Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes keeps reporting a PUP - dispatchdrv.integrate.updrv.com


  • Please log in to reply
2 replies to this topic

#1 barfield94

barfield94

  • Members
  • 3 posts
  • ONLINE
  •  
  • Local time:01:12 AM

Posted Today, 05:44 PM

Hi there

 

I've had a lot of warnings recently from Malwarebytes about a website being blocked due to a PUP. The domain is "dispatchdrv.integrate.updrv.com" but I've run both Malwarebytes and CCcleaner and nothing has been found / stopped it from occurring.

 

Is this something to be concerned about? There don't seem to be any obvious issues on my system other than the Malwarebytes warnings.

 

I did recently install a Driver update program (Driver Max) but uninstalled this the other day thinking it might be that causing the issue.

 

Thanks in advance

 

Dave

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by David (administrator) on DESKTOP-AGJVL4D (16-08-2018 23:39:50)
Running from C:\Users\David\Downloads
Loaded Profiles: David &  (Available Profiles: David)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUS) C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
(ASUS) C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
(ASUS) C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(inMethod) C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe
(inMethod) C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe
() C:\Program Files (x86)\AirVideoServer HD\ExternalEncoder.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(GipsyMedia Limited) C:\Program Files (x86)\Digiguide TV Guide\DigiGuide.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.11.570\AsusWSPanel.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.11.570\ASUSWSLoader.exe [63968 2016-08-12] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-03] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037688\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627492\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626392\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910835\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947498\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014303\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926396\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555092\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620209\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000039\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037742\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627528\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626423\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910864\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947741\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014336\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926422\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555156\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620238\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000070\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-305419062-1090771254-121226093-1001\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101\...\Run: [AirVideoServerHD] => C:\Program Files (x86)\AirVideoServer HD\AirVideoServerStarter.exe [2391808 2018-02-18] (inMethod)
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Digiguide TV Guide.lnk [2016-10-04]
ShortcutTarget: Digiguide TV Guide.lnk -> C:\Program Files (x86)\Digiguide TV Guide\Client.exe (GipsyMedia Limited)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{5b4024d8-13b5-4378-aec9-e46f695faba1}: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
Internet Explorer:
==================
HKU\S-1-5-21-305419062-1090771254-121226093-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-25] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} -  No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} -  No File
 
FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\E5V4L4vW.default [2016-10-04]
FF Extension: (Avira Browser Safety) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\E5V4L4vW.default\Extensions\abs@avira.com [2016-10-04] [Legacy]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> google.co.uk_
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2018-08-16]
CHR Extension: (Google Translate) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-05-29]
CHR Extension: (Slides) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-04]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-04]
CHR Extension: (Adobe Acrobat) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (eReaderIQ Integrator) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\epjfabiijflnfmjjhanhddglfhokheae [2018-05-08]
CHR Extension: (Sheets) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (The Camelizer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2018-06-23]
CHR Extension: (Pocket) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2017-01-24]
CHR Extension: (Save to Pocket) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-07-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [890896 2018-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [231176 2018-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [231176 2018-08-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-08-14] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [File not signed]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [431144 2018-08-03] (Avira Operations GmbH & Co. KG)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [440304 2017-10-20] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1865224 2018-05-01] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-09-18] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S2 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-05-03] ()
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-05-03] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [139208 2018-03-06] (ASUS Corporation)
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (ASUSTek Computer Inc.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [69656 2018-08-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [179376 2018-07-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-07-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-24] (Avira Operations GmbH & Co. KG)
R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1566152 2018-05-16] (Motorola Solutions, Inc.)
R3 CNICDriver; C:\WINDOWS\System32\drivers\CNICDriver.sys [432184 2018-07-20] (Shenzhen DriveTheLife Software Technology Co.Ltd)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [57304 2015-10-02] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2018-05-01] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [402264 2018-05-01] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-08-04] (Malwarebytes)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2018-06-18] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [124872 2018-05-17] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [191208 2018-08-15] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [114920 2018-08-15] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [48360 2018-08-15] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-15] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102632 2018-08-16] (Malwarebytes)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_e04d68fb0b0ccd77\nvlddmkm.sys [14181304 2016-12-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [895928 2018-07-05] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56848 2018-07-23] (Synaptics Incorporated)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-16 23:22 - 2018-08-16 23:22 - 000000002 _____ C:\Users\David\Downloads\xmncdlrwfjcxtxl.txt
2018-08-16 23:22 - 2018-08-16 23:22 - 000000002 _____ C:\Users\David\Downloads\tpuxuypxmmdyosbco.txt
2018-08-16 22:59 - 2018-08-16 22:59 - 000000771 _____ C:\Users\David\Desktop\Desktop - Shortcut.lnk
2018-08-16 22:59 - 2018-08-16 22:59 - 000000653 _____ C:\Users\David\Desktop\malwarebytes.txt
2018-08-16 11:30 - 2018-08-16 11:35 - 000000000 ____D C:\ProgramData\HitmanPro
2018-08-16 11:30 - 2018-08-16 11:30 - 011576808 _____ (SurfRight B.V.) C:\Users\David\Downloads\HitmanPro_x64.exe
2018-08-16 01:01 - 2018-08-16 23:37 - 000053087 _____ C:\Users\David\Downloads\Addition.txt
2018-08-16 01:00 - 2018-08-16 23:40 - 000040932 _____ C:\Users\David\Downloads\FRST.txt
2018-08-16 00:59 - 2018-08-16 23:39 - 000000000 ____D C:\FRST
2018-08-16 00:59 - 2018-08-16 00:59 - 002412544 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2018-08-16 00:59 - 2018-08-16 00:59 - 000000000 ____D C:\Users\David\Downloads\FRST-OlderVersion
2018-08-16 00:49 - 2018-08-16 00:49 - 000002623 _____ C:\Users\Public\Desktop\InPlay IPTV.lnk
2018-08-16 00:49 - 2018-08-16 00:49 - 000000000 ____D C:\Users\David\AppData\Local\InPlay_TV
2018-08-16 00:49 - 2018-08-16 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobain ltd
2018-08-16 00:49 - 2018-08-16 00:49 - 000000000 ____D C:\ProgramData\IsolatedStorage
2018-08-16 00:49 - 2018-08-16 00:49 - 000000000 ____D C:\Program Files (x86)\Cobain ltd
2018-08-16 00:48 - 2018-08-16 00:48 - 006530362 _____ C:\Users\David\Downloads\iptv.zip
2018-08-15 21:50 - 2018-08-15 21:50 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-08-15 21:50 - 2018-08-15 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-08-15 21:50 - 2018-08-15 21:50 - 000000000 ____D C:\Program Files\Speccy
2018-08-15 21:49 - 2018-08-15 21:49 - 000001767 _____ C:\Users\Public\Desktop\Defraggler.lnk
2018-08-15 21:49 - 2018-08-15 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2018-08-15 21:49 - 2018-08-15 21:49 - 000000000 ____D C:\Program Files\Defraggler
2018-08-15 21:48 - 2018-08-15 21:49 - 016874288 _____ (Piriform Ltd) C:\Users\David\Downloads\CCleanerBundle-1116-Setup.exe
2018-08-15 00:28 - 2018-08-15 00:28 - 001790024 _____ (Malwarebytes) C:\Users\David\Downloads\JRT.exe
2018-08-15 00:28 - 2018-08-15 00:28 - 001790024 _____ (Malwarebytes) C:\Users\David\Downloads\JRT (1).exe
2018-08-15 00:09 - 2018-08-16 22:54 - 000102632 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-08-15 00:09 - 2018-08-15 00:09 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-08-15 00:09 - 2018-08-15 00:09 - 000191208 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-08-15 00:09 - 2018-08-15 00:09 - 000114920 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-08-15 00:09 - 2018-08-15 00:09 - 000048360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-08-14 22:45 - 2018-08-14 22:45 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-08-14 22:42 - 2018-08-03 09:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-14 22:42 - 2018-08-03 09:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-14 22:42 - 2018-08-03 09:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-14 22:42 - 2018-08-03 09:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-14 22:42 - 2018-08-03 09:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-14 22:42 - 2018-08-03 09:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-14 22:42 - 2018-08-03 09:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-14 22:42 - 2018-08-03 09:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-14 22:42 - 2018-08-03 09:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-14 22:42 - 2018-08-03 09:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-14 22:42 - 2018-08-03 09:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-14 22:42 - 2018-08-03 09:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-14 22:42 - 2018-08-03 09:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-14 22:42 - 2018-08-03 08:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-14 22:42 - 2018-08-03 08:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-14 22:42 - 2018-08-03 08:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-14 22:42 - 2018-08-03 08:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-14 22:42 - 2018-08-03 08:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-14 22:42 - 2018-08-03 08:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-14 22:42 - 2018-08-03 08:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-14 22:42 - 2018-08-03 08:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-14 22:42 - 2018-08-03 08:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-14 22:42 - 2018-08-03 06:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-08-14 22:42 - 2018-08-03 05:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-08-14 22:42 - 2018-08-03 04:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-14 22:42 - 2018-08-03 04:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-14 22:42 - 2018-08-03 04:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-14 22:42 - 2018-08-03 04:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-14 22:42 - 2018-08-03 04:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-14 22:42 - 2018-08-03 04:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-14 22:42 - 2018-08-03 04:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-14 22:42 - 2018-08-03 04:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-14 22:42 - 2018-08-03 04:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-14 22:42 - 2018-08-03 04:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-14 22:42 - 2018-08-03 04:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-14 22:42 - 2018-08-03 04:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-14 22:42 - 2018-08-03 04:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-14 22:42 - 2018-08-03 04:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-14 22:42 - 2018-08-03 04:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-14 22:42 - 2018-08-03 04:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-14 22:42 - 2018-08-03 04:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-14 22:42 - 2018-08-03 04:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-14 22:42 - 2018-08-03 04:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-14 22:42 - 2018-08-03 04:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-14 22:42 - 2018-08-03 04:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-14 22:42 - 2018-08-03 04:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-14 22:42 - 2018-08-03 04:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-14 22:42 - 2018-08-03 04:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-14 22:42 - 2018-08-03 04:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-14 22:42 - 2018-08-03 04:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-14 22:42 - 2018-08-03 04:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-14 22:42 - 2018-08-03 04:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-14 22:42 - 2018-08-03 04:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-14 22:42 - 2018-08-03 04:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-14 22:42 - 2018-08-03 04:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-14 22:42 - 2018-08-03 04:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-14 22:42 - 2018-08-03 04:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-14 22:42 - 2018-08-03 04:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-14 22:42 - 2018-08-03 04:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-14 22:42 - 2018-08-03 04:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-14 22:42 - 2018-08-03 04:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-14 22:42 - 2018-08-03 04:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-14 22:42 - 2018-08-03 04:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-14 22:42 - 2018-08-03 04:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-08-14 22:42 - 2018-08-03 04:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-14 22:42 - 2018-08-03 04:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-14 22:42 - 2018-08-03 04:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-14 22:42 - 2018-08-03 04:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-14 22:42 - 2018-08-03 04:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-14 22:42 - 2018-08-03 04:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-14 22:42 - 2018-08-03 04:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-14 22:42 - 2018-08-03 04:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-14 22:42 - 2018-08-03 04:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-14 22:42 - 2018-08-03 04:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-14 22:42 - 2018-08-03 04:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-14 22:42 - 2018-08-03 04:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-14 22:42 - 2018-08-03 04:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-14 22:42 - 2018-08-03 04:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-14 22:42 - 2018-08-03 04:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-14 22:42 - 2018-08-03 04:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-14 22:42 - 2018-08-03 04:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-14 22:42 - 2018-08-03 04:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-14 22:42 - 2018-08-03 04:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-14 22:42 - 2018-08-03 04:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-14 22:42 - 2018-08-03 04:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-14 22:42 - 2018-08-03 04:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-14 22:42 - 2018-08-03 04:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-14 22:42 - 2018-08-03 04:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-14 22:42 - 2018-08-03 04:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-14 22:42 - 2018-08-03 04:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-14 22:42 - 2018-08-03 04:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-14 22:42 - 2018-08-03 04:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-14 22:42 - 2018-08-03 04:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-14 22:42 - 2018-08-03 04:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-14 22:42 - 2018-08-03 04:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-14 22:42 - 2018-08-03 04:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-14 22:42 - 2018-08-03 04:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-14 22:42 - 2018-08-03 04:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-08-14 22:42 - 2018-08-03 04:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-14 22:42 - 2018-08-03 04:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-14 22:42 - 2018-08-03 04:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-14 22:42 - 2018-08-03 04:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-14 22:42 - 2018-08-03 04:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-14 22:42 - 2018-07-15 01:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-14 22:42 - 2018-07-15 01:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-14 22:42 - 2018-07-15 01:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-14 22:42 - 2018-07-15 01:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-14 22:42 - 2018-07-15 01:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-14 22:42 - 2018-07-15 01:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-14 22:42 - 2018-07-15 01:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-14 22:42 - 2018-07-15 01:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-14 22:42 - 2018-07-15 01:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-14 22:42 - 2018-07-15 01:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-14 22:42 - 2018-07-15 01:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-14 22:42 - 2018-07-15 01:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-14 22:42 - 2018-07-15 01:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-14 22:42 - 2018-07-15 01:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-14 22:42 - 2018-07-15 01:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-14 22:42 - 2018-07-15 00:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-14 22:42 - 2018-07-15 00:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-14 22:42 - 2018-07-15 00:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-14 22:42 - 2018-07-15 00:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-14 22:42 - 2018-07-15 00:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-14 22:42 - 2018-07-15 00:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-14 22:42 - 2018-07-15 00:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-14 22:42 - 2018-07-15 00:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-14 22:42 - 2018-07-15 00:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-14 22:42 - 2018-07-14 07:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-14 22:42 - 2018-07-14 07:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-14 22:42 - 2018-07-14 05:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-14 22:42 - 2018-07-14 05:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-14 22:42 - 2018-07-14 05:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-14 22:42 - 2018-07-14 05:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-14 22:42 - 2018-07-14 05:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-14 22:42 - 2018-07-14 05:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-14 22:42 - 2018-07-14 05:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-14 22:42 - 2018-07-14 05:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-14 22:42 - 2018-07-14 05:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-14 22:42 - 2018-07-14 05:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-14 22:42 - 2018-07-14 05:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-14 22:42 - 2018-07-14 05:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-14 22:42 - 2018-07-14 05:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-14 22:42 - 2018-07-14 05:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-14 22:42 - 2018-07-14 05:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-14 22:42 - 2018-07-14 05:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-14 22:42 - 2018-07-14 05:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-14 22:42 - 2018-07-14 05:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-14 22:42 - 2018-07-14 05:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-14 22:42 - 2018-07-14 05:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-14 22:42 - 2018-07-14 05:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-14 22:42 - 2018-07-14 05:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-14 22:42 - 2018-07-14 05:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-14 22:42 - 2018-07-14 05:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-14 22:42 - 2018-07-14 05:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-14 22:42 - 2018-07-14 05:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-14 22:42 - 2018-07-14 05:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-14 22:42 - 2018-07-14 05:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-14 22:42 - 2018-07-14 05:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-14 22:42 - 2018-07-14 05:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-14 22:42 - 2018-07-14 05:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-14 22:42 - 2018-07-14 05:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-14 22:42 - 2018-07-14 04:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-14 22:42 - 2018-07-14 04:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-14 22:42 - 2018-07-14 04:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-14 22:42 - 2018-07-14 04:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-14 22:42 - 2018-07-14 04:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-14 22:42 - 2018-07-14 04:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-14 22:42 - 2018-07-14 04:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-14 22:42 - 2018-07-14 04:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-14 22:42 - 2018-07-14 04:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-14 22:42 - 2018-07-14 04:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-14 22:42 - 2018-07-14 04:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-14 22:42 - 2018-07-14 04:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-14 22:42 - 2018-07-14 04:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-14 22:42 - 2018-07-14 04:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-14 22:42 - 2018-07-14 04:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-14 22:42 - 2018-07-14 04:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-14 22:42 - 2018-07-14 04:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-14 22:42 - 2018-07-14 04:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-14 22:42 - 2018-07-14 04:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-14 22:42 - 2018-07-14 04:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-14 22:42 - 2018-07-14 04:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-14 22:42 - 2018-07-14 04:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-14 22:42 - 2018-07-14 04:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-14 22:42 - 2018-07-14 04:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-14 22:42 - 2018-07-14 04:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-14 22:42 - 2018-07-14 04:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-14 22:42 - 2018-07-14 04:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-14 22:42 - 2018-07-14 04:49 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-08-14 22:42 - 2018-07-14 04:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-14 22:42 - 2018-07-13 05:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-14 22:41 - 2018-08-03 09:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-14 22:41 - 2018-08-03 09:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-14 22:41 - 2018-08-03 09:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-14 22:41 - 2018-08-03 08:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-14 22:41 - 2018-08-03 08:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-14 22:41 - 2018-08-03 04:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-14 22:41 - 2018-08-03 04:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-14 22:41 - 2018-08-03 04:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-14 22:41 - 2018-08-03 04:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-14 22:41 - 2018-08-03 04:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-14 22:41 - 2018-08-03 04:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-14 22:41 - 2018-08-03 04:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-14 22:41 - 2018-08-03 04:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-14 22:41 - 2018-08-03 04:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-14 22:41 - 2018-08-03 04:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-08-14 22:41 - 2018-08-03 04:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-14 22:41 - 2018-08-03 04:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-14 22:41 - 2018-08-03 04:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-14 22:41 - 2018-08-03 04:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-14 22:41 - 2018-08-03 02:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-14 22:41 - 2018-07-15 01:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-14 22:41 - 2018-07-15 00:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-14 22:41 - 2018-07-14 04:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-14 22:41 - 2018-07-14 04:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-14 22:41 - 2018-07-14 04:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-14 22:41 - 2018-07-14 04:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-14 22:41 - 2018-07-14 04:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-14 22:41 - 2018-07-14 04:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-14 22:41 - 2018-07-14 04:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-14 22:41 - 2018-07-14 04:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-14 22:41 - 2018-07-14 04:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-14 22:41 - 2018-07-14 04:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-14 22:41 - 2018-07-14 04:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-14 22:41 - 2018-07-14 04:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-14 22:41 - 2018-07-14 04:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-14 22:41 - 2018-07-14 04:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-13 10:22 - 2018-08-13 10:22 - 000001191 _____ C:\Users\Public\Desktop\Avira.lnk
