Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

help I think i got a bug


  • This topic is locked This topic is locked
2 replies to this topic

#1 therealangrybeef

therealangrybeef

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:36 AM

Posted 10 June 2018 - 11:46 AM

everyhting boots way slow weird windows pop up and disappear. just general mischief abounding please advise...the following are my frst and addition logs respectivelyl..


FRST:Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01

Ran by ninjarig (administrator) on RHODONA-ESCOBAR (10-06-2018 11:13:03)
Running from C:\Users\theri\Documents\Downloads
Loaded Profiles: ninjarig (Available Profiles: defaultuser0 & ninjarig & Administrator)
Platform: Windows 10 Pro Version 1803 17134.81 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Pro Tools First\MMERefresh.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Scarlet.Crush Productions) C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Akai Professional) C:\Program Files (x86)\Akai Pro\Internal MIDI\AkaiMidiMon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Deluge Team) C:\Program Files (x86)\Deluge\deluge.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\theri\Documents\Downloads\FRST.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2017-10-16] (Avid Technology, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-15] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3222448 2017-10-12] (Dominik Reichl)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [56894944 2017-11-11] (Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-15] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\Run: [Vivaldi Update Notifier] => C:\Program Files (x86)\Vivaldi\Application\update_notifier.exe [3780728 2017-10-27] (Vivaldi Technologies AS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2017-10-27]
ShortcutTarget: Avid Application Manager.lnk -> C:\Program Files\Avid\Application Manager\AvidApplicationManager.exe (Avid Technology, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Internal MIDI Monitor.lnk [2017-11-25]
ShortcutTarget: Internal MIDI Monitor.lnk -> C:\Program Files (x86)\Akai Pro\Internal MIDI\AkaiMidiMon.exe (Akai Professional)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a9a3b62-fee0-4572-93bd-bff964d7e507}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\x64\VSGNx64.dll => No File
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-04] (Oracle Corporation)
BHO-x32: VIPRE Search Guard Helper -> {963C8283-AE7F-4AA6-9B3B-847A8FC62C5E} -> C:\Program Files (x86)\VIPRE\VSGN.dll => No File
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-04] (Oracle Corporation)
Toolbar: HKLM - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
Toolbar: HKLM-x32 - VIPRE Search Guard Toolbar - {A924C17A-5E94-4E02-BED5-49720BA6F7FA} -  No File
Handler: vipresg - {47BE2E5B-703B-444F-ABD3-05717D2191C6} - C:\Program Files (x86)\VIPRE\VSGN.dll No File
 
