:07 - 2018-04-18 12:15 - 000000000 ____D C:\ProgramData\BootRacer
2018-03-23 15:07 - 2018-03-23 15:07 - 000000000 ____D C:\Users\Aliens\Downloads\bootracer-beta
2018-03-23 15:07 - 2018-03-23 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BootRacer
2018-03-23 15:06 - 2018-03-23 15:06 - 011507381 _____ C:\Users\Aliens\Downloads\bootracer-beta.zip
2018-03-23 15:02 - 2018-04-19 11:03 - 000000000 ____D C:\ProgramData\RegRun
2018-03-23 15:01 - 2018-03-23 15:01 - 000040304 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
2018-03-23 15:01 - 2018-03-23 08:08 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts.old
2018-03-23 14:59 - 2018-04-18 12:14 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo
2018-03-23 14:59 - 2018-04-18 12:13 - 000000000 ____D C:\Users\Aliens\Documents\RegRun2
2018-03-23 14:59 - 2018-03-23 15:33 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2018-03-23 14:59 - 2018-03-23 15:21 - 000003422 _____ C:\Windows\System32\Tasks\UnHackMe Task Scheduler
2018-03-23 14:59 - 2018-03-23 14:59 - 000001042 _____ C:\Users\Aliens\Desktop\UnHackMe.lnk
2018-03-23 14:59 - 2018-03-23 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2018-03-23 14:59 - 2018-03-21 16:41 - 000014984 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
2018-03-23 14:59 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\Windows\system32\partizan.exe
2018-03-23 14:58 - 2018-03-23 14:58 - 000000000 ____D C:\Users\Aliens\Downloads\unhackme_9.70.0.670
2018-03-23 14:57 - 2018-03-23 14:58 - 018220930 _____ C:\Users\Aliens\Downloads\unhackme_9.70.0.670.zip
2018-03-23 14:56 - 2018-03-23 14:57 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Aliens\Downloads\rkill_2.9.1.0.exe
2018-03-23 14:53 - 2018-03-28 01:33 - 000000000 ____D C:\AdwCleaner
2018-03-23 14:53 - 2018-03-23 14:53 - 008222496 _____ (Malwarebytes) C:\Users\Aliens\Downloads\adwcleaner_7.0.8.0.exe
2018-03-23 14:51 - 2018-03-23 14:51 - 000000000 ____D C:\Users\Aliens\Documents\Custom Office Templates
2018-03-23 08:54 - 2018-03-28 03:24 - 000000000 ____D C:\Users\Aliens\AppData\Local\ESET
2018-03-23 08:54 - 2018-03-23 08:54 - 006968952 _____ (ESET spol. s r.o.) C:\Users\Aliens\Downloads\esetonlinescanner_enu.exe
2018-03-23 08:53 - 2018-03-23 08:53 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-23 08:53 - 2018-03-23 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-23 08:53 - 2018-01-18 09:03 - 000076200 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-03-23 08:52 - 2018-03-23 08:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-23 08:52 - 2018-03-23 08:52 - 000000000 ____D C:\Program Files\Malwarebytes
2018-03-23 08:50 - 2018-03-23 08:51 - 071191456 _____ (Malwarebytes ) C:\Users\Aliens\Downloads\mb3-setup-consumer-3.4.4.2398-1.0.322-1.0.4446.exe
2018-03-23 05:33 - 2018-03-23 06:04 - 000000383 _____ C:\Users\Aliens\Downloads\lichess_study_candidates-2018-rd-10_kramnik-vladimir-aronian-levon_by_broadcaster_2018.03.22.ini
2018-03-23 05:32 - 2018-03-23 05:32 - 000001450 _____ C:\Users\Aliens\Downloads\lichess_study_candidates-2018-rd-10_kramnik-vladimir-aronian-levon_by_broadcaster_2018.03.22.pgn
2018-03-23 00:26 - 2018-03-23 00:27 - 004197032 _____ C:\Users\Aliens\Downloads\RazerSynapseInstaller_DT_V1.0.67.89.exe
2018-03-22 05:20 - 2018-03-23 04:57 - 000000383 _____ C:\Users\Aliens\Downloads\lichess_study_chessexplaineds-study-for-ryan_fischer-robert-james-gadia-olicio_by_ChessExplained_2017.11.02.ini
2018-03-22 05:19 - 2018-03-22 05:19 - 000002334 _____ C:\Users\Aliens\Downloads\lichess_study_chessexplaineds-study-for-ryan_fischer-robert-james-gadia-olicio_by_ChessExplained_2017.11.02.pgn
2018-03-20 17:37 - 2018-03-20 17:37 - 000051184 _____ (Razer Inc) C:\Windows\system32\Drivers\RzDev_0068.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-04-19 11:24 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-04-19 11:22 - 2018-01-18 15:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-19 11:18 - 2018-03-19 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2018-04-19 11:15 - 2018-01-18 12:20 - 000000000 ____D C:\Windows\INF
2018-04-19 11:11 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\AppReadiness
2018-04-19 11:11 - 2018-01-18 12:21 - 000000000 ____D C:\Program Files\WindowsApps
2018-04-19 11:08 - 2018-01-18 15:34 - 000881772 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-19 11:03 - 2018-01-18 20:35 - 000000000 __SHD C:\Users\Aliens\IntelGraphicsProfiles
2018-04-19 11:03 - 2018-01-18 15:17 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-18 12:20 - 2018-01-18 12:18 - 000524288 _____ C:\Windows\system32\config\BBI
2018-04-18 11:39 - 2018-03-19 22:01 - 000000000 ____D C:\Users\Aliens\AppData\Local\CrashDumps
2018-04-18 11:10 - 2017-11-14 09:05 - 000000593 _____ C:\Users\Aliens\Downloads\Mega Database 2018.ini
2018-04-17 22:26 - 2018-03-02 05:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-04-17 13:18 - 2018-01-18 15:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-04-17 07:49 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\rescache
2018-04-15 18:22 - 2018-01-18 15:17 - 000260512 _____ C:\Windows\system32\FNTCACHE.DAT
2018-04-15 18:22 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\CSC
2018-04-15 18:21 - 2018-01-18 12:18 - 000000000 ____D C:\Windows\CbsTemp
2018-04-15 17:55 - 2018-01-03 18:49 - 000851594 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-04-14 21:13 - 2018-01-18 20:35 - 000000000 ___RD C:\Users\Aliens\3D Objects
2018-04-14 21:13 - 2018-01-18 20:35 - 000000000 ___HD C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP--
2018-04-14 21:13 - 2018-01-03 18:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-14 21:01 - 2018-01-18 12:21 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-04-14 21:00 - 2018-01-18 12:21 - 000000000 ___SD C:\Windows\system32\F12
2018-04-14 21:00 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\system32\appraiser
2018-04-14 21:00 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\ShellExperiences
2018-04-14 05:57 - 2018-01-18 20:42 - 000000000 ____D C:\Windows\system32\MRT
2018-04-14 05:53 - 2018-01-18 20:42 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-14 05:53 - 2018-01-18 20:42 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-14 05:44 - 2018-01-19 07:43 - 000000000 ____D C:\Windows\Minidump
2018-04-14 05:15 - 2018-03-02 06:38 - 000000000 ____D C:\Users\Aliens\AppData\Roaming\NordVPN
2018-04-14 04:52 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\LiveKernelReports
2018-04-14 04:49 - 2018-01-18 20:33 - 000000000 ____D C:\Users\Aliens
2018-04-14 04:40 - 2017-09-29 09:46 - 000014186 _____ C:\Windows\system32\Drivers\etc\hosts_bak_608
2018-04-14 04:37 - 2018-03-02 08:19 - 000000000 ____D C:\Users\Aliens\AppData\Local\NordVPN
2018-03-28 03:02 - 2017-09-29 09:46 - 000454537 _____ C:\Windows\system32\Drivers\etc\hosts_bak_105
2018-03-28 03:01 - 2018-03-18 10:25 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-03-28 02:31 - 2018-03-18 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-03-28 02:25 - 2018-01-03 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
2018-03-28 00:34 - 2018-01-18 20:44 - 000000000 ____D C:\Users\Aliens\AppData\Local\ChessBase
2018-03-23 20:22 - 2017-09-29 09:46 - 000012826 _____ C:\Windows\system32\Drivers\etc\hosts_bak_153
2018-03-23 17:19 - 2018-01-18 12:21 - 000000000 ____D C:\Windows\system32\NDF
2018-03-23 15:01 - 2017-09-29 09:46 - 000012826 _____ C:\Windows\system32\Drivers\etc\hosts_bak_678
2018-03-23 08:09 - 2018-03-18 11:01 - 000003658 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-03-23 05:23 - 2017-10-11 09:57 - 030513600 _____ C:\Users\Aliens\Downloads\Mega Database 2018.cko
2018-03-23 02:00 - 2018-01-18 20:48 - 000000000 ____D C:\Users\Aliens\Documents\ChessBase
2018-03-22 23:51 - 2018-03-18 00:13 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-22 23:51 - 2018-03-18 00:13 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-04-14 05:42
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by Aliens (19-04-2018 11:28:23)
Running from C:\Users\Aliens\Desktop
Windows 10 Pro Version 1709 16299.371 (X64) (2018-01-18 19:28:56)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4247720935-3746245100-2290869119-500 - Administrator - Enabled)
Aliens (S-1-5-21-4247720935-3746245100-2290869119-1001 - Administrator - Enabled) => C:\Users\Aliens