2018-08-13 10:22 - 2018-08-13 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-08-07 15:10 - 2018-08-07 15:10 - 001105535 _____ C:\Users\David\Downloads\egiftcard quidco 07-08.pdf
2018-08-07 15:05 - 2018-08-07 15:05 - 000006360 _____ C:\Users\David\Downloads\rankings_1533650745.xlsx
2018-08-07 15:05 - 2018-08-07 15:05 - 000005723 _____ C:\Users\David\Downloads\rankings_1533650709.xlsx
2018-08-07 14:41 - 2018-08-07 14:41 - 000017415 _____ C:\Users\David\Downloads\rankings_1533649249.xlsx
2018-08-07 14:04 - 2018-08-07 14:20 - 000010864 _____ C:\Users\David\Downloads\Avg ages of starting XIs (league).xlsx
2018-08-06 15:49 - 2018-08-06 15:49 - 000006657 _____ C:\Users\David\Downloads\rankings_1533566946.xlsx
2018-08-06 14:52 - 2018-08-06 14:52 - 000005610 _____ C:\Users\David\Downloads\rankings_1533563531.xlsx
2018-08-04 00:31 - 2018-08-04 00:44 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-08-03 20:54 - 2018-07-20 00:00 - 000432184 _____ (Shenzhen DriveTheLife Software Technology Co.Ltd) C:\WINDOWS\system32\Drivers\CNICDriver.sys
2018-08-03 20:54 - 2018-07-20 00:00 - 000000013 _____ C:\WINDOWS\system32\Drivers\CNICDriver.dat
2018-08-03 20:54 - 2018-07-05 07:25 - 009908720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2018-08-03 20:54 - 2018-06-18 15:08 - 000967696 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2018-08-03 20:53 - 2018-08-03 20:53 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-08-03 20:53 - 2018-08-03 20:53 - 000000000 ____D C:\ProgramData\Audyssey Labs
2018-08-03 20:53 - 2018-07-31 18:06 - 019284084 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-08-03 20:53 - 2018-07-27 09:59 - 003201376 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2018-08-03 20:53 - 2018-07-20 20:21 - 001054136 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2018-08-03 20:53 - 2018-07-20 20:21 - 001005064 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2018-08-03 20:53 - 2018-07-20 20:09 - 001375344 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2018-08-03 20:53 - 2018-07-20 20:09 - 001290864 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2018-08-03 20:53 - 2018-07-20 20:09 - 001249600 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2018-08-03 20:53 - 2018-07-20 20:09 - 001162072 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2018-08-03 20:53 - 2018-07-20 17:00 - 005291520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2018-08-03 20:53 - 2018-07-20 17:00 - 002414592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2018-08-03 20:53 - 2018-07-20 17:00 - 001150464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2018-08-03 20:53 - 2018-07-20 17:00 - 000369664 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2018-08-03 20:53 - 2018-07-04 10:37 - 003279712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-08-03 20:53 - 2018-06-21 17:00 - 002921408 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-08-03 20:53 - 2018-02-13 19:22 - 000677312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-08-03 20:53 - 2018-02-07 17:27 - 003206496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 001763624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 001575720 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 001494312 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000736040 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000719656 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000700712 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000527656 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000498472 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000440104 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000436008 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000257832 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000250152 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000250152 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000249128 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000219944 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000207656 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-08-03 20:53 - 2018-02-07 10:18 - 000164648 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-08-03 20:53 - 2018-01-31 18:56 - 003379496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-08-03 20:53 - 2018-01-31 18:56 - 003092776 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-08-03 20:53 - 2018-01-31 18:56 - 000977192 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-08-03 20:53 - 2018-01-23 16:23 - 015077152 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2018-08-03 20:53 - 2018-01-23 16:23 - 003269200 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2018-08-03 20:53 - 2018-01-23 16:23 - 002170008 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2018-08-03 20:53 - 2018-01-17 15:56 - 001145648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2018-08-03 20:53 - 2018-01-17 15:55 - 001427248 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2018-08-03 20:53 - 2017-12-01 18:26 - 001332672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-08-03 20:53 - 2017-11-21 17:11 - 000380704 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-08-03 20:53 - 2017-11-21 17:11 - 000106784 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-08-03 20:53 - 2017-11-21 17:11 - 000084256 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 007169752 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 007093024 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 006261472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 001945376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 001939168 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000440536 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000355552 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000321312 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000315680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000315680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000304352 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000267040 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000209696 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000147160 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000129752 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-08-03 20:53 - 2017-11-21 17:10 - 000080600 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-08-03 20:53 - 2017-09-20 17:58 - 002957192 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2018-08-03 20:53 - 2017-09-20 10:10 - 001521968 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2018-08-03 20:53 - 2017-09-20 10:10 - 001351472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2018-08-03 20:53 - 2017-09-20 10:10 - 001239856 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2018-08-03 20:53 - 2017-09-20 10:10 - 000394032 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2018-08-03 20:53 - 2017-05-10 14:31 - 003668416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-08-03 20:53 - 2017-03-04 11:48 - 000835904 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2018-08-03 20:53 - 2016-09-28 17:15 - 000590688 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2018-08-03 20:53 - 2016-07-15 14:51 - 001317192 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2018-08-03 20:53 - 2016-07-04 17:26 - 000434512 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2018-08-03 20:53 - 2016-03-08 14:55 - 072512000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-08-03 20:53 - 2016-02-25 19:14 - 000145624 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2018-08-03 20:53 - 2016-02-02 18:33 - 000407768 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2018-08-03 20:53 - 2016-02-02 18:33 - 000354008 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2018-08-03 20:53 - 2016-02-02 18:33 - 000348376 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2018-08-03 20:53 - 2016-02-02 18:33 - 000193240 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2018-08-03 20:53 - 2016-02-02 18:33 - 000180440 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2018-08-03 20:53 - 2016-02-02 18:33 - 000180440 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2018-08-03 20:53 - 2016-02-02 18:33 - 000169176 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2018-08-03 20:53 - 2015-02-04 00:38 - 001413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2018-08-03 20:53 - 2015-02-04 00:38 - 000454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2018-08-03 20:53 - 2015-02-04 00:38 - 000369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2018-08-03 20:53 - 2015-02-04 00:38 - 000329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2018-08-03 20:53 - 2015-02-04 00:38 - 000329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2018-08-03 20:53 - 2014-06-17 19:17 - 000856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2018-08-03 20:53 - 2014-05-22 16:24 - 000096568 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-08-03 20:53 - 2013-10-11 12:47 - 000113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-08-03 20:53 - 2013-10-11 11:31 - 000947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2018-08-03 20:53 - 2013-06-21 11:01 - 000109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-08-03 20:53 - 2012-01-10 10:20 - 000065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2018-08-03 20:53 - 2011-12-20 15:32 - 000331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-08-03 20:53 - 2011-09-02 14:21 - 000221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2018-08-03 20:53 - 2011-09-02 14:21 - 000081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2018-08-03 20:53 - 2011-09-02 14:21 - 000078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2018-08-03 20:53 - 2011-03-17 12:17 - 001361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2018-08-03 20:53 - 2011-03-07 17:11 - 000148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2018-08-03 20:53 - 2010-07-22 16:48 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2018-08-03 20:52 - 2018-08-03 20:52 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
2018-08-03 20:52 - 2018-06-11 05:23 - 000191024 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_I2C.sys
2018-08-03 20:52 - 2018-05-17 04:31 - 000399440 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2018-08-03 20:52 - 2018-05-17 04:31 - 000119408 _____ C:\WINDOWS\system32\Drivers\ibtfw.dat
2018-08-03 20:52 - 2018-05-16 19:31 - 001566152 _____ (Motorola Solutions, Inc.) C:\WINDOWS\system32\Drivers\btmhsf.sys
2018-08-03 20:52 - 2018-05-16 10:00 - 001795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2018-08-03 20:51 - 2018-08-03 20:51 - 000000000 ____D C:\WINDOWS\system32\Intel
2018-08-03 20:51 - 2018-06-30 07:19 - 000165064 _____ C:\WINDOWS\system32\IntelWifiIhv04.dll
2018-08-03 20:50 - 2018-07-23 21:23 - 000056848 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2018-08-03 20:50 - 2018-07-17 06:23 - 000625168 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2018-08-03 20:32 - 2018-08-16 22:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-03 20:32 - 2018-08-03 20:32 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-08-03 20:31 - 2017-10-20 16:44 - 000696304 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2018-08-03 20:31 - 2017-10-20 16:43 - 000494056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2018-08-03 20:31 - 2017-10-20 16:43 - 000440304 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2018-08-03 20:31 - 2017-10-20 16:43 - 000407536 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2018-08-03 20:31 - 2017-10-20 16:43 - 000309744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2018-08-03 20:31 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2018-08-03 20:31 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 002132976 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 001015280 _____ C:\WINDOWS\system32\igfxSDK.exe
2018-08-03 20:31 - 2017-10-20 16:42 - 000393200 _____ C:\WINDOWS\system32\igfxTray.exe
