Go Back   Web User Forums > Security > Malware Removal Help & Analysis

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 15-09-18, 10:57
StarLord StarLord is offline
Newbie
 
Join Date: Sep 2018
Posts: 4
Default Slow performance

Hello, nothin horrendously wrong here, just hoping to get a the laptop working a bit slicker!

Thanks

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Fennomenon (administrator) on LAPTOP-FOH831L0 (15-09-2018 11:48:18)
Running from C:\Users\Fennomenon\Downloads\Farbar Recovery
Loaded Profiles: Fennomenon (Available Profiles: Fennomenon)
Platform: Windows 10 Home Version 1803 17134.228 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCra shHandler.exe
(AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCra shHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Amazon Services LLC) C:\Users\Fennomenon\AppData\Local\Amazon Music\Amazon Music Helper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos .exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-11-20] (Realtek Semiconductor)
HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-10] (HP)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291056 2018-08-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [144696 2017-02-14] (Check Point Software Technologies Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\Run: [Amazon Music Helper] => C:\Users\Fennomenon\AppData\Local\Amazon Music\Amazon Music Helper.exe [3051448 2018-07-03] (Amazon Services LLC)
HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1080258345-1341856016-602751229-1002] => proxy.wildern.hants.sch.uk:9000
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{30b3b25d-525a-41e9-b942-be593f95ca7f}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{66d1613c-9640-4f03-9a8c-a429976d49aa}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1080258345-1341856016-602751229-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=chrf-iryus&type=ypi_znlrm_00_00_ie
HKU\S-1-5-21-1080258345-1341856016-602751229-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM-x32 -> {DC1BD4F7-6000-465D-9BC8-6D36219A8557} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1080258345-1341856016-602751229-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1080258345-1341856016-602751229-1002 -> {D15E1C73-1D75-44CE-BDC1-521AC80942A8} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=chrf-iryus&type=ypi_znlrm_00_00_ie
SearchScopes: HKU\S-1-5-21-1080258345-1341856016-602751229-1002 -> {DC1BD4F7-6000-465D-9BC8-6D36219A8557} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll [2016-07-21] (HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Fennomenon\AppData\Roaming\Mozilla\Firefo x\Profiles\3ZFKQ182.default [2016-08-03]
FF Extension: (Avira Browser Safety) - C:\Users\Fennomenon\AppData\Roaming\Mozilla\Firefo x\Profiles\3ZFKQ182.default\Extensions\abs@avira.c om [2016-08-03] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-07-06] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157 .dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2017-07-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp .dll [2015-10-12] ()

Chrome:
=======
CHR HomePage: Default -> hxxps://www.wildern.hants.sch.uk/
CHR Profile: C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default [2018-09-15]
CHR Extension: (Slides) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-10-16]
CHR Extension: (Share to Classroom) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\adokjfanaflbkibffcbhihgihp gijcei [2018-06-29]
CHR Extension: (Docs) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2016-08-03]
CHR Extension: (Coding with Chrome) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\becloognjehhioodmnimnehjci bkloed [2018-08-08]
CHR Extension: (Web Developer) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkc nldhhm [2018-06-29]
CHR Extension: (Keep Awake) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\bijihlabcfdnabacffofojgmeh jdielb [2018-06-29]
CHR Extension: (YouTube) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2016-08-03]
CHR Extension: (Adblock for Youtube™) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\cmedhionkhpnakcndndgjdbohm hepckk [2018-09-14]
CHR Extension: (Sheets) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-10-16]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpi mamgkj [2018-06-29]
CHR Extension: (Google Docs Offline) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2018-08-21]
CHR Extension: (Save to Google Drive) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\gmbmikajjgmnabiglmofipeaba ddhgne [2018-06-29]
CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\hflefjhkfeiaignkclmphmokmm bhbhik [2018-06-29]
CHR Extension: (Copy, URL to Google Drive™) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\hhkdailooaapiplkadgdkkllbn kjpbel [2018-06-29]
CHR Extension: (Python Fiddle) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\imldfcloildiapnfjoocfpdmoa jnjelf [2018-06-29]
CHR Extension: (Multiple Images to PDF) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\jmgffnfpmjbignenkflohmgagi djcomp [2018-07-16]
CHR Extension: (Bananatag Email Tracking) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\jpbnpbfpgjkblmejlgkfkekaja jhjcid [2018-09-14]
CHR Extension: (Loom - Video Recorder: Screen, Webcam and Mic) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\liecbddmkiiihnedobmlmillho djkdmb [2018-09-14]
CHR Extension: (Python Editor v5 beta) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\lldlpeacadpdfaoekhaiphamkn djghgo [2018-06-29]
CHR Extension: (Save Webpage As Word Document) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\mcebgdgbcbdkgdljffnkkbekld nidbmn [2018-06-29]
CHR Extension: (Google Drawings) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\mkaakpdehdafacodkgkpghoibn mamcme [2018-06-29]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmd ofkcpn [2018-09-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2018-04-09]