DefaultAccount (S-1-5-21-4247720935-3746245100-2290869119-503 - Limited - Enabled)
Guest (S-1-5-21-4247720935-3746245100-2290869119-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4247720935-3746245100-2290869119-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Spybot - Search and Destroy (Disabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Alienware Command Center (HKLM\...\{4A7B5997-A768-4678-9329-00F3A1F2554D}) (Version: 4.7.10.0 - Dell Inc.) Hidden
Alienware Command Center (HKLM-x32\...\InstallShield_{4A7B5997-A768-4678-9329-00F3A1F2554D}) (Version: 4.7.10.0 - Dell Inc.)
Alienware Digital Delivery (HKLM-x32\...\{1B706C33-57B3-411B-BB6E-C4A2CF38AF35}) (Version: 3.4.1002.0 - Dell Products, LP)
Alienware Graphics Amplifier Software Installer (HKLM\...\{65A710ED-DB96-4BA8-8B90-116D73D2D647}) (Version: 3.0.13.0 - Dell Inc.) Hidden
Alienware Graphics Amplifier Software Installer (HKLM-x32\...\InstallShield_{65A710ED-DB96-4BA8-8B90-116D73D2D647}) (Version: 3.0.13.0 - Dell Inc.)
Alienware On-Screen Display (HKLM-x32\...\{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.30 - Alienware Corp.) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.30 - Alienware Corp.)
Alienware Sound Center (HKLM-x32\...\{e2d19baa-995b-4b46-866b-baaf95c06224}) (Version: 1.1.5 - Alienware) Hidden
Alienware Update (HKLM-x32\...\{632610E3-5B12-403C-9C93-EF533ED1C113}) (Version: 1.10.5.0 - Dell Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 387.99 - NVIDIA Corporation) Hidden
AudioLaunchpadConfigurator (HKLM\...\{3726345E-31B4-4A39-983E-1BCF0104DF75}) (Version: 1.1.501 - Alienware) Hidden
CheckDevicesConfigurator (HKLM\...\{FD0044F5-AF4F-460B-BF79-6689558721C9}) (Version: 1.1.501 - Alienware) Hidden
ChessBase 14 64-bit (HKLM\...\{AC59D64C-BA1D-49AB-B8C9-D0366A1E7AAE}) (Version: 14.12.0.0 - ChessBase)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssist Remediation (HKLM\...\{9C32DD4A-3321-4BD5-BD11-C4B18ECE6AE7}) (Version: 3.2.0.4834 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{9ae76d49-72b5-402c-b900-0dc71ab8ebef}) (Version: 3.2.0.4834 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{9DD6B149-CEBC-4910-B11A-242393EDF6D3}) (Version: 2.1.4.14 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{AB1A407B-E492-4DA1-B024-F96606D1B0B7}) (Version: 3.2.0.4834 - Dell Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 2.0.6875.402 - PC-Doctor, Inc.) Hidden
EMSC (HKLM-x32\...\{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.31 - Compal Electronics, Inc.) Hidden
EMSC (HKLM-x32\...\InstallShield_{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.31 - Compal Electronics, Inc.) Hidden
Free Fall Data Protection (HKLM\...\{5141F653-8707-4B96-9349-247C66319C11}) (Version: 1.1.5.2 - Kionix, Inc.)
Fritz 16 64-bit (HKLM\...\{B4B187D1-3D23-47B8-9CAC-F71B2FE5C14F}) (Version: 16.4.0.0 - ChessBase)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.292 - SurfRight B.V.)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Killer Ethernet Performance Suite (HKLM\...\{5A8D7377-2BAB-4880-A5FB-B91239BD771C}) (Version: 1.2.1268 - Rivet Networks)
Killer Wireless Drivers (HKLM\...\{76EAE8AA-E399-489C-80BC-A8E73114EF20}) (Version: 1.2.1268 - Rivet Networks)
LauncherSetup (HKLM\...\{57EB0016-CE37-4D09-8282-D83133249A0F}) (Version: 1.1.501 - Alienware) Hidden
Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Nahimic2UISetup (HKLM\...\{D77F79ED-B98F-4DB9-8498-39C5AD2BE1FD}) (Version: 1.1.501 - Alienware) Hidden
NahimicSettingsConfigurator (HKLM\...\{F88A4367-5097-44EF-8E77-27D801B84B00}) (Version: 1.1.501 - Alienware) Hidden
NordVPN (HKLM-x32\...\{5B727BF8-D797-4CB9-9B90-69D78F4986C6}) (Version: 6.12.11 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.12.11) (Version: 6.12.11 - NordVPN)
NVIDIA 3D Vision Driver 387.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 387.99 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Graphics Driver 387.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 387.99 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.111.1.28 - Overwolf Ltd.)
ProductDaemonSetup (HKLM\...\{0638E5BA-125E-425D-BF01-8A6B0CDBB34E}) (Version: 1.1.501 - Alienware) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.12.2 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0331.041818 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
SonicMapperConfigurator (HKLM\...\{ED221F20-5D17-4703-8EB4-909DD736DB3E}) (Version: 1.1.501 - Alienware) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)
Tet Fw Files (HKLM-x32\...\{D7ECC60F-0EDA-4984-91BD-2F2C90A602BA}) (Version: 1.0.0.0 - Tobii AB) Hidden
Thunderbolt™ Software (HKLM-x32\...\{F55C97BF-D9B2-4BB6-B16A-25A621BC50E9}) (Version: 16.2.52.250 - Intel Corporation)
Tobii Bundle Requirements (HKLM-x32\...\{0FC6EDE1-E1B6-4AC4-833B-3FBC2871A208}) (Version: 2.10.0.6432 - Tobii AB) Hidden
Tobii Eula (HKLM-x32\...\{D9EEAE28-8BC2-412B-BF40-6FF6C82F4F41}) (Version: 2.10.0.6432 - Tobii AB) Hidden
Tobii Eye Tracking (HKLM-x32\...\{def619fe-04aa-47e1-80aa-f1abc3cf15cd}) (Version: 2.10.0.6432 - Tobii AB)
Tobii EyeX (HKLM-x32\...\{B2EA04C5-7D62-49D4-AE5D-32A8E35101AB}) (Version: 1.21.0.8242 - Tobii AB) Hidden
Tobii EyeX Config (HKLM-x32\...\{8AC172FB-3932-4986-A965-368328B7D1FC}) (Version: 4.7.0.942 - Tobii AB) Hidden
Tobii EyeX Interaction (HKLM-x32\...\{C0ABCA5C-E706-4616-8F13-32CB34739B13}) (Version: 2.10.0.4588 - Tobii AB) Hidden
Tobii EyeX Intro (HKLM-x32\...\{AF629577-33D6-4486-B113-3E5FCDE497D0}) (Version: 1.0.3.173 - Moonshot) Hidden
Tobii IS3 Eye Tracker Driver (HKLM-x32\...\{432D9D4E-D79E-4451-BF37-E36174D92E29}) (Version: 2.0.4 - Tobii AB) Hidden
Tobii PTP Filter Driver (HKLM\...\{AB77784C-40BA-4ABD-B7D6-5296773E8B67}) (Version: 1.1.0.75 - Tobii AB) Hidden
Tobii Service (HKLM-x32\...\{454ACCE1-E688-47C5-95A7-BAD66F78AA00}) (Version: 1.21.0.7209 - Tobii AB) Hidden
Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.15 - Tweaking.com)
UIInstallUpgrade (HKLM\...\{AC37CB0E-29C5-4B76-A6EC-533D72670523}) (Version: 1.1.501 - Alienware) Hidden
UnHackMe 9.70 (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
VR Fw Files (HKLM-x32\...\{AAC4BA55-7772-4519-8BD1-283196AC490A}) (Version: 1.0.0.0 - Tobii AB) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - Kionix, Inc. (kiox_ff_driver) Sensor I/O devices  (06/13/2016 1.1.5.1) (HKLM\...\5627B7BF339E63F3AA7A6C19623784C368E02915) (Version: 06/13/2016 1.1.5.1 - Kionix, Inc.)
Windows Driver Package - Kionix, Inc. kxdiskprot DiskDrive  (06/07/2016 1.1.3.7) (HKLM\...\F142B352F2F78EFD9B5E44B41013374C53F9D567) (Version: 06/07/2016 1.1.3.7 - Kionix, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki123065.inf_amd64_2f07c50de2875789\igfxDTCM.dll [2017-06-29] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-11] (NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0C348AA4-4212-471D-B0AA-5A5C170CB007} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {1178D1E5-0FAB-427E-93EB-19A8802CF8D2} - \Optimize Push Notification Data File-S-1-5-21-4247720935-3746245100-2290869119-1001 -> No File <==== ATTENTION
Task: {1B2EEB1E-2493-43C5-8A3C-30358CA250F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-18] (Google Inc.)
Task: {1D06D315-F5F5-4906-A7C0-4F937BE0B243} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-18] (Google Inc.)
Task: {1FF56059-AFFF-45F0-BC7A-0FD764C9A6AC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-27] (NVIDIA Corporation)
Task: {3756DCDD-06AF-4C93-A435-80D2AA70E639} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {3E9AB72B-D92C-4B63-B03E-4F2AE3AE4786} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {49388622-4966-4F24-AD10-979DEE95A224} - System32\Tasks\AWSoundCenterUILauncherRun => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe [2016-12-15] (A-Volute)
Task: {5A0C089A-216F-4D31-BD20-079B6904A49F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {7D4E953C-6C92-4584-9BA9-32543A020B07} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-27] (NVIDIA Corporation)
Task: {89883B06-497F-48B1-9F1B-5CA98C3F8E01} - System32\Tasks\AWSoundCenterSvc64Run => C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterSvc64.exe [2016-12-15] ()
Task: {8E22EB2A-DFE5-45E0-A35B-606BA3184B65} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {91CC1EA5-3608-4B4B-85A5-15EF84F6515D} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2018-03-21] (Greatis Software)