2018-08-03 20:31 - 2017-10-20 16:42 - 000389616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000380912 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000345584 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2018-08-03 20:31 - 2017-10-20 16:42 - 000259568 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2018-08-03 20:31 - 2017-10-20 16:42 - 000246256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000227824 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2018-08-03 20:31 - 2017-10-20 16:42 - 000226288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4835.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000102896 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000092144 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000086512 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000044016 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000020464 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000020464 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000018928 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000018928 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 013709296 _____ (Intel Corporation) C:\WINDOWS\system32\ig9icd64.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 010393072 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig9icd32.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 007963632 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2018-08-03 20:31 - 2017-10-20 16:41 - 005674992 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 004922352 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 004360176 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 003963376 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 001582064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 001169904 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000746480 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000430064 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000379888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000365040 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2018-08-03 20:31 - 2017-10-20 16:41 - 000264688 _____ C:\WINDOWS\system32\igfxCPL.cpl
2018-08-03 20:31 - 2017-10-20 16:41 - 000257520 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000216560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000184304 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000164848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000094704 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2018-08-03 20:31 - 2017-10-20 16:41 - 000076272 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2018-08-03 20:31 - 2017-10-20 16:40 - 000959464 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2018-08-03 20:31 - 2017-10-20 16:40 - 000955880 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2018-08-03 20:31 - 2017-10-20 16:37 - 039510208 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 006626888 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 005084944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 001792360 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 001789744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 000231304 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 000194864 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 000173632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 000172608 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 000150168 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 000150168 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2018-08-03 20:31 - 2017-10-20 16:37 - 000045936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 038561040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 034516680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 033175312 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 029092848 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 019852784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 016300992 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 015336288 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 013358608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 012941856 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 005254128 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 004223112 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 004195048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 002363840 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 001833920 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 000458216 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2018-08-03 20:31 - 2017-10-20 16:36 - 000300872 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 000285840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 000223720 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2018-08-03 20:31 - 2017-10-20 16:36 - 000223208 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2018-08-03 20:31 - 2017-10-20 16:36 - 000212056 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 000171520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2018-08-03 20:31 - 2017-10-20 16:36 - 000166888 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2018-08-03 20:31 - 2017-10-20 16:12 - 005799386 _____ C:\WINDOWS\system32\igdclbif.bin
2018-08-03 20:31 - 2017-10-20 16:12 - 002813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2018-08-03 20:31 - 2017-10-20 16:12 - 000831685 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2018-08-03 20:31 - 2017-10-20 16:12 - 000641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2018-08-03 20:31 - 2017-10-20 16:12 - 000511260 _____ C:\WINDOWS\system32\cp_resources.bin
2018-08-03 20:31 - 2017-10-20 16:12 - 000403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2018-08-03 20:31 - 2017-10-20 16:12 - 000375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2018-08-03 20:31 - 2017-10-20 16:12 - 000041296 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000040931 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000040343 _____ C:\WINDOWS\system32\iglhxo64.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000040316 _____ C:\WINDOWS\system32\iglhxc64.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000039798 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000039658 _____ C:\WINDOWS\system32\iglhxg64.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000004862 _____ C:\WINDOWS\system32\iglhxs64.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2018-08-03 20:31 - 2017-10-20 16:12 - 000000935 _____ C:\WINDOWS\system32\Gfxv4_0.exe.config
2018-08-03 20:31 - 2017-10-20 16:12 - 000000935 _____ C:\WINDOWS\system32\DPTopologyApp.exe.config
2018-08-03 20:31 - 2017-10-20 16:12 - 000000895 _____ C:\WINDOWS\system32\Gfxv2_0.exe.config
2018-08-03 20:31 - 2017-10-20 16:12 - 000000895 _____ C:\WINDOWS\system32\DPTopologyAppv2_0.exe.config
2018-08-03 20:24 - 2018-08-03 20:24 - 000000000 ____D C:\Users\David\My Drivers
2018-08-03 20:24 - 2018-08-03 20:24 - 000000000 ____D C:\Users\David\AppData\Roaming\Innovative Solutions
2018-08-03 20:24 - 2018-08-03 20:24 - 000000000 ____D C:\Users\David\AppData\Local\Innovative Solutions
2018-08-03 20:24 - 2018-08-03 20:24 - 000000000 ____D C:\My Drivers
2018-08-03 20:23 - 2018-08-03 20:23 - 006242504 _____ (Innovative Solutions ) C:\Users\David\Downloads\drivermax.exe
2018-08-03 20:22 - 2018-08-03 20:22 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2018-08-02 17:50 - 2018-08-04 00:19 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-08-02 17:50 - 2018-08-02 17:50 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-08-02 17:50 - 2018-08-02 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-08-02 17:50 - 2018-08-02 17:50 - 000000000 ____D C:\Program Files\Malwarebytes
2018-08-02 17:46 - 2018-08-04 00:08 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-02 17:45 - 2018-08-02 17:45 - 000000000 ____D C:\ProgramData\MB2Migration
2018-07-31 18:07 - 2018-07-31 18:08 - 000000000 ____D C:\ProgramData\Packages
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-17 23:43 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-17 23:42 - 2018-05-29 16:52 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EB26FD43-DDDD-4D82-9E7C-DDC83FC013BD}
2018-08-16 22:49 - 2016-10-04 19:08 - 000000206 _____ C:\Users\David\AppData\Roaming\sp_data.sys
2018-08-16 22:49 - 2016-10-04 19:08 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2018-08-16 22:49 - 2016-10-04 19:08 - 000000000 ____D C:\Users\David\AppData\Local\ASUS GIFTBOX
2018-08-16 11:38 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-16 11:20 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-16 00:47 - 2018-05-29 16:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-15 22:39 - 2016-10-04 19:20 - 000000000 ____D C:\Program Files (x86)\Digiguide TV Guide
2018-08-15 21:53 - 2018-05-28 09:57 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-15 21:53 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-15 21:53 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-15 21:53 - 2017-01-17 02:18 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2018-08-15 21:51 - 2018-06-26 22:30 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-08-15 21:51 - 2018-06-26 22:29 - 000000000 ____D C:\Program Files\CCleaner
2018-08-15 21:50 - 2018-06-26 22:29 - 000001701 _____ C:\Users\Public\Desktop\Recuva.lnk
2018-08-15 21:50 - 2018-06-26 22:29 - 000000000 ____D C:\Program Files\Recuva
2018-08-15 21:49 - 2018-06-26 22:30 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-15 00:15 - 2018-05-29 16:55 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-15 00:15 - 2018-05-29 16:52 - 000003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-08-15 00:10 - 2017-12-12 00:54 - 000000000 ___RD C:\Users\David\3D Objects
2018-08-15 00:10 - 2016-06-01 14:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-15 00:09 - 2018-05-29 16:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-15 00:09 - 2018-05-29 16:42 - 000408992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-15 00:09 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-15 00:09 - 2016-10-16 00:15 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-15 00:08 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-15 00:08 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-15 00:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-14 23:13 - 2016-10-04 23:40 - 000000000 ____D C:\Users\David\.get_iplayer
2018-08-14 22:48 - 2016-10-04 22:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-14 22:46 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-14 22:46 - 2016-10-04 22:27 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-14 22:45 - 2017-06-20 20:52 - 000069656 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2018-08-14 22:39 - 2016-11-20 22:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-13 10:25 - 2018-05-29 16:52 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-305419062-1090771254-121226093-1001
2018-08-13 10:25 - 2018-05-29 16:46 - 000002412 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-13 10:25 - 2016-10-04 19:09 - 000000000 ___RD C:\Users\David\OneDrive
2018-08-13 10:22 - 2016-03-24 13:04 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-10 00:40 - 2016-10-04 19:11 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 00:40 - 2016-10-04 19:11 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-06 16:19 - 2018-04-12 00:41 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-06 16:19 - 2018-04-12 00:41 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-03 20:54 - 2018-05-29 16:52 - 000003260 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2018-08-03 20:54 - 2018-05-29 16:52 - 000003216 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2018-08-03 20:53 - 2017-07-01 00:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-08-03 20:53 - 2017-07-01 00:19 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-08-03 20:24 - 2018-05-29 16:46 - 000000000 ____D C:\Users\David
2018-08-02 17:50 - 2016-10-04 19:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-31 18:45 - 2016-06-01 14:24 - 006305728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-07-27 09:59 - 2016-06-01 14:24 - 003674976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
 