CHR Extension: (Folder Copy for Google Drive™) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\ojcfeehlnmmcnhbkenkjailjmh fkjani [2018-06-29]
CHR Extension: (Gmail) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2016-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\Fennomenon\AppData\Local\Google\Chrome\Us er Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2018-08-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1080258345-1341856016-602751229-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\ Extension: [hpacaholihkepnhgeeiipghhgonbhdfb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-08-06] () [File not signed]
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-09-14] (AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-08-31] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-09-14] (AVG Technologies)
S3 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [111040 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3059440 2017-07-18] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-12] (WildTangent)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542320 2017-12-06] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268928 2017-12-20] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-11-20] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-08-22] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4076744 2017-02-14] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758720 2017-12-20] (Intel® Corporation)
S2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1037624 2017-02-14] (Check Point Software Technologies Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53752 2018-05-15] (HP)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [18968 2015-09-08] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-09-08] (Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-09-08] (Advanced Micro Devices)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [192104 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [222288 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [194224 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [339048 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51952 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15344 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [155664 2018-09-14] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [104256 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78864 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [459624 2018-09-14] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [208216 2018-09-14] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-08-31] (AVG Technologies CZ, s.r.o.)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [40960 2018-05-15] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-10] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-06-01] (Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-13] (Synaptics Incorporated)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2017-03-28] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64 .sys [34960 2018-02-02] (HP)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-07-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-07-24] (Zemana Ltd.)
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-15 11:47 - 2018-09-15 11:48 - 000000000 ____D C:\Users\Fennomenon\Downloads\Farbar Recovery
2018-09-14 19:12 - 2018-09-14 19:12 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2018-09-14 19:12 - 2018-09-14 19:12 - 000002419 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2018-09-14 19:11 - 2018-09-14 19:11 - 000003416 _____ C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineUA
2018-09-14 19:11 - 2018-09-14 19:11 - 000003292 _____ C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineCore
2018-08-31 21:12 - 2018-08-31 21:12 - 007440487 _____ C:\Users\Fennomenon\Downloads\45075 Manual.pdf
2018-08-31 21:05 - 2018-08-31 21:05 - 002667931 _____ C:\Users\Fennomenon\Downloads\York B501 Bench manual.pdf
2018-08-31 09:40 - 2018-08-31 09:40 - 000380656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-08-31 09:38 - 2018-08-31 09:38 - 016798624 _____ (Piriform Ltd) C:\Users\Fennomenon\Downloads\ccsetup546.exe
2018-08-23 19:29 - 2018-09-14 19:29 - 000003296 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForFennomen on
2018-08-23 19:29 - 2018-09-14 19:29 - 000000384 _____ C:\WINDOWS\Tasks\HPCeeScheduleForFennomenon.job
2018-08-21 21:06 - 2018-08-21 21:06 - 000139943 _____ C:\Users\Fennomenon\Downloads\JD_Band_6_MM_Pharmac y_Technician_2014.pdf
2018-08-21 20:31 - 2018-08-06 16:19 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-21 20:31 - 2018-08-06 16:19 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-19 21:47 - 2018-08-03 04:39 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2018-08-19 21:47 - 2018-08-03 04:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