Task: {93C881BC-D492-4492-9D24-C64607C3EB64} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel® Corporation)
Task: {9B876C10-057D-4078-A5D4-088F6B0F10A2} - \Intel\Thunderbolt\Start Thunderbolt application when hardware is detected -> No File <==== ATTENTION
Task: {ABC81F7B-A2CB-47AE-8091-7770BC163F71} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2018-02-14] (Dell Inc.)
Task: {CA5D4D67-E43B-43A5-A078-9757D17B605C} - System32\Tasks\AWSoundCenterSvc32Run => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterSvc32.exe [2016-12-15] ()
Task: {D4F3C561-2D6A-48E9-B68D-F8DFEA517CFB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-27] (NVIDIA Corporation)
Task: {D84CDB29-2852-48E4-A952-5EB3DB14BEEC} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {D98A59D2-3C48-4503-A6A4-03F906865F66} - \Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up -> No File <==== ATTENTION
Task: {F472E620-36B4-43AF-8FF9-CC76E9861D67} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {F4A4F0F9-5BF3-4314-8C6A-9F4425D6F2D8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {F955C76A-672A-457F-91F7-46CE7E357115} - \Intel\Thunderbolt\Start Thunderbolt application on login if service is up -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\GPemu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jhficiigpnhhaojldmanflihieepanbb
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 09:41 - 2017-09-29 09:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-03-29 05:25 - 2018-03-29 05:25 - 000429304 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe
2018-03-14 11:10 - 2018-02-21 20:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 11:10 - 2018-02-21 20:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-27 23:09 - 2018-03-27 23:11 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-27 23:09 - 2018-03-27 23:11 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-27 23:09 - 2018-03-27 23:11 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-27 23:09 - 2018-03-27 23:11 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\skypert.dll
2018-03-27 23:09 - 2018-03-27 23:11 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-03-22 23:51 - 2018-03-20 02:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-22 23:51 - 2018-03-20 02:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-04-17 17:15 - 2018-04-17 17:15 - 000282864 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
2018-04-17 17:15 - 2018-04-17 17:15 - 000278256 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
2018-04-18 05:56 - 2018-04-18 05:56 - 000424688 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
2018-03-08 04:53 - 2018-03-08 04:53 - 000238080 _____ () C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
2018-03-28 02:31 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2018-03-28 02:31 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2018-03-28 02:31 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2018-03-25 15:58 - 2018-03-25 16:00 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2018-03-25 15:58 - 2018-03-25 16:00 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2018-03-25 15:58 - 2018-03-25 16:00 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2018-03-25 15:58 - 2018-03-25 16:00 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2018-03-25 15:58 - 2018-03-25 16:00 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
2018-04-19 11:18 - 2018-04-17 17:11 - 000149744 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll
2018-04-19 11:18 - 2018-04-17 17:11 - 000179440 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll
2018-04-19 11:18 - 2018-03-23 17:06 - 000206576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativePhilipsHueWrapper.dll
2018-04-19 11:18 - 2018-04-17 17:11 - 000202480 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.PowerPlan.dll
2018-04-19 11:18 - 2018-04-17 18:44 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll
2018-04-19 11:18 - 2018-04-17 17:11 - 000129776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll
2018-04-19 11:18 - 2018-04-17 18:44 - 000088304 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll
2018-04-19 11:18 - 2018-04-17 18:44 - 000294640 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll
2018-04-19 11:18 - 2018-04-17 18:44 - 000206064 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_MappingTypesM.dll
2018-04-19 11:18 - 2018-04-17 17:11 - 002278128 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000284400 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_Battery.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000569072 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_DeviceStatus.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000283376 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_DriverMode.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000324336 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_Lighting.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000148720 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_Mapping.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000560880 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_MappingBaseM.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000513776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_OnboardMem.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000307952 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_PollingRate.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000321776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_PowerManagement.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000285424 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_PowerSwitch.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000329456 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_Sensitivity.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000401648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_SurfaceCalBaseM.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_SurfaceCalPixart.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000284400 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_Battery.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000321264 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\Rsy3_DedicatedMatPowerIndicator.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000569072 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_DeviceStatus.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000283376 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_DriverMode.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000324336 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_Lighting.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000148720 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_Mapping.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000560880 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_MappingBaseM.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000513776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_OnboardMem.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000307952 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_PollingRate.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000321776 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_PowerManagement.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000285424 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_PowerSwitch.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000329456 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_Sensitivity.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000401648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_SurfaceCalBaseM.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia Mat\Bin\RSy3_SurfaceCalPixart.dll
2018-04-19 11:18 - 2018-03-23 22:30 - 000569072 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DeviceStatus.dll
2018-04-19 11:18 - 2018-03-23 22:30 - 000281328 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DriverMode.dll
2018-04-19 11:18 - 2018-04-12 17:39 - 000049904 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Mia\Bin\RSy3_KeyboardKeys.dll
2018-04-18 05:52 - 2018-04-18 05:52 - 000129776 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7936 more sites.
 