==================== Files in the root of some directories =======
 
2016-10-04 19:08 - 2018-08-16 22:49 - 000000206 _____ () C:\Users\David\AppData\Roaming\sp_data.sys
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-29 16:42
 
==================== End of FRST.txt ============================


BC AdBot (Login to Remove)

 


#2 barfield94

barfield94
  • Topic Starter

  • Members
  • 3 posts
  • ONLINE
  •  
  • Local time:01:12 AM

Posted Today, 05:48 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by David (16-08-2018 23:40:31)
Running from C:\Users\David\Downloads
Windows 10 Home Version 1803 17134.228 (X64) (2018-05-29 15:52:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-305419062-1090771254-121226093-500 - Administrator - Disabled)
David (S-1-5-21-305419062-1090771254-121226093-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-305419062-1090771254-121226093-503 - Limited - Disabled)
Guest (S-1-5-21-305419062-1090771254-121226093-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-305419062-1090771254-121226093-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-305419062-1090771254-121226093-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {067B66D1-BBAB-B7B2-50C9-B4620C4BF1FE}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {BD1A8735-9D91-B83C-6A79-8F1077CCBB43}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Ablebits.com Merge Cells Wizard for Microsoft Excel (HKLM-x32\...\{9B4821E3-3284-4D9C-ACC1-558A0AE064F9}) (Version: 5.0.30 - Add-in Express Ltd)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Air Video Server HD 2.3.0-beta1 (HKLM-x32\...\Air Video Server HD) (Version: 2.3.0-beta1 - InMethod, s.r.o.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.19 - NVIDIA Corporation) Hidden
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 6.1.14 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.15.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.112 - ICEpower a/s)
Avira (HKLM-x32\...\{3EF074FE-D7BB-4237-A254-5E9D36C8DACA}) (Version: 1.2.118.18106 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{890aaa3c-e398-43d7-bbe0-f109738dd071}) (Version: 1.2.118.18106 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.37.326 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Championship Manager 01-02 (HKLM-x32\...\Championship Manager 01-02) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.3 - ASUSTek Computer Inc.)
Digiguide TV Guide (HKLM-x32\...\Digiguide TV Guide) (Version:  - GipsyMedia Limited)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
get_iplayer 3.16.0 (HKLM-x32\...\get_iplayer_is1) (Version: 3.16.0 - The get_iplayer Contributors)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
InPlay IPTV (HKLM-x32\...\{BCF20ECF-4CFE-4128-B7DB-9EE219C40888}) (Version: 4.4.10 - Cobain ltd)
Intel® Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10604.207 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{64FD4757-7186-4F12-9AA8-5EE809CAB282}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{bc883058-299e-461f-8e52-4f1dbb355f86}) (Version: 19.0.1 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
NVIDIA Graphics Driver 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8504 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.11.570 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.1.1.8 - WildTangent)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-305419062-1090771254-121226093-1001_Classes\CLSID\{BF9DDDDB-4A44-41F7-94C7-4DB032B73B9F}\InprocServer32 -> C:\Users\David\AppData\Roaming\Add-in Express\Merge Cells Wizard for Microsoft Excel\adxloader64.dll ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.11.570\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.11.570\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.11.570\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-08-14] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-01] (NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-08-14] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01C6C6FC-42FD-4F7C-826E-F59D3D2238B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-04] (Google Inc.)
Task: {039BBDE7-59D4-4F6A-8A22-1855CCF011A1} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {0C70FC88-CEC3-4A17-A33D-DCB23137F426} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation)
Task: {0D891E04-748A-4330-BD48-F72B9D984E34} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-02-23] (ASUS)
Task: {14B82204-BE2D-4055-8117-526DF7ADCC6D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {17E5CA7E-A866-41C2-98B6-C9379FFD776F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-07-10] (Realtek Semiconductor)
Task: {29F329F4-98F9-491D-B714-A208009D2DB2} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {377ECF55-B2B7-466F-ABF2-EA37E8337E85} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Task: {39CD21EB-35CB-4512-AA79-269F27FC6E2F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {3BC84725-CBBA-45C5-80F1-DA01BB770C05} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-16] (Intel Corporation)
Task: {40C16C89-5B22-4B8C-9C81-473B802B8152} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {478A1D53-DABA-43E6-BC4A-C3BDD21F2D54} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-18] (AsusTek)
Task: {5365D1B5-E050-4D5E-B386-8A29115A0649} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe [2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {550A3156-66FF-442F-A161-F054A38FE3BB} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-08-14] (Avira Operations GmbH & Co. KG)
Task: {5EB3A540-A721-46AC-979D-1BF5065180E3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Task: {6430CC72-EBF8-4F8C-AF87-2CCE1878ED23} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-01-19] (ASUSTek Computer Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6B931B5A-B529-48A0-9C42-EF5F52414212} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {751032FB-518B-42B1-84EC-DAFF4695A73D} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe [2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {77DD73B1-672E-41DE-AC60-1160D1B75BE1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {79BE94CE-7C42-4C35-9F14-63775BCA8E2B} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {8F32112E-1F2D-4304-8483-138A594A08BD} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {8FDA7B57-4510-41BD-AA7C-F0E9C372F504} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {9C0B63A7-F3E1-459A-9559-A0B8C680D77F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {A2AB61D5-D872-47C1-967A-EAD1E3C91A7B} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2016-03-02] (ASUS)
Task: {AD03177F-3B37-4F40-AD12-1DB282A8B9AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-04] (Google Inc.)
Task: {B640D647-1754-4C9D-8D4B-4034A1C168D3} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-07-10] (Realtek Semiconductor)
Task: {BE19E0A8-D2D5-45A2-A8E3-F43B9982A44F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {C299E8FB-AAAA-44A2-A820-0F618E450FCF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
Task: {C55D1702-DD1E-4611-8EE7-DB8C51DD0DDC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {DCFE5EDB-9CAE-4CE9-AC18-708C7D2D004E} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {E83211AB-3182-4A4B-B8E3-C5F25A3763D4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (AVAST Software)
Task: {F3F0B956-92EE-432B-9DBF-4B0C9228F4FD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-02-15 22:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2018-08-02 17:50 - 2018-08-04 00:19 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-02 17:50 - 2018-08-04 00:19 - 002535120 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-10-30 23:16 - 2013-11-06 19:58 - 000920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2017-07-01 00:20 - 2016-12-01 18:32 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-08-03 20:31 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-12-12 18:41 - 2017-12-12 18:41 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
2018-03-12 21:19 - 2018-03-12 21:19 - 002426040 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-03-26 23:46 - 2018-03-26 23:46 - 000381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2017-12-03 21:36 - 2017-12-03 21:36 - 000843672 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.17112.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll
2018-03-12 21:19 - 2018-03-12 21:19 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 004644864 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2018-08-14 22:42 - 2018-08-03 04:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-31 18:07 - 2018-07-31 18:08 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-31 18:07 - 2018-07-31 18:08 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-08-10 00:40 - 2018-08-08 01:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 00:40 - 2018-08-08 01:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-02-18 02:13 - 2018-02-18 02:13 - 000776448 _____ () C:\Program Files (x86)\AirVideoServer HD\ExternalEncoder.exe