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-08-26] [Legacy] [not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-04] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default [2018-06-10]
CHR Extension: (Slides) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
CHR Extension: (Docs) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
CHR Extension: (Google Drive) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-10]
CHR Extension: (YouTube) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-10]
CHR Extension: (Avast Passwords) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-06-08]
CHR Extension: (Avast SafePrice) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-06]
CHR Extension: (Sheets) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-10]
CHR Extension: (Google Docs Offline) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-11]
CHR Extension: (Avast Online Security) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-10]
CHR Extension: (Chrome Media Router) - C:\Users\theri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR Extension: (Amazon Assistant for Opera) - C:\Users\theri\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2018-06-07]
OPR Extension: (ESET Password Manager Autofill Engine) - C:\Users\theri\AppData\Roaming\Opera Software\Opera Stable\Extensions\ofcefbdcehappcfljclmpmappkogffoe [2017-11-10]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., Ltd.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-15] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-15] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools First\MMERefresh.exe [117760 2017-10-16] (Avid Technology, Inc.) [File not signed]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools First\digisptiservice64.exe [197632 2017-10-16] (Avid Technology, Inc.) [File not signed]
R2 Ds3Service; C:\Program Files\WiinUSoft\SCP_Driver\ScpService.exe [381952 2015-09-04] (Scarlet.Crush Productions) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [329192 2016-06-02] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [355184 2017-09-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-05-05] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-05-05] (Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X] <==== ATTENTION
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AkaiPrompcMidi1; C:\WINDOWS\system32\drivers\mpcmidi.sys [14336 2013-01-22] (Akai Professional)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-15] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-19] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-19] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-19] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-19] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-15] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-15] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-15] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-15] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-15] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-15] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-15] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-03-06] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-15] (AVAST Software)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (OSR Open Systems Resources, Inc.)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2017-10-05] (ESET)
R3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [96400 2018-01-09] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBAudio; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [54416 2018-01-09] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [97936 2018-01-09] (Focusrite Audio Engineering Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-10-08] (REALiX™)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [644968 2013-08-30] (Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-10] (Malwarebytes)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-11] (Microsoft Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2018-04-11] (Intel Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2015-09-04] (Scarlet.Crush Productions)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMicroelectronics)
S3 teVirtualMIDI64; C:\WINDOWS\system32\DRIVERS\teVirtualMIDI64.sys [41016 2015-07-12] (Tobias Erichsen)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [34816 2014-05-03] (Elaborate Bytes AG) [File not signed]
S3 VSScanner; C:\WINDOWS\System32\DRIVERS\vsscanner.sys [29808 2016-08-18] (VoodooSoft, LLC)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-05] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313888 2018-05-05] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-05] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-10 08:50 - 2018-06-10 08:50 - 000000000 __HDC C:\$Windows.~WS
2018-06-10 08:50 - 2018-06-10 08:50 - 000000000 ___DC C:\$WINDOWS.~BT
2018-06-10 07:31 - 2018-06-10 07:31 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2018-06-10 05:40 - 2018-06-10 05:40 - 000002067 _____ C:\Users\theri\Documents\SAVE ONE.rpp
2018-06-10 02:37 - 2018-06-10 02:37 - 000001691 _____ C:\WINDOWS\ST6UNST.000
2018-06-05 03:36 - 2018-06-05 03:36 - 000000218 _____ C:\Users\theri\AppData\Local\recently-used.xbel
2018-06-04 19:41 - 2018-06-04 19:43 - 011890750 _____ C:\Users\theri\03-180604_1941-01.wav
2018-06-04 19:41 - 2018-06-04 19:43 - 011890750 _____ C:\Users\theri\02-180604_1941-01.wav
2018-06-04 19:41 - 2018-06-04 19:43 - 000115442 _____ C:\Users\theri\03-180604_1941-01.wav.reapeaks
2018-06-04 19:41 - 2018-06-04 19:43 - 000115442 _____ C:\Users\theri\02-180604_1941-01.wav.reapeaks
2018-06-04 19:41 - 2018-06-04 19:41 - 000982540 _____ C:\Users\theri\03-180604_1941.wav
2018-06-04 19:41 - 2018-06-04 19:41 - 000982540 _____ C:\Users\theri\02-180604_1941.wav
2018-06-04 19:41 - 2018-06-04 19:41 - 000009578 _____ C:\Users\theri\03-180604_1941.wav.reapeaks
2018-06-04 19:41 - 2018-06-04 19:41 - 000009578 _____ C:\Users\theri\02-180604_1941.wav.reapeaks
2018-06-04 19:39 - 2018-06-04 19:39 - 002093136 _____ C:\Users\theri\03-180604_1939.wav
2018-06-04 19:39 - 2018-06-04 19:39 - 002093136 _____ C:\Users\theri\02-180604_1939.wav
2018-06-04 19:39 - 2018-06-04 19:39 - 000020354 _____ C:\Users\theri\03-180604_1939.wav.reapeaks
2018-06-04 19:39 - 2018-06-04 19:39 - 000020354 _____ C:\Users\theri\02-180604_1939.wav.reapeaks
2018-06-04 19:11 - 2018-06-04 19:11 - 001073808 _____ C:\Users\theri\03-180604_1911.wav
2018-06-04 19:11 - 2018-06-04 19:11 - 001073808 _____ C:\Users\theri\02-180604_1911.wav
2018-06-04 19:11 - 2018-06-04 19:11 - 000010466 _____ C:\Users\theri\03-180604_1911.wav.reapeaks
2018-06-04 19:11 - 2018-06-04 19:11 - 000010466 _____ C:\Users\theri\02-180604_1911.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:11 - 001289424 _____ C:\Users\theri\03-180604_1910-04.wav
2018-06-04 19:10 - 2018-06-04 19:11 - 001289424 _____ C:\Users\theri\02-180604_1910-04.wav
2018-06-04 19:10 - 2018-06-04 19:11 - 000012554 _____ C:\Users\theri\03-180604_1910-04.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:11 - 000012554 _____ C:\Users\theri\02-180604_1910-04.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 001955088 _____ C:\Users\theri\03-180604_1910-03.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 001955088 _____ C:\Users\theri\02-180604_1910-03.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 001429584 _____ C:\Users\theri\03-180604_1910-01.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 001429584 _____ C:\Users\theri\02-180604_1910-01.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 001392144 _____ C:\Users\theri\03-180604_1910-02.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 001392144 _____ C:\Users\theri\02-180604_1910-02.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 001279248 _____ C:\Users\theri\03-180604_1910.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 001279248 _____ C:\Users\theri\02-180604_1910.wav
2018-06-04 19:10 - 2018-06-04 19:10 - 000019014 _____ C:\Users\theri\03-180604_1910-03.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 000019014 _____ C:\Users\theri\02-180604_1910-03.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 000013910 _____ C:\Users\theri\03-180604_1910-01.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 000013910 _____ C:\Users\theri\02-180604_1910-01.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 000013550 _____ C:\Users\theri\03-180604_1910-02.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 000013550 _____ C:\Users\theri\02-180604_1910-02.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 000012454 _____ C:\Users\theri\03-180604_1910.wav.reapeaks
2018-06-04 19:10 - 2018-06-04 19:10 - 000012454 _____ C:\Users\theri\02-180604_1910.wav.reapeaks
2018-06-04 18:55 - 2018-06-04 18:55 - 001117900 _____ C:\Users\theri\03-180604_1855.wav
2018-06-04 18:55 - 2018-06-04 18:55 - 001117900 _____ C:\Users\theri\02-180604_1855.wav
2018-06-04 18:55 - 2018-06-04 18:55 - 001105228 _____ C:\Users\theri\03-180604_1855-01.wav
2018-06-04 18:55 - 2018-06-04 18:55 - 001105228 _____ C:\Users\theri\02-180604_1855-01.wav
2018-06-04 18:55 - 2018-06-04 18:55 - 000010890 _____ C:\Users\theri\03-180604_1855.wav.reapeaks
2018-06-04 18:55 - 2018-06-04 18:55 - 000010890 _____ C:\Users\theri\02-180604_1855.wav.reapeaks
2018-06-04 18:55 - 2018-06-04 18:55 - 000010766 _____ C:\Users\theri\03-180604_1855-01.wav.reapeaks
2018-06-04 18:55 - 2018-06-04 18:55 - 000010766 _____ C:\Users\theri\02-180604_1855-01.wav.reapeaks
2018-06-04 18:53 - 2018-06-04 18:54 - 001339852 _____ C:\Users\theri\03-180604_1853-01.wav
2018-06-04 18:53 - 2018-06-04 18:54 - 001339852 _____ C:\Users\theri\02-180604_1853-01.wav
2018-06-04 18:53 - 2018-06-04 18:54 - 000013046 _____ C:\Users\theri\03-180604_1853-01.wav.reapeaks
2018-06-04 18:53 - 2018-06-04 18:54 - 000013046 _____ C:\Users\theri\02-180604_1853-01.wav.reapeaks
2018-06-04 18:53 - 2018-06-04 18:53 - 001279372 _____ C:\Users\theri\03-180604_1853.wav
2018-06-04 18:53 - 2018-06-04 18:53 - 001279372 _____ C:\Users\theri\02-180604_1853.wav
2018-06-04 18:53 - 2018-06-04 18:53 - 000012458 _____ C:\Users\theri\03-180604_1853.wav.reapeaks
2018-06-04 18:53 - 2018-06-04 18:53 - 000012458 _____ C:\Users\theri\02-180604_1853.wav.reapeaks
2018-06-04 18:51 - 2018-06-04 18:51 - 001353552 _____ C:\Users\theri\03-180604_1851.wav
2018-06-04 18:51 - 2018-06-04 18:51 - 001353552 _____ C:\Users\theri\02-180604_1851.wav
2018-06-04 18:51 - 2018-06-04 18:51 - 000013178 _____ C:\Users\theri\03-180604_1851.wav.reapeaks
2018-06-04 18:51 - 2018-06-04 18:51 - 000013178 _____ C:\Users\theri\02-180604_1851.wav.reapeaks
2018-06-04 18:50 - 2018-06-04 18:51 - 001357968 _____ C:\Users\theri\03-180604_1850-02.wav
2018-06-04 18:50 - 2018-06-04 18:51 - 001357968 _____ C:\Users\theri\02-180604_1850-02.wav
2018-06-04 18:50 - 2018-06-04 18:51 - 000013222 _____ C:\Users\theri\03-180604_1850-02.wav.reapeaks
2018-06-04 18:50 - 2018-06-04 18:51 - 000013222 _____ C:\Users\theri\02-180604_1850-02.wav.reapeaks
2018-06-04 18:50 - 2018-06-04 18:50 - 002356944 _____ C:\Users\theri\03-180604_1850-01.wav
2018-06-04 18:50 - 2018-06-04 18:50 - 002356944 _____ C:\Users\theri\02-180604_1850-01.wav
2018-06-04 18:50 - 2018-06-04 18:50 - 000944400 _____ C:\Users\theri\03-180604_1850.wav
2018-06-04 18:50 - 2018-06-04 18:50 - 000944400 _____ C:\Users\theri\02-180604_1850.wav
2018-06-04 18:50 - 2018-06-04 18:50 - 000022914 _____ C:\Users\theri\03-180604_1850-01.wav.reapeaks
2018-06-04 18:50 - 2018-06-04 18:50 - 000022914 _____ C:\Users\theri\02-180604_1850-01.wav.reapeaks
2018-06-04 18:50 - 2018-06-04 18:50 - 000009206 _____ C:\Users\theri\03-180604_1850.wav.reapeaks
2018-06-04 18:50 - 2018-06-04 18:50 - 000009206 _____ C:\Users\theri\02-180604_1850.wav.reapeaks
2018-06-04 09:28 - 2018-06-04 06:38 - 000000000 ___DC C:\Windows.old
2018-06-04 09:24 - 2018-06-04 09:28 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-06-04 09:24 - 2018-06-04 09:24 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-06-04 09:24 - 2018-06-04 09:24 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-06-04 09:22 - 2018-06-04 09:22 - 025844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 022709248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 022001664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 020383712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 007582720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 007436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 006816848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 006567904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 006527568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004787960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004563968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004402768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004372480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003733312 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002896896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002836376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002564984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002536056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002486984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-04 09:22 - 2018-06-04 09:22 - 002016256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-04 09:22 - 2018-06-04 09:22 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001947808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001800080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001462288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-04 09:22 - 2018-06-04 09:22 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001209792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-04 09:22 - 2018-06-04 09:22 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-04 09:22 - 2018-06-04 09:22 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001017056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-04 09:22 - 2018-06-04 09:22 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-04 09:22 - 2018-06-04 09:22 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000861608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000826776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000748504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000722288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000707480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-06-04 09:22 - 2018-06-04 09:22 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000652184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-06-04 09:22 - 2018-06-04 09:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000457144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000416120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000399768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000193936 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-04 09:22 - 2018-06-04 09:22 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-04 09:22 - 2018-06-04 09:22 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-04 09:22 - 2018-06-04 09:22 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-04 09:22 - 2018-06-04 09:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-04 09:22 - 2018-06-04 09:22 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-06-04 09:20 - 2018-06-04 09:20 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-06-04 09:20 - 2018-06-04 09:20 - 000000000 ____D C:\Program Files\MSBuild