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\123simsen.com -> www.123simsen.com
 
There are 7936 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 09:46 - 2018-04-19 11:07 - 000014618 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
0.0.0.0 0x1f4b0.com
0.0.0.0 1q2w3.fun
0.0.0.0 1q2w3.website
0.0.0.0 2giga.dowload
0.0.0.0 2giga.link
0.0.0.0 8jd2lfsq.me
0.0.0.0 aalbbh84.info
0.0.0.0 adless.io
0.0.0.0 ad-miner.com
0.0.0.0 adrenali.gq
0.0.0.0 afflow.18-plus.net
0.0.0.0 afminer.com
0.0.0.0 ajcryptominer.com
0.0.0.0 ajplugins.com
0.0.0.0 akvideo.stream
0.0.0.0 allfontshere.press
0.0.0.0 altavista.ovh
0.0.0.0 amhixwqagiz.ru
0.0.0.0 analytics.blue
0.0.0.0 andlache.com
0.0.0.0 anime.reactor.cc
0.0.0.0 a-o.ninja
0.0.0.0 api.inwemo.com
0.0.0.0 appelamule.com
0.0.0.0 aservices.party
0.0.0.0 aster18cdn.nl
0.0.0.0 audioknigi.club
0.0.0.0 auroramine.com
0.0.0.0 authedmine.com
 