2018-06-24 12:26 - 2018-06-24 12:26 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll
2018-07-31 18:07 - 2018-07-31 18:07 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 18:07 - 2018-07-31 18:07 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-31 18:07 - 2018-07-31 18:07 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-07-31 18:08 - 2018-07-31 18:08 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-05-02 23:01 - 2018-05-02 23:01 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-14 22:45 - 2018-08-14 22:45 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-08-14 22:45 - 2018-08-14 22:45 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2016-10-30 23:16 - 2010-06-29 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-09-18 23:34 - 2015-09-18 23:34 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-02-23 18:56 - 2016-02-23 18:56 - 000027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-02-23 18:56 - 2016-02-23 18:56 - 000124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-02-23 18:56 - 2016-02-23 18:56 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-03-24 13:04 - 2016-03-02 20:07 - 001481728 _____ () C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2016-03-24 13:04 - 2016-03-02 20:07 - 000073728 _____ () C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-06-18 09:06 - 2017-06-18 09:06 - 001065472 _____ () C:\Program Files (x86)\AirVideoServer HD\glib-2.0-0.dll
2017-06-18 09:07 - 2017-06-18 09:07 - 000210432 _____ () C:\Program Files (x86)\AirVideoServer HD\gobject-2.0-0.dll
2017-12-23 15:12 - 2017-12-23 15:12 - 000366592 _____ () C:\Program Files (x86)\AirVideoServer HD\gstbase-1.0-0.dll
2017-12-23 15:12 - 2017-12-23 15:12 - 000940032 _____ () C:\Program Files (x86)\AirVideoServer HD\gstreamer-1.0-0.dll
2017-12-23 01:54 - 2017-12-23 01:54 - 000485376 _____ () C:\Program Files (x86)\AirVideoServer HD\gstvideo-1.0-0.dll
2017-12-23 01:55 - 2017-12-23 01:55 - 000045568 _____ () C:\Program Files (x86)\AirVideoServer HD\gstapp-1.0-0.dll
2017-12-23 01:55 - 2017-12-23 01:55 - 000356864 _____ () C:\Program Files (x86)\AirVideoServer HD\gstaudio-1.0-0.dll
2017-12-23 01:55 - 2017-12-23 01:55 - 000177664 _____ () C:\Program Files (x86)\AirVideoServer HD\gstpbutils-1.0-0.dll
2018-01-18 23:46 - 2018-01-18 23:46 - 000109056 _____ () C:\Program Files (x86)\AirVideoServer HD\gstmpegts-1.0-0.dll
2018-01-18 23:45 - 2018-01-18 23:45 - 000254464 _____ () C:\Program Files (x86)\AirVideoServer HD\gstcodecparsers-1.0-0.dll
2017-12-23 04:41 - 2017-12-23 04:41 - 001251840 _____ () C:\Program Files (x86)\AirVideoServer HD\avformat-57.dll
2017-12-23 04:41 - 2017-12-23 04:41 - 000360448 _____ () C:\Program Files (x86)\AirVideoServer HD\avutil-55.dll
2017-12-23 04:41 - 2017-12-23 04:41 - 008829440 _____ () C:\Program Files (x86)\AirVideoServer HD\avcodec-57.dll
2017-05-28 13:44 - 2017-05-28 13:44 - 000045582 _____ () C:\Program Files (x86)\AirVideoServer HD\libffi.dll
2017-06-18 09:07 - 2017-06-18 09:07 - 000014848 _____ () C:\Program Files (x86)\AirVideoServer HD\gmodule-2.0-0.dll
2017-06-21 16:11 - 2017-06-21 16:11 - 000367616 _____ () C:\Program Files (x86)\AirVideoServer HD\orc-0.4.dll
2017-12-23 01:54 - 2017-12-23 01:54 - 000189952 _____ () C:\Program Files (x86)\AirVideoServer HD\gsttag-1.0-0.dll
2017-06-18 09:04 - 2017-06-18 09:04 - 000059904 _____ () C:\Program Files (x86)\AirVideoServer HD\bz2-1.dll
2017-12-23 04:41 - 2017-12-23 04:41 - 000109056 _____ () C:\Program Files (x86)\AirVideoServer HD\swresample-2.dll
2016-10-04 19:20 - 2016-10-04 19:20 - 000343040 _____ () C:\Program Files (x86)\Digiguide TV Guide\Network.dll
2016-10-04 19:20 - 2016-10-04 19:20 - 000716800 _____ () C:\Program Files (x86)\Digiguide TV Guide\js32.dll
2016-10-04 19:20 - 2016-10-04 19:20 - 000159744 _____ () C:\Program Files (x86)\Digiguide TV Guide\SSLEAY32.dll
2016-10-04 19:20 - 2016-10-04 19:20 - 000872448 _____ () C:\Program Files (x86)\Digiguide TV Guide\LIBEAY32.dll
2016-06-01 14:32 - 2017-09-25 23:50 - 008928968 _____ () C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037688\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627492\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626392\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910835\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947498\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014303\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926396\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555092\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620209\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000039\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037742\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627528\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626423\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910864\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947741\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014336\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926422\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555156\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620238\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000070\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKU\S-1-5-21-305419062-1090771254-121226093-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018001037777\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018212627560\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213626453\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018213910895\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018215947789\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08152018220014366\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018004926449\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112555212\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018112620273\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-305419062-1090771254-121226093-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08162018234000101\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{5C559C7C-2CC4-4F7B-80FB-D91CBC42C529}C:\program files (x86)\digiguide tv guide\digiguide.exe] => (Allow) C:\program files (x86)\digiguide tv guide\digiguide.exe
FirewallRules: [TCP Query User{894B9B29-AC24-4AC8-9CC8-C51448FB7424}C:\program files (x86)\digiguide tv guide\digiguide.exe] => (Allow) C:\program files (x86)\digiguide tv guide\digiguide.exe
FirewallRules: [{97471493-F33B-4D83-9779-7816B3A596CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A6D932F2-78BF-45F3-A0C2-1DD9C5341971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B51601E2-B10D-4327-AE6C-4F475F92CAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{758D054B-9FA2-42FE-B36D-18B365AD32D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6B4990C6-4B0D-48BF-8997-AF9BF60ACF93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0FA6FFDC-D16D-4BD8-A3A6-414FFD331760}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{67706471-4A7A-4675-B45A-6A5863D3E982}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D389A53-C616-4A56-A1A7-B0CFEFD6121A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{898C4F49-A44E-4DF1-85F2-88A8984FFD68}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{B131316F-6501-415E-8D7B-225A88F7D4C4}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [TCP Query User{6EEE925D-E508-4548-83C4-7D25B4864F74}C:\program files (x86)\digiguide tv guide\digiguide.exe] => (Allow) C:\program files (x86)\digiguide tv guide\digiguide.exe
FirewallRules: [UDP Query User{DA7D12C7-9974-49B4-B51C-A6558F4A330E}C:\program files (x86)\digiguide tv guide\digiguide.exe] => (Allow) C:\program files (x86)\digiguide tv guide\digiguide.exe
FirewallRules: [{DFDE0E34-9697-4914-9512-72753EC44242}] => (Allow) C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe
FirewallRules: [{337E891C-040D-4813-84B4-1720457BC526}] => (Allow) C:\Program Files (x86)\AirVideoServer HD\AirVideoServerUI.exe
FirewallRules: [{BC2515AD-C85D-46E5-9C9C-A594EBDD5162}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7627660-5C0A-40C8-A3A8-0E030014B7AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C4211088-6672-4905-B0EE-F954AF3E8D18}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{2D0900AD-228F-4894-948A-1251D693E458}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{28C3FCAB-89BF-4959-9A35-A9372CB47E3A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{27E6344A-82AD-4A5A-A310-D70C4997965A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
 