2018-06-04 09:20 - 2018-06-04 09:20 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-06-04 09:20 - 2018-06-04 09:20 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-06-04 09:20 - 2018-04-11 09:48 - 000100352 ____C (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-06-04 09:20 - 2018-04-11 09:45 - 004492288 ____C (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-06-04 09:20 - 2018-04-11 09:41 - 000925696 ____C (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-06-04 09:20 - 2018-04-11 08:14 - 000082432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-06-04 09:20 - 2018-04-11 08:12 - 003398144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-06-04 09:20 - 2018-04-11 08:09 - 000575488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-06-04 09:20 - 2018-03-05 19:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-06-04 09:20 - 2018-03-05 19:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-06-04 09:20 - 2018-03-05 19:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-06-04 09:20 - 2018-02-14 19:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-06-04 09:20 - 2018-02-14 19:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-06-04 09:20 - 2018-02-14 19:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-06-04 09:20 - 2017-10-29 21:03 - 000076060 ____C C:\WINDOWS\system32\xpsrchvw.xml
2018-06-04 09:20 - 2017-10-29 19:42 - 000076060 ____C C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-06-04 07:53 - 2018-06-04 07:53 - 001145164 _____ C:\Users\theri\02-180604_0753.wav
2018-06-04 07:53 - 2018-06-04 07:53 - 001145164 _____ C:\Users\theri\01-180604_0753.wav
2018-06-04 07:53 - 2018-06-04 07:53 - 000011158 _____ C:\Users\theri\02-180604_0753.wav.reapeaks
2018-06-04 07:53 - 2018-06-04 07:53 - 000011158 _____ C:\Users\theri\01-180604_0753.wav.reapeaks
2018-06-04 07:51 - 2018-06-04 07:51 - 001224844 _____ C:\Users\theri\02-180604_0751.wav
2018-06-04 07:51 - 2018-06-04 07:51 - 001224844 _____ C:\Users\theri\01-180604_0751.wav
2018-06-04 07:51 - 2018-06-04 07:51 - 001161868 _____ C:\Users\theri\02-180604_0751-01.wav
2018-06-04 07:51 - 2018-06-04 07:51 - 001161868 _____ C:\Users\theri\01-180604_0751-01.wav
2018-06-04 07:51 - 2018-06-04 07:51 - 000011930 _____ C:\Users\theri\02-180604_0751.wav.reapeaks
2018-06-04 07:51 - 2018-06-04 07:51 - 000011930 _____ C:\Users\theri\01-180604_0751.wav.reapeaks
2018-06-04 07:51 - 2018-06-04 07:51 - 000011314 _____ C:\Users\theri\02-180604_0751-01.wav.reapeaks
2018-06-04 07:51 - 2018-06-04 07:51 - 000011314 _____ C:\Users\theri\01-180604_0751-01.wav.reapeaks
2018-06-04 07:50 - 2018-06-04 07:50 - 001353100 _____ C:\Users\theri\02-180604_0750.wav
2018-06-04 07:50 - 2018-06-04 07:50 - 001353100 _____ C:\Users\theri\01-180604_0750.wav
2018-06-04 07:50 - 2018-06-04 07:50 - 000013174 _____ C:\Users\theri\02-180604_0750.wav.reapeaks
2018-06-04 07:50 - 2018-06-04 07:50 - 000013174 _____ C:\Users\theri\01-180604_0750.wav.reapeaks
2018-06-04 07:41 - 2018-06-04 07:42 - 007208908 _____ C:\Users\theri\02-180604_0741.wav
2018-06-04 07:41 - 2018-06-04 07:42 - 007208908 _____ C:\Users\theri\01-180604_0741.wav
2018-06-04 07:41 - 2018-06-04 07:42 - 000070006 _____ C:\Users\theri\02-180604_0741.wav.reapeaks
2018-06-04 07:41 - 2018-06-04 07:42 - 000070006 _____ C:\Users\theri\01-180604_0741.wav.reapeaks
2018-06-04 07:39 - 2018-06-04 07:41 - 012902668 _____ C:\Users\theri\02-180604_0739.wav
2018-06-04 07:39 - 2018-06-04 07:41 - 012902668 _____ C:\Users\theri\01-180604_0739.wav
2018-06-04 07:39 - 2018-06-04 07:41 - 000125266 _____ C:\Users\theri\02-180604_0739.wav.reapeaks
2018-06-04 07:39 - 2018-06-04 07:41 - 000125266 _____ C:\Users\theri\01-180604_0739.wav.reapeaks
2018-06-04 07:35 - 2018-06-04 07:35 - 003201100 _____ C:\Users\theri\02-180604_0735.wav
2018-06-04 07:35 - 2018-06-04 07:35 - 003201100 _____ C:\Users\theri\01-180604_0735.wav
2018-06-04 07:35 - 2018-06-04 07:35 - 000031110 _____ C:\Users\theri\02-180604_0735.wav.reapeaks
2018-06-04 07:35 - 2018-06-04 07:35 - 000031110 _____ C:\Users\theri\01-180604_0735.wav.reapeaks
2018-06-04 07:31 - 2018-06-04 07:32 - 010468108 _____ C:\Users\theri\02-180604_0731.wav
2018-06-04 07:31 - 2018-06-04 07:32 - 010468108 _____ C:\Users\theri\01-180604_0731.wav
2018-06-04 07:31 - 2018-06-04 07:32 - 000101638 _____ C:\Users\theri\02-180604_0731.wav.reapeaks
2018-06-04 07:31 - 2018-06-04 07:32 - 000101638 _____ C:\Users\theri\01-180604_0731.wav.reapeaks
2018-06-04 07:29 - 2018-06-04 07:29 - 005610000 _____ C:\Users\theri\02-180604_0729.wav
2018-06-04 07:29 - 2018-06-04 07:29 - 005610000 _____ C:\Users\theri\01-180604_0729.wav
2018-06-04 07:29 - 2018-06-04 07:29 - 000054486 _____ C:\Users\theri\02-180604_0729.wav.reapeaks
2018-06-04 07:29 - 2018-06-04 07:29 - 000054486 _____ C:\Users\theri\01-180604_0729.wav.reapeaks
2018-06-04 07:26 - 2018-06-04 07:26 - 004844044 _____ C:\Users\theri\02-180604_0726-01.wav
2018-06-04 07:26 - 2018-06-04 07:26 - 004844044 _____ C:\Users\theri\01-180604_0726-01.wav
2018-06-04 07:26 - 2018-06-04 07:26 - 001312972 _____ C:\Users\theri\02-180604_0726.wav
2018-06-04 07:26 - 2018-06-04 07:26 - 001312972 _____ C:\Users\theri\01-180604_0726.wav
2018-06-04 07:26 - 2018-06-04 07:26 - 000047054 _____ C:\Users\theri\02-180604_0726-01.wav.reapeaks
2018-06-04 07:26 - 2018-06-04 07:26 - 000047054 _____ C:\Users\theri\01-180604_0726-01.wav.reapeaks
2018-06-04 07:26 - 2018-06-04 07:26 - 000012782 _____ C:\Users\theri\02-180604_0726.wav.reapeaks
2018-06-04 07:26 - 2018-06-04 07:26 - 000012782 _____ C:\Users\theri\01-180604_0726.wav.reapeaks
2018-06-04 07:23 - 2018-06-04 07:24 - 004824076 _____ C:\Users\theri\02-180604_0723.wav
2018-06-04 07:23 - 2018-06-04 07:24 - 004824076 _____ C:\Users\theri\01-180604_0723.wav
2018-06-04 07:23 - 2018-06-04 07:24 - 000046862 _____ C:\Users\theri\02-180604_0723.wav.reapeaks
2018-06-04 07:23 - 2018-06-04 07:24 - 000046862 _____ C:\Users\theri\01-180604_0723.wav.reapeaks
2018-06-04 07:21 - 2018-06-04 07:22 - 000581452 _____ C:\Users\theri\02-180604_0721.wav
2018-06-04 07:21 - 2018-06-04 07:22 - 000581452 _____ C:\Users\theri\01-180604_0721.wav
2018-06-04 07:21 - 2018-06-04 07:22 - 000005682 _____ C:\Users\theri\02-180604_0721.wav.reapeaks
2018-06-04 07:21 - 2018-06-04 07:22 - 000005682 _____ C:\Users\theri\01-180604_0721.wav.reapeaks
2018-06-04 07:20 - 2018-06-04 07:20 - 001747276 _____ C:\Users\theri\02-180604_0720.wav
2018-06-04 07:20 - 2018-06-04 07:20 - 001747276 _____ C:\Users\theri\01-180604_0720.wav
2018-06-04 07:20 - 2018-06-04 07:20 - 000017002 _____ C:\Users\theri\02-180604_0720.wav.reapeaks
2018-06-04 07:20 - 2018-06-04 07:20 - 000017002 _____ C:\Users\theri\01-180604_0720.wav.reapeaks
2018-06-04 07:19 - 2018-06-04 07:19 - 002848204 _____ C:\Users\theri\02-180604_0719-01.wav
2018-06-04 07:19 - 2018-06-04 07:19 - 002848204 _____ C:\Users\theri\01-180604_0719-01.wav
2018-06-04 07:19 - 2018-06-04 07:19 - 000979660 _____ C:\Users\theri\02-180604_0719.wav
2018-06-04 07:19 - 2018-06-04 07:19 - 000979660 _____ C:\Users\theri\01-180604_0719.wav
2018-06-04 07:19 - 2018-06-04 07:19 - 000027682 _____ C:\Users\theri\02-180604_0719-01.wav.reapeaks
2018-06-04 07:19 - 2018-06-04 07:19 - 000027682 _____ C:\Users\theri\01-180604_0719-01.wav.reapeaks
2018-06-04 07:19 - 2018-06-04 07:19 - 000009546 _____ C:\Users\theri\02-180604_0719.wav.reapeaks
2018-06-04 07:19 - 2018-06-04 07:19 - 000009546 _____ C:\Users\theri\01-180604_0719.wav.reapeaks
2018-06-04 07:18 - 2018-06-04 07:18 - 000894412 _____ C:\Users\theri\02-180604_0718.wav
2018-06-04 07:18 - 2018-06-04 07:18 - 000894412 _____ C:\Users\theri\01-180604_0718.wav
2018-06-04 07:18 - 2018-06-04 07:18 - 000008722 _____ C:\Users\theri\02-180604_0718.wav.reapeaks
2018-06-04 07:18 - 2018-06-04 07:18 - 000008722 _____ C:\Users\theri\01-180604_0718.wav.reapeaks
2018-06-04 07:17 - 2018-06-04 07:18 - 000552652 _____ C:\Users\theri\02-180604_0717.wav
2018-06-04 07:17 - 2018-06-04 07:18 - 000552652 _____ C:\Users\theri\01-180604_0717.wav
2018-06-04 07:17 - 2018-06-04 07:18 - 000005406 _____ C:\Users\theri\02-180604_0717.wav.reapeaks
2018-06-04 07:17 - 2018-06-04 07:18 - 000005406 _____ C:\Users\theri\01-180604_0717.wav.reapeaks
2018-06-04 07:11 - 2018-06-04 07:11 - 000000000 ____D C:\Users\theri\AppData\Local\D3DSCache
2018-06-04 06:41 - 2018-06-04 06:41 - 000000000 ____D C:\Program Files (x86)\Intel
2018-06-04 06:41 - 2016-06-02 13:41 - 000072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-06-04 06:40 - 2018-06-04 06:40 - 000001417 _____ C:\Users\theri\Desktop\Microsoft Edge.lnk
2018-06-04 06:40 - 2018-06-04 06:40 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-06-04 06:38 - 2018-06-10 11:01 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-04 06:38 - 2018-06-04 06:38 - 000000258 __RSH C:\Users\theri\ntuser.pol
2018-06-04 06:38 - 2018-06-04 06:38 - 000000020 ___SH C:\Users\theri\ntuser.ini
2018-06-04 06:37 - 2018-06-10 07:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-04 06:37 - 2018-06-10 06:39 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-06-04 06:37 - 2018-06-10 06:39 - 000004212 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-06-04 06:37 - 2018-06-04 06:38 - 000003764 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-06-04 06:37 - 2018-06-04 06:38 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-04 06:37 - 2018-06-04 06:38 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2490729119-3134143975-3617553193-1001
2018-06-04 06:37 - 2018-06-04 06:38 - 000002770 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-theriggingninja@gmail.com
2018-06-04 06:37 - 2018-06-04 06:38 - 000002278 _____ C:\WINDOWS\System32\Tasks\{D48EF8AF-1514-49D0-822B-A8ACD6DA6F64}
2018-06-04 06:37 - 2018-06-04 06:38 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-06-04 06:37 - 2018-06-04 06:37 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2018-06-04 06:37 - 2018-06-04 06:37 - 000015243 _____ C:\WINDOWS\diagerr.xml
2018-06-04 06:37 - 2018-06-04 06:37 - 000003370 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1488781032
2018-06-04 06:37 - 2018-06-04 06:37 - 000003318 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1507079576
2018-06-04 06:37 - 2018-06-04 06:37 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-04 06:37 - 2018-06-04 06:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-06-04 06:37 - 2018-06-04 06:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2018-06-04 06:37 - 2018-06-04 06:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-06-04 06:37 - 2018-06-04 06:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-06-04 06:37 - 2017-11-03 02:28 - 000000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2018-06-04 06:33 - 2018-06-04 06:33 - 000000000 ____D C:\ProgramData\USOShared
2018-06-04 06:33 - 2018-04-11 18:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-06-04 06:29 - 2018-06-06 19:57 - 000000000 ____D C:\Users\theri
2018-06-04 06:29 - 2018-06-04 06:34 - 000000000 ____D C:\Users\defaultuser0
2018-06-04 06:29 - 2018-06-04 06:32 - 000000000 ____D C:\Users\Administrator
2018-06-04 06:29 - 2018-04-11 18:34 - 000001105 _____ C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-04 06:29 - 2018-04-11 18:34 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-04 06:29 - 2018-04-11 18:34 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-04 06:29 - 2017-08-26 14:26 - 000000000 ____D C:\Users\theri\AppData\Roaming\Macromedia
2018-06-04 06:29 - 2017-08-26 14:26 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Macromedia
2018-06-04 06:29 - 2017-08-26 14:26 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2018-06-04 06:28 - 2018-06-10 10:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-04 06:28 - 2018-06-04 06:31 - 000480760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-04 06:10 - 2018-06-04 06:10 - 001162636 _____ C:\Users\theri\Documents\03-180604_0610.wav
2018-06-04 06:10 - 2018-06-04 06:10 - 001162636 _____ C:\Users\theri\Documents\02-180604_0610.wav
2018-06-04 06:10 - 2018-06-04 06:10 - 000011322 _____ C:\Users\theri\Documents\03-180604_0610.wav.reapeaks
2018-06-04 06:10 - 2018-06-04 06:10 - 000011322 _____ C:\Users\theri\Documents\02-180604_0610.wav.reapeaks
2018-06-04 06:09 - 2018-06-04 06:09 - 001209484 _____ C:\Users\theri\Documents\03-180604_0609.wav
2018-06-04 06:09 - 2018-06-04 06:09 - 001209484 _____ C:\Users\theri\Documents\02-180604_0609.wav
2018-06-04 06:09 - 2018-06-04 06:09 - 001130380 _____ C:\Users\theri\Documents\03-180604_0609-01.wav
2018-06-04 06:09 - 2018-06-04 06:09 - 001130380 _____ C:\Users\theri\Documents\02-180604_0609-01.wav
2018-06-04 06:09 - 2018-06-04 06:09 - 000011778 _____ C:\Users\theri\Documents\03-180604_0609.wav.reapeaks
2018-06-04 06:09 - 2018-06-04 06:09 - 000011778 _____ C:\Users\theri\Documents\02-180604_0609.wav.reapeaks
2018-06-04 06:09 - 2018-06-04 06:09 - 000011010 _____ C:\Users\theri\Documents\03-180604_0609-01.wav.reapeaks
2018-06-04 06:09 - 2018-06-04 06:09 - 000011010 _____ C:\Users\theri\Documents\02-180604_0609-01.wav.reapeaks
2018-06-04 06:08 - 2018-06-04 06:08 - 001078156 _____ C:\Users\theri\Documents\03-180604_0608.wav
2018-06-04 06:08 - 2018-06-04 06:08 - 001078156 _____ C:\Users\theri\Documents\02-180604_0608.wav
2018-06-04 06:08 - 2018-06-04 06:08 - 000010506 _____ C:\Users\theri\Documents\03-180604_0608.wav.reapeaks
2018-06-04 06:08 - 2018-06-04 06:08 - 000010506 _____ C:\Users\theri\Documents\02-180604_0608.wav.reapeaks
2018-06-04 06:07 - 2018-06-04 06:07 - 001174540 _____ C:\Users\theri\Documents\03-180604_0607.wav
2018-06-04 06:07 - 2018-06-04 06:07 - 001174540 _____ C:\Users\theri\Documents\02-180604_0607.wav
2018-06-04 06:07 - 2018-06-04 06:07 - 000011438 _____ C:\Users\theri\Documents\03-180604_0607.wav.reapeaks
2018-06-04 06:07 - 2018-06-04 06:07 - 000011438 _____ C:\Users\theri\Documents\02-180604_0607.wav.reapeaks
2018-06-04 06:06 - 2018-06-04 06:06 - 001245834 _____ C:\Users\theri\Documents\03-180604_0606-01.wav
2018-06-04 06:06 - 2018-06-04 06:06 - 001245834 _____ C:\Users\theri\Documents\02-180604_0606-01.wav
2018-06-04 06:06 - 2018-06-04 06:06 - 001233676 _____ C:\Users\theri\Documents\03-180604_0606.wav
2018-06-04 06:06 - 2018-06-04 06:06 - 001233676 _____ C:\Users\theri\Documents\02-180604_0606.wav
2018-06-04 06:06 - 2018-06-04 06:06 - 000012134 _____ C:\Users\theri\Documents\03-180604_0606-01.wav.reapeaks
2018-06-04 06:06 - 2018-06-04 06:06 - 000012134 _____ C:\Users\theri\Documents\02-180604_0606-01.wav.reapeaks
2018-06-04 06:06 - 2018-06-04 06:06 - 000012014 _____ C:\Users\theri\Documents\03-180604_0606.wav.reapeaks
2018-06-04 06:06 - 2018-06-04 06:06 - 000012014 _____ C:\Users\theri\Documents\02-180604_0606.wav.reapeaks
2018-06-04 06:05 - 2018-06-04 06:05 - 001000588 _____ C:\Users\theri\Documents\03-180604_0605.wav
2018-06-04 06:05 - 2018-06-04 06:05 - 001000588 _____ C:\Users\theri\Documents\02-180604_0605.wav
2018-06-04 06:05 - 2018-06-04 06:05 - 000897100 _____ C:\Users\theri\Documents\03-180604_0605-02.wav
2018-06-04 06:05 - 2018-06-04 06:05 - 000897100 _____ C:\Users\theri\Documents\02-180604_0605-02.wav
2018-06-04 06:05 - 2018-06-04 06:05 - 000782860 _____ C:\Users\theri\Documents\03-180604_0605-01.wav
2018-06-04 06:05 - 2018-06-04 06:05 - 000782860 _____ C:\Users\theri\Documents\02-180604_0605-01.wav
2018-06-04 06:05 - 2018-06-04 06:05 - 000009754 _____ C:\Users\theri\Documents\03-180604_0605.wav.reapeaks
2018-06-04 06:05 - 2018-06-04 06:05 - 000009754 _____ C:\Users\theri\Documents\02-180604_0605.wav.reapeaks
2018-06-04 06:05 - 2018-06-04 06:05 - 000008746 _____ C:\Users\theri\Documents\03-180604_0605-02.wav.reapeaks
2018-06-04 06:05 - 2018-06-04 06:05 - 000008746 _____ C:\Users\theri\Documents\02-180604_0605-02.wav.reapeaks
2018-06-04 06:05 - 2018-06-04 06:05 - 000007638 _____ C:\Users\theri\Documents\03-180604_0605-01.wav.reapeaks
2018-06-04 06:05 - 2018-06-04 06:05 - 000007638 _____ C:\Users\theri\Documents\02-180604_0605-01.wav.reapeaks
2018-06-04 06:04 - 2018-06-04 06:05 - 000924748 _____ C:\Users\theri\Documents\03-180604_0604-02.wav
2018-06-04 06:04 - 2018-06-04 06:05 - 000924748 _____ C:\Users\theri\Documents\02-180604_0604-02.wav
2018-06-04 06:04 - 2018-06-04 06:05 - 000009014 _____ C:\Users\theri\Documents\03-180604_0604-02.wav.reapeaks
2018-06-04 06:04 - 2018-06-04 06:05 - 000009014 _____ C:\Users\theri\Documents\02-180604_0604-02.wav.reapeaks