There are 533 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\AW_EclipseHead_Final_2016.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{A02E5882-7735-4A90-9CF7-1BAB14C53A63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777935}}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA9}}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777934}}] => (Allow) C:\Program Files (x86)\UnHackMe\regruninfo.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA8}}] => (Allow) C:\Program Files (x86)\UnHackMe\regruninfo.exe
FirewallRules: [{9F01DC92-B3C3-472F-AABC-E18866E7907E}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe
FirewallRules: [{8CC8A02B-9F53-4834-AA0D-E0B7311FC456}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{FD3E4043-20D0-4E4F-AC78-52F333E8BF15}] => (Allow) C:\Program Files (x86)\UnHackMe\RegRunInfo.exe
FirewallRules: [{BC65F5D0-81B6-4088-A649-C3077B30A24C}] => (Allow) C:\Program Files (x86)\UnHackMe\wu.exe
FirewallRules: [{F59BC5EB-3ABD-405B-8782-FFA166AD3839}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{76276A16-70E0-459A-85CE-71BCFEC9807F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1602D707-DDAB-4067-9889-3610B8F46BF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1B3406A6-4C3C-4C52-B0C0-E8E1BEC194EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B1BCAAE1-DE9D-4BC2-A28B-5311EFD3F67E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3EDACB8B-A39A-42CE-BD9D-A88D1925F25B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EF5D1B96-536E-48C3-AD45-C869CBD30508}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{93247378-AA31-44C0-9674-F1E23DBBEE52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{BBBEE3C8-D98D-4831-A140-AD97CB291BF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{A6705011-3E3D-4E8E-B13C-47E8FAE2EA20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.78.999.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
14-04-2018 18:48:20 Scheduled Checkpoint
15-04-2018 19:00:47 Windows Backup
 