==================== Restore Points =========================
 
14-08-2018 22:41:40 Windows Update
16-08-2018 00:49:04 Installed InPlay IPTV
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/16/2018 11:38:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 848: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
 
Error: (08/16/2018 12:49:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddWin32ServiceFiles: Unable to back up image of service NVIDIA Network Service since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (08/18/2018 12:02:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Unlock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (08/18/2018 12:02:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Lock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (08/16/2018 11:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Unlock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (08/16/2018 11:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Lock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (08/16/2018 11:56:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Unlock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (08/16/2018 11:56:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Lock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
 
System errors:
=============
Error: (08/16/2018 10:49:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-AGJVL4D)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-AGJVL4D\David SID (S-1-5-21-305419062-1090771254-121226093-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/16/2018 10:49:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/16/2018 11:35:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-AGJVL4D)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-AGJVL4D\David SID (S-1-5-21-305419062-1090771254-121226093-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/16/2018 11:23:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/16/2018 11:22:21 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-AGJVL4D)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-AGJVL4D\David SID (S-1-5-21-305419062-1090771254-121226093-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/16/2018 11:20:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/16/2018 12:47:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/18/2018 12:00:23 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be  changed by -172799 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.nist.gov,0x9 (ntp.m|0x9|0.0.0.0:123->129.6.15.30:123) is working properly.
 
 
CodeIntegrity:
===================================
 
Date: 2018-08-16 23:04:39.077
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-08-16 23:04:39.077
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-08-15 23:27:53.861
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-08-15 23:27:53.858
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-08-15 21:34:26.052
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-08-15 21:34:26.052
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-08-15 00:30:16.853
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-08-15 00:30:16.852
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-6300HQ CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 12184.13 MB
Available physical RAM: 7186.25 MB
Total Virtual: 14040.13 MB
Available Virtual: 8439 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:118.48 GB) (Free:50.31 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:1863.02 GB) (Free:147.59 GB) NTFS
 
\\?\Volume{eda673f9-e9af-4259-9b1c-585ffa2c19d9}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{7688eea9-a8e7-49ba-8b7b-4afdf277ddbf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BA649F63)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: F4DF487E)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#3 barfield94

barfield94
  • Topic Starter

  • Members
  • 3 posts
  • ONLINE
  •  
  • Local time:01:12 AM

Posted Today, 06:29 PM

Just had a Malwarebytes alert for Malware now too...

 

-Website Data-
Category: Malware
Domain: link.tweakbit.com
IP Address: 45.33.112.59
Port: [65023]
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe





10 user(s) are reading this topic

1 members, 8 guests, 1 anonymous users


    barfield94