2018-06-04 06:04 - 2018-06-04 06:04 - 001062796 _____ C:\Users\theri\Documents\03-180604_0604-01.wav
2018-06-04 06:04 - 2018-06-04 06:04 - 001062796 _____ C:\Users\theri\Documents\02-180604_0604-01.wav
2018-06-04 06:04 - 2018-06-04 06:04 - 000965260 _____ C:\Users\theri\Documents\03-180604_0604.wav
2018-06-04 06:04 - 2018-06-04 06:04 - 000965260 _____ C:\Users\theri\Documents\02-180604_0604.wav
2018-06-04 06:04 - 2018-06-04 06:04 - 000010358 _____ C:\Users\theri\Documents\03-180604_0604-01.wav.reapeaks
2018-06-04 06:04 - 2018-06-04 06:04 - 000010358 _____ C:\Users\theri\Documents\02-180604_0604-01.wav.reapeaks
2018-06-04 06:04 - 2018-06-04 06:04 - 000009410 _____ C:\Users\theri\Documents\03-180604_0604.wav.reapeaks
2018-06-04 06:04 - 2018-06-04 06:04 - 000009410 _____ C:\Users\theri\Documents\02-180604_0604.wav.reapeaks
2018-06-04 06:03 - 2018-06-04 06:03 - 002716684 _____ C:\Users\theri\Documents\03-180604_0603.wav
2018-06-04 06:03 - 2018-06-04 06:03 - 002716684 _____ C:\Users\theri\Documents\02-180604_0603.wav
2018-06-04 06:03 - 2018-06-04 06:03 - 000026406 _____ C:\Users\theri\Documents\03-180604_0603.wav.reapeaks
2018-06-04 06:03 - 2018-06-04 06:03 - 000026406 _____ C:\Users\theri\Documents\02-180604_0603.wav.reapeaks
2018-06-04 06:02 - 2018-06-04 06:03 - 000787468 _____ C:\Users\theri\Documents\03-180604_0602.wav
2018-06-04 06:02 - 2018-06-04 06:03 - 000787468 _____ C:\Users\theri\Documents\02-180604_0602.wav
2018-06-04 06:02 - 2018-06-04 06:03 - 000007678 _____ C:\Users\theri\Documents\03-180604_0602.wav.reapeaks
2018-06-04 06:02 - 2018-06-04 06:03 - 000007678 _____ C:\Users\theri\Documents\02-180604_0602.wav.reapeaks
2018-06-04 06:01 - 2018-06-04 06:02 - 006837964 _____ C:\Users\theri\Documents\03-180604_0601-01.wav
2018-06-04 06:01 - 2018-06-04 06:02 - 006837964 _____ C:\Users\theri\Documents\02-180604_0601-01.wav
2018-06-04 06:01 - 2018-06-04 06:02 - 000066402 _____ C:\Users\theri\Documents\03-180604_0601-01.wav.reapeaks
2018-06-04 06:01 - 2018-06-04 06:02 - 000066402 _____ C:\Users\theri\Documents\02-180604_0601-01.wav.reapeaks
2018-06-04 06:01 - 2018-06-04 06:01 - 000864652 _____ C:\Users\theri\Documents\03-180604_0601.wav
2018-06-04 06:01 - 2018-06-04 06:01 - 000864652 _____ C:\Users\theri\Documents\02-180604_0601.wav
2018-06-04 06:01 - 2018-06-04 06:01 - 000008430 _____ C:\Users\theri\Documents\03-180604_0601.wav.reapeaks
2018-06-04 06:01 - 2018-06-04 06:01 - 000008430 _____ C:\Users\theri\Documents\02-180604_0601.wav.reapeaks
2018-06-04 06:00 - 2018-06-04 06:01 - 000965260 _____ C:\Users\theri\Documents\03-180604_0600.wav
2018-06-04 06:00 - 2018-06-04 06:01 - 000965260 _____ C:\Users\theri\Documents\02-180604_0600.wav
2018-06-04 06:00 - 2018-06-04 06:01 - 000009410 _____ C:\Users\theri\Documents\03-180604_0600.wav.reapeaks
2018-06-04 06:00 - 2018-06-04 06:01 - 000009410 _____ C:\Users\theri\Documents\02-180604_0600.wav.reapeaks
2018-06-04 05:54 - 2018-06-04 05:54 - 001530316 _____ C:\Users\theri\Documents\03-180604_0554.wav
2018-06-04 05:54 - 2018-06-04 05:54 - 001530316 _____ C:\Users\theri\Documents\02-180604_0554.wav
2018-06-04 05:54 - 2018-06-04 05:54 - 000014894 _____ C:\Users\theri\Documents\03-180604_0554.wav.reapeaks
2018-06-04 05:54 - 2018-06-04 05:54 - 000014894 _____ C:\Users\theri\Documents\02-180604_0554.wav.reapeaks
2018-06-04 05:53 - 2018-06-04 05:54 - 001359628 _____ C:\Users\theri\Documents\03-180604_0553.wav
2018-06-04 05:53 - 2018-06-04 05:54 - 001359628 _____ C:\Users\theri\Documents\02-180604_0553.wav
2018-06-04 05:53 - 2018-06-04 05:54 - 000013238 _____ C:\Users\theri\Documents\03-180604_0553.wav.reapeaks
2018-06-04 05:53 - 2018-06-04 05:54 - 000013238 _____ C:\Users\theri\Documents\02-180604_0553.wav.reapeaks
2018-06-04 05:52 - 2018-06-04 05:52 - 000949132 _____ C:\Users\theri\Documents\03-180604_0552.wav
2018-06-04 05:52 - 2018-06-04 05:52 - 000949132 _____ C:\Users\theri\Documents\02-180604_0552.wav
2018-06-04 05:52 - 2018-06-04 05:52 - 000009254 _____ C:\Users\theri\Documents\03-180604_0552.wav.reapeaks
2018-06-04 05:52 - 2018-06-04 05:52 - 000009254 _____ C:\Users\theri\Documents\02-180604_0552.wav.reapeaks
2018-06-04 05:50 - 2018-06-04 05:50 - 000979276 _____ C:\Users\theri\Documents\03-180604_0550.wav
2018-06-04 05:50 - 2018-06-04 05:50 - 000979276 _____ C:\Users\theri\Documents\02-180604_0550.wav
2018-06-04 05:50 - 2018-06-04 05:50 - 000009542 _____ C:\Users\theri\Documents\03-180604_0550.wav.reapeaks
2018-06-04 05:50 - 2018-06-04 05:50 - 000009542 _____ C:\Users\theri\Documents\02-180604_0550.wav.reapeaks
2018-06-04 05:49 - 2018-06-04 05:49 - 001541644 _____ C:\Users\theri\Documents\03-180604_0549.wav
2018-06-04 05:49 - 2018-06-04 05:49 - 001541644 _____ C:\Users\theri\Documents\02-180604_0549.wav
2018-06-04 05:49 - 2018-06-04 05:49 - 000015002 _____ C:\Users\theri\Documents\03-180604_0549.wav.reapeaks
2018-06-04 05:49 - 2018-06-04 05:49 - 000015002 _____ C:\Users\theri\Documents\02-180604_0549.wav.reapeaks
2018-06-04 05:48 - 2018-06-04 05:48 - 001402636 _____ C:\Users\theri\Documents\03-180604_0548-01.wav
2018-06-04 05:48 - 2018-06-04 05:48 - 001402636 _____ C:\Users\theri\Documents\02-180604_0548-01.wav
2018-06-04 05:48 - 2018-06-04 05:48 - 001331788 _____ C:\Users\theri\Documents\03-180604_0548-02.wav
2018-06-04 05:48 - 2018-06-04 05:48 - 001331788 _____ C:\Users\theri\Documents\02-180604_0548-02.wav
2018-06-04 05:48 - 2018-06-04 05:48 - 001214092 _____ C:\Users\theri\Documents\03-180604_0548.wav
2018-06-04 05:48 - 2018-06-04 05:48 - 001214092 _____ C:\Users\theri\Documents\02-180604_0548.wav
2018-06-04 05:48 - 2018-06-04 05:48 - 000013650 _____ C:\Users\theri\Documents\03-180604_0548-01.wav.reapeaks
2018-06-04 05:48 - 2018-06-04 05:48 - 000013650 _____ C:\Users\theri\Documents\02-180604_0548-01.wav.reapeaks
2018-06-04 05:48 - 2018-06-04 05:48 - 000012970 _____ C:\Users\theri\Documents\03-180604_0548-02.wav.reapeaks
2018-06-04 05:48 - 2018-06-04 05:48 - 000012970 _____ C:\Users\theri\Documents\02-180604_0548-02.wav.reapeaks
2018-06-04 05:48 - 2018-06-04 05:48 - 000011826 _____ C:\Users\theri\Documents\03-180604_0548.wav.reapeaks
2018-06-04 05:48 - 2018-06-04 05:48 - 000011826 _____ C:\Users\theri\Documents\02-180604_0548.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:48 - 001686796 _____ C:\Users\theri\Documents\03-180604_0547-03.wav
2018-06-04 05:47 - 2018-06-04 05:48 - 001686796 _____ C:\Users\theri\Documents\02-180604_0547-03.wav
2018-06-04 05:47 - 2018-06-04 05:48 - 000016410 _____ C:\Users\theri\Documents\03-180604_0547-03.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:48 - 000016410 _____ C:\Users\theri\Documents\02-180604_0547-03.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:47 - 001770700 _____ C:\Users\theri\Documents\03-180604_0547-02.wav
2018-06-04 05:47 - 2018-06-04 05:47 - 001770700 _____ C:\Users\theri\Documents\02-180604_0547-02.wav
2018-06-04 05:47 - 2018-06-04 05:47 - 001238476 _____ C:\Users\theri\Documents\03-180604_0547-01.wav
2018-06-04 05:47 - 2018-06-04 05:47 - 001238476 _____ C:\Users\theri\Documents\02-180604_0547-01.wav
2018-06-04 05:47 - 2018-06-04 05:47 - 000783052 _____ C:\Users\theri\Documents\03-180604_0547.wav
2018-06-04 05:47 - 2018-06-04 05:47 - 000783052 _____ C:\Users\theri\Documents\02-180604_0547.wav
2018-06-04 05:47 - 2018-06-04 05:47 - 000017226 _____ C:\Users\theri\Documents\03-180604_0547-02.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:47 - 000017226 _____ C:\Users\theri\Documents\02-180604_0547-02.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:47 - 000012062 _____ C:\Users\theri\Documents\03-180604_0547-01.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:47 - 000012062 _____ C:\Users\theri\Documents\02-180604_0547-01.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:47 - 000007638 _____ C:\Users\theri\Documents\03-180604_0547.wav.reapeaks
2018-06-04 05:47 - 2018-06-04 05:47 - 000007638 _____ C:\Users\theri\Documents\02-180604_0547.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 001091020 _____ C:\Users\theri\Documents\03-180604_0546-01.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 001091020 _____ C:\Users\theri\Documents\02-180604_0546-01.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 000896524 _____ C:\Users\theri\Documents\03-180604_0546-03.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 000896524 _____ C:\Users\theri\Documents\02-180604_0546-03.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 000817420 _____ C:\Users\theri\Documents\03-180604_0546.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 000817420 _____ C:\Users\theri\Documents\02-180604_0546.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 000786316 _____ C:\Users\theri\Documents\03-180604_0546-02.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 000786316 _____ C:\Users\theri\Documents\02-180604_0546-02.wav
2018-06-04 05:46 - 2018-06-04 05:46 - 000010630 _____ C:\Users\theri\Documents\03-180604_0546-01.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 000010630 _____ C:\Users\theri\Documents\02-180604_0546-01.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 000008742 _____ C:\Users\theri\Documents\03-180604_0546-03.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 000008742 _____ C:\Users\theri\Documents\02-180604_0546-03.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 000007974 _____ C:\Users\theri\Documents\03-180604_0546.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 000007974 _____ C:\Users\theri\Documents\02-180604_0546.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 000007670 _____ C:\Users\theri\Documents\03-180604_0546-02.wav.reapeaks
2018-06-04 05:46 - 2018-06-04 05:46 - 000007670 _____ C:\Users\theri\Documents\02-180604_0546-02.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:46 - 001797772 _____ C:\Users\theri\Documents\03-180604_0545-04.wav
2018-06-04 05:45 - 2018-06-04 05:46 - 001797772 _____ C:\Users\theri\Documents\02-180604_0545-04.wav
2018-06-04 05:45 - 2018-06-04 05:46 - 000017486 _____ C:\Users\theri\Documents\03-180604_0545-04.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:46 - 000017486 _____ C:\Users\theri\Documents\02-180604_0545-04.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 001457164 _____ C:\Users\theri\Documents\03-180604_0545-01.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 001457164 _____ C:\Users\theri\Documents\02-180604_0545-01.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 001121356 _____ C:\Users\theri\Documents\03-180604_0545-03.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 001121356 _____ C:\Users\theri\Documents\02-180604_0545-03.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 000912652 _____ C:\Users\theri\Documents\03-180604_0545.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 000912652 _____ C:\Users\theri\Documents\02-180604_0545.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 000868876 _____ C:\Users\theri\Documents\03-180604_0545-02.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 000868876 _____ C:\Users\theri\Documents\02-180604_0545-02.wav
2018-06-04 05:45 - 2018-06-04 05:45 - 000014186 _____ C:\Users\theri\Documents\03-180604_0545-01.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 000014186 _____ C:\Users\theri\Documents\02-180604_0545-01.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 000010926 _____ C:\Users\theri\Documents\03-180604_0545-03.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 000010926 _____ C:\Users\theri\Documents\02-180604_0545-03.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 000008894 _____ C:\Users\theri\Documents\03-180604_0545.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 000008894 _____ C:\Users\theri\Documents\02-180604_0545.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 000008474 _____ C:\Users\theri\Documents\03-180604_0545-02.wav.reapeaks
2018-06-04 05:45 - 2018-06-04 05:45 - 000008474 _____ C:\Users\theri\Documents\02-180604_0545-02.wav.reapeaks
2018-06-04 05:44 - 2018-06-04 05:44 - 001639948 _____ C:\Users\theri\Documents\03-180604_0544-01.wav
2018-06-04 05:44 - 2018-06-04 05:44 - 001639948 _____ C:\Users\theri\Documents\02-180604_0544-01.wav
2018-06-04 05:44 - 2018-06-04 05:44 - 001266124 _____ C:\Users\theri\Documents\03-180604_0544.wav
2018-06-04 05:44 - 2018-06-04 05:44 - 001266124 _____ C:\Users\theri\Documents\02-180604_0544.wav
2018-06-04 05:44 - 2018-06-04 05:44 - 000015958 _____ C:\Users\theri\Documents\03-180604_0544-01.wav.reapeaks
2018-06-04 05:44 - 2018-06-04 05:44 - 000015958 _____ C:\Users\theri\Documents\02-180604_0544-01.wav.reapeaks
2018-06-04 05:44 - 2018-06-04 05:44 - 000012330 _____ C:\Users\theri\Documents\03-180604_0544.wav.reapeaks
2018-06-04 05:44 - 2018-06-04 05:44 - 000012330 _____ C:\Users\theri\Documents\02-180604_0544.wav.reapeaks
2018-06-04 05:43 - 2018-06-04 05:43 - 001521292 _____ C:\Users\theri\Documents\03-180604_0543.wav
2018-06-04 05:43 - 2018-06-04 05:43 - 001521292 _____ C:\Users\theri\Documents\02-180604_0543.wav
2018-06-04 05:43 - 2018-06-04 05:43 - 000014802 _____ C:\Users\theri\Documents\03-180604_0543.wav.reapeaks
2018-06-04 05:43 - 2018-06-04 05:43 - 000014802 _____ C:\Users\theri\Documents\02-180604_0543.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:43 - 000908236 _____ C:\Users\theri\Documents\03-180604_0542-04.wav
2018-06-04 05:42 - 2018-06-04 05:43 - 000908236 _____ C:\Users\theri\Documents\02-180604_0542-04.wav
2018-06-04 05:42 - 2018-06-04 05:43 - 000008854 _____ C:\Users\theri\Documents\03-180604_0542-04.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:43 - 000008854 _____ C:\Users\theri\Documents\02-180604_0542-04.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 001814668 _____ C:\Users\theri\Documents\03-180604_0542-02.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 001814668 _____ C:\Users\theri\Documents\02-180604_0542-02.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 001321228 _____ C:\Users\theri\Documents\03-180604_0542.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 001321228 _____ C:\Users\theri\Documents\02-180604_0542.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 001013068 _____ C:\Users\theri\Documents\03-180604_0542-03.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 001013068 _____ C:\Users\theri\Documents\02-180604_0542-03.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 000857932 _____ C:\Users\theri\Documents\03-180604_0542-01.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 000857932 _____ C:\Users\theri\Documents\02-180604_0542-01.wav
2018-06-04 05:42 - 2018-06-04 05:42 - 000017654 _____ C:\Users\theri\Documents\03-180604_0542-02.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 000017654 _____ C:\Users\theri\Documents\02-180604_0542-02.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 000012862 _____ C:\Users\theri\Documents\03-180604_0542.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 000012862 _____ C:\Users\theri\Documents\02-180604_0542.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 000009874 _____ C:\Users\theri\Documents\03-180604_0542-03.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 000009874 _____ C:\Users\theri\Documents\02-180604_0542-03.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 000008366 _____ C:\Users\theri\Documents\03-180604_0542-01.wav.reapeaks
2018-06-04 05:42 - 2018-06-04 05:42 - 000008366 _____ C:\Users\theri\Documents\02-180604_0542-01.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:42 - 001216204 _____ C:\Users\theri\Documents\03-180604_0541-03.wav
2018-06-04 05:41 - 2018-06-04 05:42 - 001216204 _____ C:\Users\theri\Documents\02-180604_0541-03.wav
2018-06-04 05:41 - 2018-06-04 05:42 - 000011846 _____ C:\Users\theri\Documents\03-180604_0541-03.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:42 - 000011846 _____ C:\Users\theri\Documents\02-180604_0541-03.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:41 - 001642060 _____ C:\Users\theri\Documents\03-180604_0541.wav