==================== Faulty Device Manager Devices =============
 
Name: Killer E2500 Gigabit Ethernet Controller
Description: Killer E2500 Gigabit Ethernet Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Rivet Networks
Service: e2xw10x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/19/2018 11:09:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (04/19/2018 11:09:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service ".NETFramework" in DLL "C:\Windows\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (04/19/2018 11:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0000000000000000
Faulting process id: 0x608
Faulting application start time: 0x01d3d7ef86287351
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 726a68f1-5af0-4125-875d-445c13599abb
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/18/2018 11:39:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChessProgram16.exe, version: 16.10.0.0, time stamp: 0x5aba1d38
Faulting module name: SView4.dll, version: 6.8.0.0, time stamp: 0x5aba16dc
Exception code: 0xc0000005
Fault offset: 0x0000000000011a28
Faulting process id: 0x1158
Faulting application start time: 0x01d3d7217e139d5b
Faulting application path: C:\Program Files\ChessBase\ChessProgram16\ChessProgram16.exe
Faulting module path: C:\Program Files\ChessBase\ChessProgram16\SView4.dll
Report Id: 91773ac2-daeb-4e8f-a2cc-95a7cd891350
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/18/2018 08:31:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ChessProgram16.exe, version: 16.10.0.0, time stamp: 0x5aba1d38
Faulting module name: SView4.dll, version: 6.8.0.0, time stamp: 0x5aba16dc
Exception code: 0xc0000005
Fault offset: 0x0000000000011a28
Faulting process id: 0x2a1c
Faulting application start time: 0x01d3d70afb243271
Faulting application path: C:\Program Files\ChessBase\ChessProgram16\ChessProgram16.exe
Faulting module path: C:\Program Files\ChessBase\ChessProgram16\SView4.dll
Report Id: bc411e56-caa5-49a6-974b-411f843fdde3
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/18/2018 07:02:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x0000000000000000
Faulting process id: 0x600
Faulting application start time: 0x01d3d704a6566c33
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: b2611d00-769a-457e-9bc5-9141f05d7960
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/18/2018 06:58:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (04/18/2018 06:58:02 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service ".NETFramework" in DLL "C:\Windows\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
 
System errors:
=============
Error: (04/19/2018 11:18:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/19/2018 11:16:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-G62600D)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-G62600D\Aliens SID (S-1-5-21-4247720935-3746245100-2290869119-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/19/2018 11:14:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Synapse Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/19/2018 11:14:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Razer Central Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/19/2018 11:13:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/19/2018 11:06:57 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-G62600D)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-G62600D\Aliens SID (S-1-5-21-4247720935-3746245100-2290869119-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/19/2018 11:06:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (04/19/2018 11:04:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMSwissArmy service failed to start due to the following error: 
The system cannot find the file specified.
 