2018-08-19 21:47 - 2018-08-03 04:23 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-19 21:47 - 2018-08-03 04:18 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-19 21:47 - 2018-07-14 07:46 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-08-19 21:46 - 2018-08-03 09:39 - 021389368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-19 21:46 - 2018-08-03 09:20 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-19 21:46 - 2018-08-03 08:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-08-19 21:46 - 2018-08-03 08:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-08-19 21:46 - 2018-08-03 04:47 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-19 21:46 - 2018-08-03 04:40 - 001221048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-08-19 21:46 - 2018-08-03 04:40 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-08-19 21:46 - 2018-08-03 04:39 - 009091480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-19 21:46 - 2018-08-03 04:39 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-19 21:46 - 2018-08-03 04:39 - 002829216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-19 21:46 - 2018-08-03 04:38 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-19 21:46 - 2018-08-03 04:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-08-19 21:46 - 2018-08-03 04:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-08-19 21:46 - 2018-08-03 04:25 - 001622296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-08-19 21:46 - 2018-08-03 04:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-08-19 21:46 - 2018-08-03 04:17 - 004380160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-19 21:46 - 2018-08-03 04:15 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-19 21:46 - 2018-08-03 04:14 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-19 21:46 - 2018-08-03 04:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-08-19 21:46 - 2018-08-03 04:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-08-19 21:46 - 2018-08-03 04:13 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-19 21:46 - 2018-08-03 04:12 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-19 21:46 - 2018-08-03 04:12 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-19 21:46 - 2018-08-03 04:11 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-19 21:46 - 2018-08-03 04:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-08-19 21:46 - 2018-08-03 04:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-08-19 21:46 - 2018-08-03 04:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-08-19 21:46 - 2018-08-03 04:09 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-19 21:46 - 2018-08-03 04:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-19 21:46 - 2018-08-03 04:09 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-19 21:46 - 2018-08-03 04:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-08-19 21:46 - 2018-08-03 04:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-08-19 21:46 - 2018-07-15 01:56 - 001523240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-19 21:46 - 2018-07-15 01:44 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-19 21:46 - 2018-07-15 01:43 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-19 21:46 - 2018-07-15 01:42 - 008624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-19 21:46 - 2018-07-15 01:42 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-19 21:46 - 2018-07-15 00:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-08-19 21:46 - 2018-07-15 00:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-08-19 21:46 - 2018-07-14 07:42 - 019525632 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-08-19 21:46 - 2018-07-14 05:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-19 21:46 - 2018-07-14 05:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-19 21:46 - 2018-07-14 05:18 - 002371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-19 21:46 - 2018-07-14 05:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-08-19 21:46 - 2018-07-14 05:17 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-19 21:46 - 2018-07-14 05:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-08-19 21:46 - 2018-07-14 05:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-08-19 21:46 - 2018-07-14 04:59 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-19 21:46 - 2018-07-14 04:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-08-19 21:46 - 2018-07-14 04:57 - 007057920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-19 21:46 - 2018-07-14 04:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-08-19 21:46 - 2018-07-14 04:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-19 21:46 - 2018-07-14 04:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-08-19 21:46 - 2018-07-14 04:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-19 21:46 - 2018-07-14 04:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-08-19 21:46 - 2018-07-14 04:54 - 003319808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-19 21:46 - 2018-07-14 04:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-19 21:46 - 2018-07-14 04:53 - 004770816 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-19 21:46 - 2018-07-14 04:53 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-19 21:46 - 2018-07-14 04:53 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-08-19 21:46 - 2018-07-14 04:53 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-08-19 21:46 - 2018-07-14 04:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-19 21:46 - 2018-07-14 04:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-19 21:46 - 2018-07-14 04:51 - 002904576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-19 21:46 - 2018-07-14 04:51 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-19 21:46 - 2018-07-14 04:50 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-19 21:46 - 2018-07-14 04:50 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-19 21:46 - 2018-07-06 15:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-08-19 21:46 - 2018-07-06 15:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-08-19 21:46 - 2018-07-06 15:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-08-19 21:46 - 2018-07-06 15:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-08-19 21:46 - 2018-07-06 15:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-08-19 21:46 - 2018-07-06 15:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-08-19 21:46 - 2018-07-06 15:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-08-19 21:46 - 2018-07-06 13:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-08-19 21:46 - 2018-07-06 12:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-08-19 21:46 - 2018-07-06 08:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-08-19 21:46 - 2018-07-06 08:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-08-19 21:46 - 2018-07-06 08:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-08-19 21:46 - 2018-07-06 08:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-08-19 21:46 - 2018-07-06 08:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-08-19 21:46 - 2018-07-06 08:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-08-19 21:46 - 2018-07-06 08:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-08-19 21:46 - 2018-07-06 08:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-08-19 21:46 - 2018-07-06 07:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-08-19 21:46 - 2018-07-06 07:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-08-19 21:46 - 2018-07-06 07:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-08-19 21:46 - 2018-07-06 07:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-08-19 21:46 - 2018-07-06 07:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-08-19 21:46 - 2018-07-06 07:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-08-19 21:46 - 2018-07-06 07:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-08-19 21:46 - 2018-07-06 07:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-08-19 21:45 - 2018-08-03 09:39 - 000790304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-19 21:45 - 2018-08-03 09:25 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-19 21:45 - 2018-08-03 09:25 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-19 21:45 - 2018-08-03 09:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-19 21:45 - 2018-08-03 09:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-19 21:45 - 2018-08-03 09:22 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-19 21:45 - 2018-08-03 09:21 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-19 21:45 - 2018-08-03 09:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-08-19 21:45 - 2018-08-03 09:21 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-19 21:45 - 2018-08-03 09:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-19 21:45 - 2018-08-03 09:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-19 21:45 - 2018-08-03 09:20 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2018-08-19 21:45 - 2018-08-03 09:19 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-19 21:45 - 2018-08-03 08:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-08-19 21:45 - 2018-08-03 08:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-08-19 21:45 - 2018-08-03 08:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-08-19 21:45 - 2018-08-03 08:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-08-19 21:45 - 2018-08-03 08:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-08-19 21:45 - 2018-08-03 08:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-08-19 21:45 - 2018-08-03 08:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-08-19 21:45 - 2018-08-03 08:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-08-19 21:45 - 2018-08-03 06:41 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapt ure.dll
2018-08-19 21:45 - 2018-08-03 05:49 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapt ure.dll
2018-08-19 21:45 - 2018-08-03 04:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-08-19 21:45 - 2018-08-03 04:46 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-08-19 21:45 - 2018-08-03 04:46 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-08-19 21:45 - 2018-08-03 04:41 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-08-19 21:45 - 2018-08-03 04:41 - 000077608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-08-19 21:45 - 2018-08-03 04:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-08-19 21:45 - 2018-08-03 04:40 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-08-19 21:45 - 2018-08-03 04:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-19 21:45 - 2018-08-03 04:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-19 21:45 - 2018-08-03 04:40 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-08-19 21:45 - 2018-08-03 04:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-19 21:45 - 2018-08-03 04:39 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-19 21:45 - 2018-08-03 04:39 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-19 21:45 - 2018-08-03 04:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-19 21:45 - 2018-08-03 04:39 - 000170936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-19 21:45 - 2018-08-03 04:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-19 21:45 - 2018-08-03 04:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-08-19 21:45 - 2018-08-03 04:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-19 21:45 - 2018-08-03 04:38 - 001945792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-19 21:45 - 2018-08-03 04:38 - 001285536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-19 21:45 - 2018-08-03 04:38 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-19 21:45 - 2018-08-03 04:38 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-08-19 21:45 - 2018-08-03 04:38 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-08-19 21:45 - 2018-08-03 04:38 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-19 21:45 - 2018-08-03 04:38 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-19 21:45 - 2018-08-03 04:38 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-08-19 21:45 - 2018-08-03 04:38 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-08-19 21:45 - 2018-08-03 04:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-08-19 21:45 - 2018-08-03 04:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-19 21:45 - 2018-08-03 04:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-08-19 21:45 - 2018-08-03 04:25 - 001131064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-08-19 21:45 - 2018-08-03 04:25 - 000583120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-08-19 21:45 - 2018-08-03 04:25 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-08-19 21:45 - 2018-08-03 04:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-08-19 21:45 - 2018-08-03 04:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-08-19 21:45 - 2018-08-03 04:14 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-19 21:45 - 2018-08-03 04:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-19 21:45 - 2018-08-03 04:13 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.d ll