2018-06-04 05:41 - 2018-06-04 05:41 - 001642060 _____ C:\Users\theri\Documents\02-180604_0541.wav
2018-06-04 05:41 - 2018-06-04 05:41 - 001138636 _____ C:\Users\theri\Documents\03-180604_0541-01.wav
2018-06-04 05:41 - 2018-06-04 05:41 - 001138636 _____ C:\Users\theri\Documents\02-180604_0541-01.wav
2018-06-04 05:41 - 2018-06-04 05:41 - 000978508 _____ C:\Users\theri\Documents\03-180604_0541-02.wav
2018-06-04 05:41 - 2018-06-04 05:41 - 000978508 _____ C:\Users\theri\Documents\02-180604_0541-02.wav
2018-06-04 05:41 - 2018-06-04 05:41 - 000015978 _____ C:\Users\theri\Documents\03-180604_0541.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:41 - 000015978 _____ C:\Users\theri\Documents\02-180604_0541.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:41 - 000011094 _____ C:\Users\theri\Documents\03-180604_0541-01.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:41 - 000011094 _____ C:\Users\theri\Documents\02-180604_0541-01.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:41 - 000009538 _____ C:\Users\theri\Documents\03-180604_0541-02.wav.reapeaks
2018-06-04 05:41 - 2018-06-04 05:41 - 000009538 _____ C:\Users\theri\Documents\02-180604_0541-02.wav.reapeaks
2018-06-04 05:40 - 2018-06-04 05:40 - 001890508 _____ C:\Users\theri\Documents\03-180604_0540.wav
2018-06-04 05:40 - 2018-06-04 05:40 - 001890508 _____ C:\Users\theri\Documents\02-180604_0540.wav
2018-06-04 05:40 - 2018-06-04 05:40 - 000018390 _____ C:\Users\theri\Documents\03-180604_0540.wav.reapeaks
2018-06-04 05:40 - 2018-06-04 05:40 - 000018390 _____ C:\Users\theri\Documents\02-180604_0540.wav.reapeaks
2018-06-04 05:38 - 2018-06-04 05:38 - 002762380 _____ C:\Users\theri\Documents\03-180604_0538.wav
2018-06-04 05:38 - 2018-06-04 05:38 - 002762380 _____ C:\Users\theri\Documents\02-180604_0538.wav
2018-06-04 05:38 - 2018-06-04 05:38 - 000026850 _____ C:\Users\theri\Documents\03-180604_0538.wav.reapeaks
2018-06-04 05:38 - 2018-06-04 05:38 - 000026850 _____ C:\Users\theri\Documents\02-180604_0538.wav.reapeaks
2018-06-04 05:37 - 2018-06-04 05:37 - 000560140 _____ C:\Users\theri\Documents\03-180604_0537.wav
2018-06-04 05:37 - 2018-06-04 05:37 - 000560140 _____ C:\Users\theri\Documents\02-180604_0537.wav
2018-06-04 05:37 - 2018-06-04 05:37 - 000005478 _____ C:\Users\theri\Documents\03-180604_0537.wav.reapeaks
2018-06-04 05:37 - 2018-06-04 05:37 - 000005478 _____ C:\Users\theri\Documents\02-180604_0537.wav.reapeaks
2018-06-04 05:36 - 2018-06-04 05:36 - 002829004 _____ C:\Users\theri\Documents\03-180604_0536-02.wav
2018-06-04 05:36 - 2018-06-04 05:36 - 002829004 _____ C:\Users\theri\Documents\02-180604_0536-02.wav
2018-06-04 05:36 - 2018-06-04 05:36 - 002630860 _____ C:\Users\theri\Documents\03-180604_0536.wav
2018-06-04 05:36 - 2018-06-04 05:36 - 002630860 _____ C:\Users\theri\Documents\02-180604_0536.wav
2018-06-04 05:36 - 2018-06-04 05:36 - 000441292 _____ C:\Users\theri\Documents\03-180604_0536-01.wav
2018-06-04 05:36 - 2018-06-04 05:36 - 000441292 _____ C:\Users\theri\Documents\02-180604_0536-01.wav
2018-06-04 05:36 - 2018-06-04 05:36 - 000027498 _____ C:\Users\theri\Documents\03-180604_0536-02.wav.reapeaks
2018-06-04 05:36 - 2018-06-04 05:36 - 000027498 _____ C:\Users\theri\Documents\02-180604_0536-02.wav.reapeaks
2018-06-04 05:36 - 2018-06-04 05:36 - 000025562 _____ C:\Users\theri\Documents\03-180604_0536.wav.reapeaks
2018-06-04 05:36 - 2018-06-04 05:36 - 000025562 _____ C:\Users\theri\Documents\02-180604_0536.wav.reapeaks
2018-06-04 05:36 - 2018-06-04 05:36 - 000004322 _____ C:\Users\theri\Documents\03-180604_0536-01.wav.reapeaks
2018-06-04 05:36 - 2018-06-04 05:36 - 000004322 _____ C:\Users\theri\Documents\02-180604_0536-01.wav.reapeaks
2018-06-04 04:22 - 2018-06-10 10:30 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-04 04:04 - 2018-06-04 04:04 - 000000719 _____ C:\Users\theri\Desktop\Windows 10 Update Assistant.lnk
2018-06-04 02:05 - 2018-06-04 02:05 - 000021004 _____ C:\Users\theri\Documents\01-180604_0205.wav
2018-06-04 02:05 - 2018-06-04 02:05 - 000000246 _____ C:\Users\theri\Documents\01-180604_0205.wav.reapeaks
2018-06-04 00:56 - 2018-06-10 02:24 - 000097814 _____ C:\Users\theri\Documents\wretqaetaerteadc.rpp
2018-06-04 00:56 - 2018-06-10 01:17 - 000075375 _____ C:\Users\theri\Documents\wretqaetaerteadc.rpp-bak
2018-06-03 19:57 - 2018-06-03 19:57 - 005161280 _____ (Focusrite Audio Engineering Ltd. ) C:\Users\theri\Desktop\focusriteusbinstaller4.36.5-612.exe
2018-06-03 19:57 - 2018-06-03 19:57 - 000721616 _____ C:\WINDOWS\isRS-000.tmp
2018-06-03 04:19 - 2018-06-03 04:20 - 005161280 _____ (Focusrite Audio Engineering Ltd. ) C:\Users\theri\Desktop\focusriteusbinstaller4.36.5-612 (1).exe
2018-06-03 04:15 - 2018-06-03 04:17 - 001624408 _____ (Novation ) C:\Users\theri\Desktop\bassstation-2.3.exe
2018-06-03 04:12 - 2018-06-03 05:18 - 260154972 _____ C:\Users\theri\Desktop\Unconfirmed 697951.crdownload
2018-06-03 04:11 - 2018-06-03 04:26 - 006893197 _____ C:\Users\theri\Desktop\Unconfirmed 778789.crdownload
2018-06-01 21:23 - 2018-06-01 21:32 - 011745272 _____ C:\Users\theri\Desktop\reaper590_x64-install.exe
2018-05-20 05:46 - 2018-05-20 05:46 - 012806303 _____ C:\Users\theri\Desktop\ReaperUserGuide579cc.pdf
2018-05-15 11:25 - 2018-05-15 11:24 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-10 11:13 - 2017-07-22 19:57 - 000000000 ___DC C:\FRST
2018-06-10 11:01 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-10 10:30 - 2017-03-05 23:02 - 000000000 ___DC C:\ESD
2018-06-10 08:51 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-10 08:48 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-10 07:31 - 2018-05-03 17:00 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-06-10 07:31 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-10 07:31 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-10 05:40 - 2017-07-27 10:40 - 000000000 ____D C:\Users\theri\AppData\Roaming\vlc
2018-06-10 04:30 - 2017-10-27 18:14 - 000000000 ____D C:\Users\Public\Pro Tools
2018-06-10 04:30 - 2017-03-07 08:03 - 000000080 _____ C:\Users\theri\AppData\Roaming\msregsvv.dll
2018-06-10 04:30 - 2017-03-07 08:03 - 000000080 _____ C:\ProgramData\autobk.inc
2018-06-10 02:44 - 2017-04-25 09:23 - 000000000 ____D C:\Users\theri\AppData\Roaming\REAPER
2018-06-10 02:37 - 2017-12-13 13:08 - 000249856 ____N (Microsoft Corporation) C:\WINDOWS\Setup1.exe
2018-06-10 02:37 - 2017-12-13 13:08 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\ST6UNST.EXE
2018-06-10 02:34 - 2017-04-25 09:23 - 000000000 ____D C:\Program Files\REAPER (x64)
2018-06-10 01:18 - 2018-04-26 15:54 - 000000869 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2018-06-10 01:16 - 2017-10-28 01:10 - 000000000 ____D C:\ProgramData\VIP
2018-06-09 12:00 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-08 17:34 - 2017-03-06 03:13 - 000000000 ____D C:\Users\theri\AppData\Roaming\deluge
2018-06-07 19:38 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-06 19:57 - 2017-03-06 01:02 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2018-06-05 18:29 - 2018-04-11 18:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 18:29 - 2018-04-11 18:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-05 03:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-06-04 09:28 - 2018-05-03 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-04 09:28 - 2018-04-11 18:41 - 000000000 ____D C:\WINDOWS\Setup
2018-06-04 09:28 - 2018-04-11 18:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Help
2018-06-04 09:28 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-06-04 09:28 - 2017-12-14 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-06-04 09:28 - 2017-12-13 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grbl Controller
2018-06-04 09:28 - 2017-12-13 04:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeskEngrave
2018-06-04 09:28 - 2017-12-11 23:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DIY Layout Creator
2018-06-04 09:28 - 2017-11-27 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\openElement 1.57 R9
2018-06-04 09:28 - 2017-11-25 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai Professional - Internal MIDI
2018-06-04 09:28 - 2017-11-14 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antares Audio Technologies
2018-06-04 09:28 - 2017-11-12 17:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-06-04 09:28 - 2017-11-11 06:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2018-06-04 09:28 - 2017-10-28 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Akai
2018-06-04 09:28 - 2017-10-27 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid
2018-06-04 09:28 - 2017-10-27 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Audio Engineering Ltd
2018-06-04 09:28 - 2017-10-13 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JamManagerXT
2018-06-04 09:28 - 2017-10-07 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2018-06-04 09:28 - 2017-10-06 11:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\loopMIDI
2018-06-04 09:28 - 2017-10-05 09:57 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4
2018-06-04 09:28 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-06-04 09:28 - 2017-09-23 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2018-06-04 09:28 - 2017-09-19 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-06-04 09:28 - 2017-09-18 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Edit Pro 2.1
2018-06-04 09:28 - 2017-09-18 05:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2018-06-04 09:28 - 2017-09-03 01:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-06-04 09:28 - 2017-08-09 13:56 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2018-06-04 09:28 - 2017-08-08 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-06-04 09:28 - 2017-07-27 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-06-04 09:28 - 2017-06-13 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone Stack Calculator
2018-06-04 09:28 - 2017-06-07 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressPCB
2018-06-04 09:28 - 2017-04-30 02:32 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-06-04 09:28 - 2017-04-25 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2018-06-04 09:28 - 2017-04-12 11:25 - 000000000 ____D C:\Program Files\UNP
2018-06-04 09:28 - 2017-03-07 04:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2018-06-04 09:28 - 2017-03-06 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-04 09:28 - 2017-03-06 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2018-06-04 09:28 - 2017-03-06 07:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiinUSoft
2018-06-04 09:28 - 2017-03-06 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-06-04 09:28 - 2016-07-16 06:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-06-04 09:25 - 2017-11-11 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2018-06-04 09:25 - 2017-11-11 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2018-06-04 09:25 - 2017-10-28 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SONiVOX
2018-06-04 09:25 - 2017-10-27 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite
2018-06-04 09:25 - 2017-10-27 15:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novation
2018-06-04 09:25 - 2017-10-13 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2018-06-04 09:25 - 2017-10-13 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigiTech
2018-06-04 09:25 - 2017-10-02 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2018-06-04 09:25 - 2017-08-26 02:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-06-04 09:25 - 2017-03-11 01:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2018-06-04 09:25 - 2017-03-09 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2018-06-04 09:25 - 2017-03-08 00:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2018-06-04 09:25 - 2017-03-06 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-06-04 09:24 - 2017-05-24 08:14 - 000000000 ____D C:\Program Files\STMicroelectronics
2018-06-04 09:24 - 2017-05-24 08:14 - 000000000 ____D C:\Program Files\Intel
2018-06-04 09:23 - 2018-04-12 04:37 - 000000000 ____D C:\WINDOWS\Containers
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-06-04 09:23 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-04 09:23 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-06-04 09:20 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-06-04 07:01 - 2017-10-24 01:50 - 000000000 ____D C:\Users\theri\AppData\Local\Packages
2018-06-04 06:38 - 2018-04-11 16:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-06-04 06:38 - 2018-02-08 02:46 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-06-04 06:38 - 2017-10-24 20:30 - 000000000 ___RD C:\Users\theri\3D Objects
2018-06-04 06:38 - 2017-10-23 23:28 - 000000000 __HDC C:\$GetCurrent
2018-06-04 06:38 - 2017-10-23 23:28 - 000000000 ___DC C:\Windows10Upgrade
2018-06-04 06:38 - 2017-03-06 01:08 - 000000000 ____D C:\Users\theri\AppData\Local\PackageStaging
2018-06-04 06:38 - 2016-11-20 13:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-04 06:37 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Registration
2018-06-04 06:37 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-06-04 06:35 - 2018-04-11 18:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-04 06:35 - 2017-05-24 08:22 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-06-04 06:34 - 2018-04-11 18:38 - 000000000 __RSD C:\WINDOWS\media
2018-06-04 06:33 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-06-04 06:33 - 2017-11-10 18:23 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-04 06:31 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-04 06:31 - 2017-12-13 12:34 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-06-04 06:31 - 2017-10-28 00:05 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Akai Professional MPK Mini MkII Editor
2018-06-04 06:31 - 2017-09-23 03:05 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2018-06-04 06:31 - 2017-09-17 23:46 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2018-06-04 06:31 - 2017-09-03 01:29 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2018-06-04 06:31 - 2017-03-10 05:26 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2018-06-04 06:31 - 2017-03-06 10:04 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-04 06:31 - 2017-03-06 01:02 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2018-06-04 06:30 - 2017-12-13 13:08 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIN-CNC
2018-06-04 06:30 - 2017-10-24 01:50 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2018-06-04 06:30 - 2017-10-24 01:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2018-06-04 06:30 - 2017-09-25 19:09 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio
2018-06-04 06:30 - 2017-05-05 07:33 - 000000000 ____D C:\Users\theri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toontrack
2018-06-04 04:22 - 2017-10-24 00:16 - 000000036 _____ C:\WINDOWS\progress.ini
2018-06-04 04:04 - 2017-10-23 23:28 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-06-04 02:04 - 2017-03-11 06:25 - 000000000 ____D C:\Users\theri\AppData\Local\ElevatedDiagnostics
2018-06-04 00:56 - 2017-04-15 07:57 - 000000000 ____D C:\Users\theri\Documents\REAPER Media
2018-06-03 19:57 - 2017-10-27 13:17 - 000000000 ____D C:\Program Files\FocusriteUSB
2018-06-03 05:30 - 2017-09-07 07:44 - 000000000 ____D C:\Users\theri\AppData\Local\CrashDumps
2018-05-29 23:57 - 2017-10-03 20:12 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-05-29 23:57 - 2017-10-03 20:12 - 000000000 ____D C:\Program Files (x86)\Opera
2018-05-15 11:32 - 2017-03-06 06:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-15 11:28 - 2017-10-10 17:17 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-15 11:28 - 2017-03-06 06:42 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-15 11:24 - 2018-01-01 01:16 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-15 11:24 - 2017-11-11 21:29 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-15 11:24 - 2017-11-04 00:47 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
 