 
Windows Defender:
===================================
Date: 2018-03-20 01:10:11.385
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DF1860C9-8F29-4374-A6D1-547AD6A9BBC1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-03-20 00:56:39.743
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E91B9BF5-746A-47A0-B7B2-093D1BB70848}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-03-20 00:46:49.590
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D01D3352-10BD-43E9-A2D5-17B3A9B5206D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-03-20 00:30:42.357
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9058506C-4BCE-40E9-A1C3-4D2FAD3879A6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-03-20 00:01:15.823
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {24CD2CD0-7376-4E30-8B1B-BF358F1E453F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-03-28 04:13:05.243
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.263.1631.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-03-28 04:13:05.243
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 0.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version: 
Previous Engine Version: 0.0.0.0
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-03-28 04:13:05.239
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.263.1631.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-03-28 04:13:05.239
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.263.1631.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-03-28 04:13:05.239
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.263.1631.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
CodeIntegrity:
===================================
 
Date: 2018-04-15 18:26:10.990
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2018-04-15 12:05:12.979
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2018-04-14 21:18:42.559
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2018-04-14 17:56:43.490
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.
 
Date: 2018-04-14 17:56:43.480
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.
 
Date: 2018-04-14 17:56:42.934
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-04-14 17:56:40.968
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.
 
Date: 2018-04-14 17:56:40.930
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-7820HK CPU @ 2.90GHz
Percentage of memory in use: 49%
Total physical RAM: 16218.69 MB
Available physical RAM: 8154.58 MB
Total Virtual: 32602.69 MB
Available Virtual: 24190.5 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:223.6 GB) (Free:152.21 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:722.72 GB) NTFS
 
\\?\Volume{03ffe169-6e54-42f7-a397-cd3dd9064f9a}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32
\\?\Volume{0c3668ca-5e11-442e-9548-9189998e37e1}\ (WINRETOOLS) (Fixed) (Total:0.45 GB) (Free:0.07 GB) NTFS
\\?\Volume{5c28431a-5dbe-4652-9089-62ae9190b7f5}\ (Image) (Fixed) (Total:12.73 GB) (Free:0.17 GB) NTFS
\\?\Volume{ea98b27b-d6f3-4640-a53b-acf3f7fa99a7}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:0.37 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C0A9D41A)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: C0A9CCDF)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,138 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:11 AM

Posted Yesterday, 02:50 PM

Thank you for the reports.

Do you recognize these?

C:\Users\Aliens\Downloads\auerswald.ini
C:\Users\Aliens\Downloads\auerswald.pgi
C:\Users\Aliens\Downloads\Position.ini
C:\Users\Aliens\Downloads\auerswald.pgn


Please do this. If necessary, run the RKill steps again before running the fix.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time (there is no need to paste the information anywhere)
Start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 1
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-18\...\Run: [] => [X]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Task: {0C348AA4-4212-471D-B0AA-5A5C170CB007} - \Safer-Networking\Spybot - Search and Destroy\Check for updates
Task: {1178D1E5-0FAB-427E-93EB-19A8802CF8D2} - \Optimize Push Notification Data File-S-1-5-21-4247720935-3746245100-2290869119-1001
Task: {3756DCDD-06AF-4C93-A435-80D2AA70E639} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization
Task: {9B876C10-057D-4078-A5D4-088F6B0F10A2} - \Intel\Thunderbolt\Start Thunderbolt application when hardware is detected
Task: {D84CDB29-2852-48E4-A952-5EB3DB14BEEC} - \Safer-Networking\Spybot - Search and Destroy\Scan the system
Task: {D98A59D2-3C48-4503-A6A4-03F906865F66} - \Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up
Task: {F955C76A-672A-457F-91F7-46CE7E357115} - \Intel\Thunderbolt\Start Thunderbolt application on login if service is up
Folder: C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP-
Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-
emptytemp:
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Check your computer performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Recognize entries?
  • Fixlog
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 ryanbozant

ryanbozant
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted Yesterday, 03:43 PM