2018-08-19 21:45 - 2018-08-03 04:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-19 21:45 - 2018-08-03 04:12 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-19 21:45 - 2018-08-03 04:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-19 21:45 - 2018-08-03 04:11 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2018-08-19 21:45 - 2018-08-03 04:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-19 21:45 - 2018-08-03 04:11 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-19 21:45 - 2018-08-03 04:11 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-19 21:45 - 2018-08-03 04:11 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-19 21:45 - 2018-08-03 04:10 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-19 21:45 - 2018-08-03 04:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-19 21:45 - 2018-08-03 04:09 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2018-08-19 21:45 - 2018-08-03 04:09 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-19 21:45 - 2018-08-03 04:09 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authenticatio n.Web.Core.dll
2018-08-19 21:45 - 2018-08-03 04:08 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-19 21:45 - 2018-08-03 04:08 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-19 21:45 - 2018-08-03 04:08 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-19 21:45 - 2018-08-03 04:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-08-19 21:45 - 2018-08-03 04:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-08-19 21:45 - 2018-08-03 04:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-08-19 21:45 - 2018-08-03 04:08 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-19 21:45 - 2018-08-03 04:08 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-19 21:45 - 2018-08-03 04:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-08-19 21:45 - 2018-08-03 04:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-19 21:45 - 2018-08-03 04:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-08-19 21:45 - 2018-08-03 04:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-08-19 21:45 - 2018-08-03 04:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authenticatio n.Web.Core.dll
2018-08-19 21:45 - 2018-08-03 04:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-08-19 21:45 - 2018-08-03 04:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-08-19 21:45 - 2018-08-03 04:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-08-19 21:45 - 2018-08-03 04:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-08-19 21:45 - 2018-08-03 04:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-08-19 21:45 - 2018-08-03 04:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-08-19 21:45 - 2018-07-15 01:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-19 21:45 - 2018-07-15 01:41 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-19 21:45 - 2018-07-15 01:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-19 21:45 - 2018-07-15 01:39 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-19 21:45 - 2018-07-15 01:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-19 21:45 - 2018-07-15 01:38 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-19 21:45 - 2018-07-15 01:38 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-19 21:45 - 2018-07-15 01:38 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-19 21:45 - 2018-07-15 01:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-19 21:45 - 2018-07-15 01:36 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-19 21:45 - 2018-07-15 00:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-08-19 21:45 - 2018-07-15 00:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-08-19 21:45 - 2018-07-15 00:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-08-19 21:45 - 2018-07-15 00:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-08-19 21:45 - 2018-07-15 00:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-08-19 21:45 - 2018-07-15 00:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-08-19 21:45 - 2018-07-15 00:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-08-19 21:45 - 2018-07-15 00:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-08-19 21:45 - 2018-07-14 05:37 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-19 21:45 - 2018-07-14 05:37 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-19 21:45 - 2018-07-14 05:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-19 21:45 - 2018-07-14 05:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-19 21:45 - 2018-07-14 05:22 - 000203560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-19 21:45 - 2018-07-14 05:21 - 000722824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-19 21:45 - 2018-07-14 05:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-19 21:45 - 2018-07-14 05:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-08-19 21:45 - 2018-07-14 05:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-08-19 21:45 - 2018-07-14 05:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-19 21:45 - 2018-07-14 05:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-19 21:45 - 2018-07-14 05:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-19 21:45 - 2018-07-14 05:19 - 000483024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-08-19 21:45 - 2018-07-14 05:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-19 21:45 - 2018-07-14 05:18 - 001017584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-19 