==================== Files in the root of some directories =======
 
2017-10-27 16:00 - 2017-10-27 16:00 - 000000865 _____ () C:\Users\theri\AppData\Roaming\Avid_CCS_Service_Stop.log
2017-03-07 08:03 - 2018-06-10 04:30 - 000000080 _____ () C:\Users\theri\AppData\Roaming\msregsvv.dll
2017-08-02 14:44 - 2017-08-02 14:44 - 000001167 _____ () C:\Users\theri\AppData\Roaming\trace_FilterInstaller.1.txt
2017-08-02 14:44 - 2017-08-02 14:56 - 000000905 _____ () C:\Users\theri\AppData\Roaming\trace_FilterInstaller.txt
2017-08-02 14:44 - 2017-08-02 14:56 - 000000000 _____ () C:\Users\theri\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2017-03-06 07:38 - 2017-03-21 23:16 - 000008983 _____ () C:\Users\theri\AppData\Roaming\WiinUSoft_prefs.config
2018-06-05 03:36 - 2018-06-05 03:36 - 000000218 _____ () C:\Users\theri\AppData\Local\recently-used.xbel
2017-04-16 09:29 - 2017-04-16 09:29 - 000000000 _____ () C:\Users\theri\AppData\Local\recently-used.xbel.FBDQYY
2017-03-11 00:18 - 2017-05-31 05:34 - 000007602 _____ () C:\Users\theri\AppData\Local\resmon.resmoncfg
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-04 06:28
 