I recognize the files. They are for chess.
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by Aliens (19-04-2018 16:35:48) Run:1
Running from C:\Users\Aliens\Desktop
Loaded Profiles: Aliens (Available Profiles: Aliens)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [NoDriveAutoRun-] 0
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 1
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 1
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 1
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\Policies\Explorer: [NoDriveAutoRun-]
0
HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\...\Policies\Explorer: [NoDriveTypeAutoRun-] 0
HKU\S-1-5-18\...\Run: [] => [X]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Task: {0C348AA4-4212-471D-B0AA-5A5C170CB007} - \Safer-Networking\Spybot - Search and Destroy\Check for updates
Task: {1178D1E5-0FAB-427E-93EB-19A8802CF8D2} - \Optimize Push Notification Data File-S-1-5-21-4247720935-3746245100-2290869119-1001
Task: {3756DCDD-06AF-4C93-A435-80D2AA70E639} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization
Task: {9B876C10-057D-4078-A5D4-088F6B0F10A2} - \Intel\Thunderbolt\Start Thunderbolt application when hardware is detected
Task: {D84CDB29-2852-48E4-A952-5EB3DB14BEEC} - \Safer-Networking\Spybot - Search and Destroy\Scan the system
Task:
{D98A59D2-3C48-4503-A6A4-03F906865F66} - \Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up
Task: {F955C76A-672A-457F-91F7-46CE7E357115} - \Intel\Thunderbolt\Start Thunderbolt application on login if service is up
Folder: C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP-
Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-
emptytemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveAutoRun-" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveTypeAutoRun-" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\MemCheckBoxInRunDlg" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce" => removed successfully
"HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveAutoRun-" => removed successfully
0 => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-4247720935-3746245100-2290869119-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDriveTypeAutoRun-" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision" => removed successfully
"FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming" => removed successfully
"FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C348AA4-4212-471D-B0AA-5A5C170CB007}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C348AA4-4212-471D-B0AA-5A5C170CB007}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1178D1E5-0FAB-427E-93EB-19A8802CF8D2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1178D1E5-0FAB-427E-93EB-19A8802CF8D2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3756DCDD-06AF-4C93-A435-80D2AA70E639}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3756DCDD-06AF-4C93-A435-80D2AA70E639}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B876C10-057D-4078-A5D4-088F6B0F10A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B876C10-057D-4078-A5D4-088F6B0F10A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D84CDB29-2852-48E4-A952-5EB3DB14BEEC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D84CDB29-2852-48E4-A952-5EB3DB14BEEC}" => removed successfully
Task: => Error: No automatic fix found for this entry.
{D98A59D2-3C48-4503-A6A4-03F906865F66} - \Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F955C76A-672A-457F-91F7-46CE7E357115}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F955C76A-672A-457F-91F7-46CE7E357115}" => removed successfully
 
========================= Folder: C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP- ========================
 
 
====== End of Folder: ======
 
 
========================= Folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup- ========================
 
 
====== End of Folder: ======
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10574420 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 45435760 B
Edge => 9721018 B
Chrome => 108074596 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 572928 B
systemprofile32 => 0 B
LocalService => 138092 B
NetworkService => 239264 B
Aliens => 64255631 B
 
RecycleBin => 0 B
EmptyTemp: => 235.5 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 16:36:51 ====


#6 ryanbozant

ryanbozant
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted Yesterday, 03:50 PM

My computer started better and was fine for a few minutes. However, when I started Chrome to send you the fix log my computer froze for a few seconds. Every time I switch to another window and then back to Chrome it freezes for a few seconds.



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,138 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:11 AM

Posted Yesterday, 04:15 PM

Thank you.

Are you able to use your computer normally except for Chrome?

Now this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time (there is no need to paste the information anywhere)
Start::
C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP-
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Disabling Plug-ins and Extensions in Google Chrome

--------------------
  • Press the Windows Key + R at the same time
  • Copy and paste the following into the search box

chrome --disable-extensions

  • Click OK
  • Test the browser performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Computer performance?
  • Fixlog
  • Chrome performance?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 ryanbozant

ryanbozant
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted Yesterday, 04:32 PM

My internet has been unable to connect to multiple servers for a couple of years now on multiple machines in my house. The last fix did not fix that. The performance is overall ok that I can see. I guess to make it easier for me to explain, I had to buy a subscription to a VPN just to connect to certain sites.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by Aliens (19-04-2018 17:24:45) Run:2
Running from C:\Users\Aliens\Desktop
Loaded Profiles: Aliens (Available Profiles: Aliens)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP-
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-
 
*****************
 
C:\Users\Aliens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\STARTUP- => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup- => moved successfully
 
==== End of Fixlog 17:24:45 ====


#9 ryanbozant

ryanbozant
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:11 AM

Posted Yesterday, 05:20 PM

i also get this error every time i close a program

Attached Files



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,138 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:11 AM

Posted Yesterday, 07:33 PM

Greetings.

It would help greatly if you directly address the things I need to understand.

I am at my breaking point and honestly feel like giving up computers for good. My computers have the same things wrong with each. I have no permission to access anything. Ive used every program you have on this site and every time there is a difficult virus where something extra needs to be done it doesnt work. My pagefile is out of my control as well as indexing. help!

Has this been resolved?

-----

Does Chrome work better after following the steps I provided?

-----

Please do this.

===================================================

Updating Driver Through Device Manager

----------
  • Press windows key Windows Key + R at the same time
  • Type devmgmt.msc and press Enter
  • Expand the Display Adapters category by clicking the + sign
  • Individually right click on every NVIDIA entry and select Update Driver
  • Allow the computer to check Windows Update by selecting Yes, this time only then click Next
  • Select Install the software automatically (Recommended) then click Next
===================================================

Disabling Fullscreen Optimization

----------
  • Hit the Windows Key + E at the same time
  • Navigate to the following file:

C:\Program Files\ChessBase\ChessProgram16\ChessProgram16.exe

  • Right click on the icon and select Properties
  • Click the Compatibility tab
  • Check the Disable fullscreen optimization and Run this program as an administrator boxes
  • Click Apply, then OK
  • Reboot your computer and test your Chess program
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Response to questions
  • Drivers update?
  • Disable Fullscreen?
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users