==================== End of FRST.txt ============================
 
 
 
additionAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by ninjarig (10-06-2018 11:13:58)
Running from C:\Users\theri\Documents\Downloads
Windows 10 Pro Version 1803 17134.81 (X64) (2018-06-04 11:38:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
49C1F70A88FA45F8B889 (S-1-5-21-2490729119-3134143975-3617553193-1008 - Limited - Enabled)
Administrator (S-1-5-21-2490729119-3134143975-3617553193-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2490729119-3134143975-3617553193-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2490729119-3134143975-3617553193-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2490729119-3134143975-3617553193-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2490729119-3134143975-3617553193-1005 - Limited - Disabled)
ninjarig (S-1-5-21-2490729119-3134143975-3617553193-1001 - Administrator - Enabled) => C:\Users\theri
WDAGUtilityAccount (S-1-5-21-2490729119-3134143975-3617553193-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Ableton Live 9 Lite (HKLM\...\{E608300C-9B32-4A29-90DE-DF989EDAB0F9}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_2) (Version: 10.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
AIR Xpand!2 (HKLM\...\{69A89482-FEC4-4E34-97F9-46BB287D0953}) (Version: 12.0.0.615 - AIR Music Technology)
Akai Professional - Internal MIDI (HKLM-x32\...\Internal MIDI) (Version: 1.1 - Akai Pro)
Akai Professional MPK Mini MkII Editor (HKLM-x32\...\MPKminiMkIIEditor) (Version:  - )
AmpliTube 4 version 4.0.2 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.0.2 - IK Multimedia)
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version:  - )
Apple Application Support (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ARC System 2 version 2.2.0 (HKLM\...\{4952A610-D484-4F6A-B1B4-33797CFDB821}_is1) (Version: 2.2.0 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Autodesk Fusion 360 (HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.3797 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
Avid Application Manager (HKLM\...\{E727EEFD-2A76-4D4B-B6BB-873BAAB05A7F}) (Version: 17.8.16345 - Avid Technology, Inc.)
Avid Cloud Client Services (HKLM\...\{66E7D4F4-F044-428D-A734-59138A626A52}) (Version: 2.3.0.80 - Avid Technology, Inc.)
Avid Effects (HKLM\...\{F53B2C5A-9739-425A-B74C-E8D94DF2EFB5}) (Version: 12.8.2.105 - Avid Technology, Inc.)
Avid Pro Tools First (HKLM\...\{DE690717-9113-4E02-AD09-213B8E870694}) (Version: 12.8.2.105 - Avid Technology, Inc.)
Bass Station 2.3 (HKLM\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 2.3 - Novation)
Bioshock (HKLM-x32\...\Bioshock_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
BioShock 2 (HKLM-x32\...\BioShock 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: 1.8.4 - 2K Games)
Borderlands The Pre Sequel version 1.0.6.0 (HKLM-x32\...\Borderlands The Pre Sequel_is1) (Version: 1.0.6.0 - Mr DJ)
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version:  - )
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 4.04 - NCH Software)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
DeskEngrave (HKLM-x32\...\DeskEngrave_is1) (Version:  - )
DIY Layout Creator version 3.40.0 (HKLM-x32\...\DIY Layout Creator_is1) (Version: 3.40.0 - )
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.0.3 - IObit)
Driver Easy 5.5.3 (HKLM\...\DriverEasy_is1) (Version: 5.5.3 - Easeware)
ExpressPCB (HKLM-x32\...\{6E0A1AD8-943B-4516-916F-4E52807CAA9A}) (Version: 7.5.0 - ExpressPCB, LLC)
EZplayer pro (HKLM-x32\...\{8967ABFB-CBCA-4EC0-8DE8-A01135267C16}) (Version: 1.0.0 - Toontrack)
EZXClaustrophobic (HKLM-x32\...\{8094F7AE-CA21-4AF2-A256-BC918CE0E796}) (Version: 1.0 - Toontrack)
EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack)
EZXPercussion (HKLM-x32\...\{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}) (Version: 1.0 - Toontrack)
EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Grbl Controller version 3.6.1 (HKLM-x32\...\{2DC56D0D-0673-4954-9BDE-3D664965BA97}_is1) (Version: 3.6.1 - Zapmaker)
HL-L2320D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Hybrid (HKLM-x32\...\{a131ab43-5f9e-4241-87bf-e705d4045ac7}) (Version: 3.0.7.19000 - AIR Music Tech GmbH)
Hybrid AAX32 (HKLM-x32\...\{63FA7BA2-C720-4506-9379-43BFA5BC3A98}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid AAX64 (HKLM\...\{C2CB3E60-B541-418D-A535-D3D73A644EC5}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid Content (HKLM-x32\...\{77129154-5C4A-45D0-AFEF-5D9C2D307246}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid VST32 (HKLM-x32\...\{592BA348-DA75-42DE-91C1-54FD5D62ABE8}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Hybrid VST64 (HKLM\...\{EB4543A3-A9D8-4354-94BE-22400A619F7A}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden
Inkscape 0.92.2 (HKLM-x32\...\Inkscape) (Version: 0.92.2 - Inkscape Project)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
JamManagerXT version 2.3.5 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.3.5 - Harman International, Inc.)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
KeePass Password Safe 2.37 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.37 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 5.4.2.2 (HKLM-x32\...\{C7ED130E-8751-4248-AB98-D059CD9E7EAA}) (Version: 5.4.2.2 - The Document Foundation)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
loopMIDI (HKLM-x32\...\{55c0d955-4cee-452c-b393-d4c020a967d7}) (Version: 1.0.13.24 - Tobias Erichsen)
loopMIDI (HKLM-x32\...\{9E69C6CD-820A-44A9-9A0A-B7A56AD62A1E}) (Version: 1.0.13.24 - Tobias Erichsen) Hidden
loopMIDIBlockLegacy (HKLM-x32\...\{AEAF7978-3204-451D-8593-BC53EBDDA31D}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
Lurssen Mastering Console version 1.0.3 (HKLM\...\{9F525466-89DA-4B7B-BD8C-BBFDC4432DFB}_is1) (Version: 1.0.3 - IK Multimedia)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.12 - Magical Jelly Bean)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker Premium (HKLM\...\{7C0E97DB-B7FF-4248-BA47-4718D1D104A6}) (Version: 24.0.1.34 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Premium (HKLM-x32\...\MX.{7C0E97DB-B7FF-4248-BA47-4718D1D104A6}) (Version: 24.0.1.34 - MAGIX Software GmbH)
MAGIX Music Maker Trial Live Pads (HKLM\...\{DFE0E43F-300E-42DA-B937-BF3AA9D298B9}) (Version: 24.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Trial Soundpools (HKLM\...\{8AFD5CCB-BA23-4EDE-8F9B-943DAF52A9EB}) (Version: 24.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM\...\{EFFCCA53-B476-44A7-A34F-40FCD0B1DCD6}) (Version: 7.0.1.27 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{EFFCCA53-B476-44A7-A34F-40FCD0B1DCD6}) (Version: 7.0.1.27 - MAGIX Software GmbH)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Midnight 1.7 (HKLM\...\Midnight_is1) (Version: 1.7 - Focusrite)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.5.0 - Mozilla)
Mozilla Thunderbird 52.5.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.5.0 (x86 en-US)) (Version: 52.5.0 - Mozilla)
MPC Essentials 1.8.2 (HKLM\...\com.akaipro.mpc.essentials_is1) (Version: 1.8.2 - Akai Professional)
MPC Renaissance driver (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV0) (Version:  - )
MPC Studio driver (HKLM\...\USB_AUDIO_DEusb-audio.deAkaiACV1) (Version:  - )
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.0.1.2234 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
openElement 1.57 R9 (HKLM-x32\...\{66959A3E-1D45-497A-835C-ED8C2574687E}) (Version: 1.57.9 - BOOMBYTE Ltd) Hidden
openElement 1.57 R9 (HKLM-x32\...\openElement 1.57 R9 1.57.9) (Version: 1.57.9 - BOOMBYTE Ltd)
Opera Stable 53.0.2907.68 (HKLM-x32\...\Opera 53.0.2907.68) (Version: 53.0.2907.68 - Opera Software)
PACE License Support Win64 (HKLM\...\{4C3A303E-2761-4f07-9723-A0470315853F}) (Version: 3.1.5.1779 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM\...\{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.1.0731 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{4C3A303E-2761-4f07-9723-A0470315853F}) (Version: 3.1.5.1779 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.1.0731 - PACE Anti-Piracy, Inc.)
paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM\...\Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 - Focusrite Audio Engineering Limited)
RogueKiller version 12.11.12.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.12.0 - Adlice Software)
rtpMIDIBlockLegacy (HKLM-x32\...\{FD937297-84C3-41A5-B5DF-1FAEEE669D68}) (Version: 9.9.9.9 - Tobias Erichsen) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SampleTank 2 (HKLM-x32\...\{6559654F-2F38-491F-8411-211517C3E635}) (Version: 2.5.2 - IK Multimedia)
SampleTank 3 version 3.6.7 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.6.7 - IK Multimedia)
SONiVOX Wobble 2 (HKLM-x32\...\SONiVOX Wobble 2_is1) (Version:  - )
Superior Drummer 64-bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.3.1 - Toontrack)
Superior Drummer Installer (HKLM-x32\...\{009AC76E-1A66-4682-82B7-417E77F3C648}) (Version: 2.0.0 - Toontrack)
teVirtualMIDI64 (HKLM\...\{9084640A-366B-4C44-BDB1-74864B460B13}) (Version: 1.2.10.38 - Tobias Erichsen) Hidden
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Tone Stack Calculator version 1.3 (HKLM-x32\...\{D1385B9C-DD6D-43FE-B07C-28A80B23422F}_is1) (Version: 1.3 - Duncan Amplification)
Toontrack solo (HKLM-x32\...\{5866520C-8857-4986-833A-039F4584C3F7}) (Version: 1.1.1 - Toontrack)
T-RackS CS version 4.6.0 (HKLM\...\{E931EBCC-55F9-4D67-BA0E-D57C4A893A44}_is1) (Version: 4.6.0 - IK Multimedia)
VIP 3.0.0.262 (HKLM-x32\...\{B3FC246F-87F6-4476-9E79-F14FB5A1F773}_is1) (Version:  - inMusic Brands)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.12.955.48 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vocalist Live Librarian 1.2 (HKLM-x32\...\{3B5AFE4C-35D6-42C7-B855-C66CB272CDC3}_is1) (Version: 1.2 - Harman International, Inc.)
VT Hash Check 1.58 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.58 - Boredom Software)
WD Access (HKLM-x32\...\{046643f7-6206-46bb-8968-92c37fee39e0}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc.)
WD Access (HKLM-x32\...\{C0624809-D60D-4AFF-8AF3-9452125AF4C1}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 1.3.482 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{27c7215d-df19-4095-8f6a-eba55cab35be}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{F413FB4C-7CFF-4737-BCC3-5EE43BFB3721}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.) Hidden
WiinUSoft version 2.1 (HKLM\...\{1BFC4F9F-BB85-4CE3-AC22-0CBFF78D5EE4}_is1) (Version: 2.1 - Justin Keys)
WIN-CNC (HKLM-x32\...\ST6UNST #1) (Version:  - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Digitech (usbser) Ports  (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
X-Edit (HKLM-x32\...\{47107F5F-FDEC-4A01-896C-E76245743F1A}) (Version: 2.7.1.1 - DigiTech) Hidden
X-Edit (HKLM-x32\...\X-Edit) (Version: 2.7.1.1 - DigiTech)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\theri\AppData\Local\Autodesk\webdeploy\production\72ff341930ac680f0fc073441e10ee045a3f129c\NPreview10.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-15] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-15] (AVAST Software)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-15] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-02] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-15] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0FC1FC70-E465-4B9D-BE7E-AA123DC0892D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)
Task: {1D9EBCE3-2DC6-463F-ABF7-1D0B0747DBD8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {482914E0-4D57-4B7B-9405-714050F0D3E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {5ABCF63A-076B-44C6-9DF8-0E691A44E4FC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {8D4BD39A-5305-4153-BA00-87AD87C90710} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {9487BCD0-5D3A-4875-B627-5C13E08D50C1} - System32\Tasks\Opera scheduled Autoupdate 1507079576 => c:\program files (x86)\opera\launcher.exe [2018-05-22] (Opera Software)
Task: {97D6CB5C-0E58-428B-A166-51ACB7A2A75B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {A64F2715-C81E-4B8A-AFA6-A38D585DB401} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {A6B6B2BD-420B-4764-A3C3-68CF70A34D1F} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-theriggingninja@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {AF9F05AF-6D6D-4C48-A007-BD5A6E1587C3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-15] (AVAST Software)
Task: {D3507C34-53A6-4B3D-8681-40B4E49750B7} - System32\Tasks\{D48EF8AF-1514-49D0-822B-A8ACD6DA6F64} => C:\WINDOWS\system32\pcalua.exe -a "D:\PC Installer\Install Instruments DVD1.exe" -d "D:\PC Installer"
Task: {D7B7DE29-B078-48D2-B2CD-0C2C0957FC29} - System32\Tasks\SafeZone scheduled Autoupdate 1488781032 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {F7DF4C80-88FA-4BA1-A9B1-9E355A2C2412} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-12] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\theri\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-05-03 17:00 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-11 18:35 - 2018-04-12 04:20 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-15 16:32 - 2018-05-14 22:13 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libglesv2.dll
2018-05-15 16:32 - 2018-05-14 22:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libegl.dll
2017-10-20 16:22 - 2017-10-20 16:22 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-10-20 16:22 - 2017-10-20 16:22 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-10-20 16:20 - 2017-10-20 16:20 - 000235832 _____ () C:\Program Files\iTunes\libxslt.dll
2018-03-19 11:43 - 2018-03-19 11:43 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-15 11:24 - 2018-05-15 11:24 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-15 11:24 - 2018-05-15 11:24 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-12-14 10:03 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-03-16 15:20 - 2018-03-16 15:20 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-13 11:07 - 2015-09-13 11:07 - 000099328 _____ () C:\Program Files (x86)\Deluge\win32api.pyd
2015-09-13 11:07 - 2015-09-13 11:07 - 000109056 _____ () C:\Program Files (x86)\Deluge\pywintypes27.dll
2015-09-13 11:07 - 2015-09-13 11:07 - 000395776 _____ () C:\Program Files (x86)\Deluge\pythoncom27.dll
2016-12-17 15:46 - 2016-12-17 15:46 - 001016832 _____ () C:\Program Files (x86)\Deluge\_hashlib.pyd
2016-12-17 15:45 - 2016-12-17 15:45 - 000046592 _____ () C:\Program Files (x86)\Deluge\_socket.pyd
2016-12-17 15:45 - 2016-12-17 15:45 - 001410048 _____ () C:\Program Files (x86)\Deluge\_ssl.pyd
2016-12-17 15:44 - 2016-12-17 15:44 - 000091648 _____ () C:\Program Files (x86)\Deluge\_ctypes.pyd
2011-04-09 02:59 - 2011-04-09 02:59 - 000058368 _____ () C:\Program Files (x86)\Deluge\glib._glib.pyd
2011-04-09 02:59 - 2011-04-09 02:59 - 000113152 _____ () C:\Program Files (x86)\Deluge\gobject._gobject.pyd
2017-03-06 05:23 - 2017-03-06 05:23 - 000019456 _____ () C:\Program Files (x86)\Deluge\zope.interface._zope_interface_coptimizations.pyd
2017-03-06 05:23 - 2017-03-06 05:23 - 001828864 _____ () C:\Program Files (x86)\Deluge\cryptography.hazmat.bindings._openssl.pyd
2017-03-06 05:23 - 2017-03-06 05:23 - 000119808 _____ () C:\Program Files (x86)\Deluge\_cffi_backend.pyd
2016-12-17 15:44 - 2016-12-17 15:44 - 000687104 _____ () C:\Program Files (x86)\Deluge\unicodedata.pyd
2015-09-13 11:07 - 2015-09-13 11:07 - 000035840 _____ () C:\Program Files (x86)\Deluge\win32process.pyd
2016-12-17 15:44 - 2016-12-17 15:44 - 000010240 _____ () C:\Program Files (x86)\Deluge\select.pyd
2015-09-13 11:07 - 2015-09-13 11:07 - 000118784 _____ () C:\Program Files (x86)\Deluge\win32file.pyd
2015-09-13 11:07 - 2015-09-13 11:07 - 000017408 _____ () C:\Program Files (x86)\Deluge\win32event.pyd
2015-09-13 11:07 - 2015-09-13 11:07 - 000166912 _____ () C:\Program Files (x86)\Deluge\win32gui.pyd
2011-04-09 03:02 - 2011-04-09 03:02 - 001882624 _____ () C:\Program Files (x86)\Deluge\gtk._gtk.pyd
2012-02-08 17:51 - 2012-02-08 17:51 - 000100352 _____ () C:\Program Files (x86)\Deluge\zlib1.dll
2012-02-08 17:50 - 2012-02-08 17:50 - 000279059 _____ () C:\Program Files (x86)\Deluge\libfontconfig-1.dll
2012-02-08 17:50 - 2012-02-08 17:50 - 000538324 _____ () C:\Program Files (x86)\Deluge\freetype6.dll
2012-02-08 17:50 - 2012-02-08 17:50 - 000143096 _____ () C:\Program Files (x86)\Deluge\libexpat-1.dll
2012-02-08 17:50 - 2012-02-08 17:50 - 001294335 _____ () C:\Program Files (x86)\Deluge\libcairo-2.dll
2012-02-08 17:51 - 2012-02-08 17:51 - 000230529 _____ () C:\Program Files (x86)\Deluge\libpng14-14.dll
2010-11-02 14:35 - 2010-11-02 14:35 - 000069632 _____ () C:\Program Files (x86)\Deluge\cairo._cairo.pyd
2011-04-09 02:59 - 2011-04-09 02:59 - 000263168 _____ () C:\Program Files (x86)\Deluge\gio._gio.pyd
2011-04-09 03:03 - 2011-04-09 03:03 - 000111616 _____ () C:\Program Files (x86)\Deluge\pango.pyd
2011-04-09 03:03 - 2011-04-09 03:03 - 000208384 _____ () C:\Program Files (x86)\Deluge\atk.pyd
2011-04-09 03:03 - 2011-04-09 03:03 - 000017920 _____ () C:\Program Files (x86)\Deluge\pangocairo.pyd
2011-04-09 03:03 - 2011-04-09 03:03 - 000018944 _____ () C:\Program Files (x86)\Deluge\gtk.glade.pyd
2012-02-08 17:51 - 2012-02-08 17:51 - 000168833 _____ () C:\Program Files (x86)\Deluge\libglade-2.0-0.dll
2012-02-08 17:51 - 2012-02-08 17:51 - 001225225 _____ () C:\Program Files (x86)\Deluge\libxml2-2.dll
2016-07-20 09:53 - 2016-07-20 09:53 - 000058368 _____ () C:\Program Files (x86)\Deluge\rencode._rencode.pyd
2015-09-13 11:07 - 2015-09-13 11:07 - 000023040 _____ () C:\Program Files (x86)\Deluge\win32pipe.pyd
2017-03-06 05:23 - 2017-03-06 05:23 - 000936960 _____ () C:\Program Files (x86)\Deluge\PIL._imaging.pyd
2017-05-12 15:30 - 2017-05-12 15:30 - 000156686 _____ () C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libmurrine.dll
2012-02-08 17:51 - 2012-02-08 17:51 - 000062248 _____ () C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libpixmap.dll
2017-02-19 10:11 - 2017-02-19 10:11 - 002596352 _____ () C:\Program Files (x86)\Deluge\libtorrent.pyd
2016-12-17 15:44 - 2016-12-17 15:44 - 000071168 _____ () C:\Program Files (x86)\Deluge\bz2.pyd
2015-09-13 11:07 - 2015-09-13 11:07 - 000360448 _____ () C:\Program Files (x86)\Deluge\win32com.shell.shell.pyd
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData:0AA54949B9483ADF [217]
AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:0AA54949B9483ADF [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:0AA54949B9483ADF [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\123simsen.com -> www.123simsen.com
 
There are 7933 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-16 06:47 - 2017-11-03 02:11 - 000501095 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\theri\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "Avid Application Manager.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\StartupApproved\Run: => "FlashPlayerUpdate"
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\StartupApproved\Run: => "Cricut Design Space3"
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\StartupApproved\Run: => "EsetPasswordManager"
HKU\S-1-5-21-2490729119-3134143975-3617553193-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{3B30659E-593C-42E9-A1BD-0649A5630684}] => (Allow) c:\program files (x86)\opera\53.0.2907.68\opera.exe
FirewallRules: [{63E62E44-20C0-4CF2-8A85-BBAD537B7944}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DE97D93A-73F1-4D05-A82B-68E6456369A5}] => (Allow) c:\program files (x86)\opera\52.0.2871.99\opera.exe
FirewallRules: [{FB34C682-6BA3-4049-905C-4E51C0B3ABBF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{083CEBF7-71FC-4B56-81F0-2BF6A1943E3D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A8A2C157-DDC9-4699-A60C-8EA93A6FF8F9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{40BEA016-83EA-4AC5-947D-265930C62B57}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{05F85B85-E220-4FC5-9BF3-6E51EF8DE768}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B0EF314A-5D18-48B7-859E-A9D161BD2BAE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{47345AD6-DA26-450F-A434-BB74A2780B32}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{7CA51806-1044-4A1F-8BB1-A32B1C44EC17}] => (Allow) C:\Program Files (x86)\openElement\openElement 1.57 R9\SyncFTP.exe
FirewallRules: [{204DAC08-A53D-40E6-8940-F267DBDACD88}] => (Allow) C:\Program Files (x86)\openElement\openElement 1.57 R9\openElement.exe
FirewallRules: [UDP Query User{4B2A51BF-4414-4754-8392-44A7442BC003}C:\program files (x86)\deluge\deluged.exe] => (Allow) C:\program files (x86)\deluge\deluged.exe
FirewallRules: [TCP Query User{23677288-90FA-4EA7-B071-CB06D9C1C400}C:\program files (x86)\deluge\deluged.exe] => (Allow) C:\program files (x86)\deluge\deluged.exe
FirewallRules: [UDP Query User{531BA758-B7C3-463A-9654-EEBE01E07122}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{CC2AE57C-FE3F-4F14-BD9E-5803A5F36EC8}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{DCE6D240-D0BB-4695-861B-483CB9991322}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Block) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [TCP Query User{602BCABF-E505-415B-9A9B-50693A8E49CD}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Block) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [{A22279DA-198D-415C-AA37-261C07026C3F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
 
==================== Restore Points =========================
 
04-06-2018 06:38:52 Windows Update
07-06-2018 11:33:32 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/10/2018 10:58:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17134.1, time stamp: 0x2a3c4e62
Faulting module name: msxml6.dll, version: 6.30.17134.1, time stamp: 0x4a5aa4f0
Exception code: 0xc0000005
Fault offset: 0x0000000000080b67
Faulting process id: 0x348
Faulting application start time: 0x01d400d3d886c963
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\msxml6.dll
Report Id: 4db847e1-7b92-48bd-a631-bcfffead2eb8
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
 
Error: (06/10/2018 10:32:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   23 18.1.168.192.in-addr.arpa. PTR RHODONA-ESCOBAR.local.
 
Error: (06/10/2018 10:32:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.18:5353   25 18.1.168.192.in-addr.arpa. PTR RHODONA-ESCOBAR-2.local.
 
Error: (06/10/2018 07:44:11 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Users\theri\Documents\Downloads\adwcleaner_7.0.4.0.exe".Error in manifest or policy file "C:\Users\theri\Documents\Downloads\adwcleaner_7.0.4.0.exe" on line 0.
Invalid Xml syntax.
 
Error: (06/10/2018 07:28:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2260641
 
Error: (06/10/2018 07:28:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2260641
 
Error: (06/10/2018 07:28:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/10/2018 06:38:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 257094
 
 
System errors:
=============
Error: (06/10/2018 07:54:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/10/2018 07:40:57 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/10/2018 07:31:26 AM) (Source: DCOM) (EventID: 10016) (User: RHODONA-ESCOBAR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user RHODONA-ESCOBAR\ninjarig SID (S-1-5-21-2490729119-3134143975-3617553193-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/10/2018 07:31:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/10/2018 07:31:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/10/2018 07:30:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:31:52 AM on ‎6/‎10/‎2018 was unexpected.
 
Error: (06/10/2018 05:36:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/10/2018 02:59:11 AM) (Source: DCOM) (EventID: 10016) (User: RHODONA-ESCOBAR)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user RHODONA-ESCOBAR\ninjarig SID (S-1-5-21-2490729119-3134143975-3617553193-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3340M CPU @ 2.70GHz
Percentage of memory in use: 49%
Total physical RAM: 8097.57 MB
Available physical RAM: 4112.72 MB
Total Virtual: 9377.57 MB
Available Virtual: 5566.25 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:237.07 GB) (Free:26.17 GB) NTFS
Drive d: (ESD-USB) (Removable) (Total:28.87 GB) (Free:25.4 GB) FAT32
 
\\?\Volume{e93953c0-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{e93953c0-0000-0000-0000-d0633b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{e93953c0-0000-0000-0000-10813b000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: E93953C0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=467 MB) - (Type=27)
Partition 4: (Not Active) - (Size=467 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 28.9 GB) (Disk ID: 07A6A7FD)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)
 
==================== End of Addition.txt ============================


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:36 AM

Posted 11 June 2018 - 07:06 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
OPR Extension: (Amazon Assistant for Opera) - C:\Users\theri\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2018-06-07]
AlternateDataStreams: C:\ProgramData:0AA54949B9483ADF [217]
AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\Users\All Users:0AA54949B9483ADF [217]
AlternateDataStreams: C:\Users\All Users:482EE99B1E21CE8C [217]
AlternateDataStreams: C:\ProgramData\Application Data:0AA54949B9483ADF [217]
AlternateDataStreams: C:\ProgramData\Application Data:482EE99B1E21CE8C [217]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Please post the logs and let me know if the problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:36 AM

Posted 17 June 2018 - 08:52 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users