21:45 - 2018-07-14 05:18 - 000930712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-19 21:45 - 2018-07-14 05:18 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-19 21:45 - 2018-07-14 05:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-08-19 21:45 - 2018-07-14 05:18 - 000376216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-19 21:45 - 2018-07-14 05:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-08-19 21:45 - 2018-07-14 05:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-08-19 21:45 - 2018-07-14 05:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-08-19 21:45 - 2018-07-14 05:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-08-19 21:45 - 2018-07-14 05:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-08-19 21:45 - 2018-07-14 05:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-08-19 21:45 - 2018-07-14 04:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-08-19 21:45 - 2018-07-14 04:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-08-19 21:45 - 2018-07-14 04:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-08-19 21:45 - 2018-07-14 04:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-08-19 21:45 - 2018-07-14 04:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-19 21:45 - 2018-07-14 04:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-19 21:45 - 2018-07-14 04:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-19 21:45 - 2018-07-14 04:54 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-19 21:45 - 2018-07-14 04:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-19 21:45 - 2018-07-14 04:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-19 21:45 - 2018-07-14 04:53 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-19 21:45 - 2018-07-14 04:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-08-19 21:45 - 2018-07-14 04:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-08-19 21:45 - 2018-07-14 04:53 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-19 21:45 - 2018-07-14 04:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-19 21:45 - 2018-07-14 04:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-19 21:45 - 2018-07-14 04:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-19 21:45 - 2018-07-14 04:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-19 21:45 - 2018-07-14 04:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-19 21:45 - 2018-07-14 04:52 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-19 21:45 - 2018-07-14 04:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-19 21:45 - 2018-07-14 04:51 - 001747968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-19 21:45 - 2018-07-14 04:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-19 21:45 - 2018-07-14 04:51 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-19 21:45 - 2018-07-14 04:51 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-19 21:45 - 2018-07-14 04:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-19 21:45 - 2018-07-14 04:50 - 001359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-19 21:45 - 2018-07-14 04:50 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-19 21:45 - 2018-07-14 04:50 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-19 21:45 - 2018-07-14 04:50 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-19 21:45 - 2018-07-14 04:50 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-19 21:45 - 2018-07-14 04:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-19 21:45 - 2018-07-14 04:49 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-08-19 21:45 - 2018-07-14 04:49 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-19 21:45 - 2018-07-13 05:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-19 21:45 - 2018-07-06 15:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-08-19 21:45 - 2018-07-06 15:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-08-19 21:45 - 2018-07-06 15:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-08-19 21:45 - 2018-07-06 15:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-08-19 21:45 - 2018-07-06 14:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dl l
2018-08-19 21:45 - 2018-07-06 14:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-08-19 21:45 - 2018-07-06 14:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-08-19 21:45 - 2018-07-06 12:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-08-19 21:45 - 2018-07-06 08:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-08-19 21:45 - 2018-07-06 08:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.B roker.dll
2018-08-19 21:45 - 2018-07-06 08:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-08-19 21:45 - 2018-07-06 08:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-08-19 21:45 - 2018-07-06 08:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-08-19 21:45 - 2018-07-06 08:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-08-19 21:45 - 2018-07-06 08:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-08-19 21:45 - 2018-07-06 07:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-08-19 21:45 - 2018-07-06 07:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-08-19 21:45 - 2018-07-06 07:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-08-19 21:45 - 2018-07-06 07:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-08-19 21:45 - 2018-07-06 07:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-08-19 21:45 - 2018-07-06 07:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-08-19 21:45 - 2018-07-06 07:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-08-19 21:45 - 2018-07-06 07:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-08-19 21:45 - 2018-07-06 07:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-08-19 21:45 - 2018-07-06 07:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-08-19 21:45 - 2018-07-06 07:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-08-19 21:45 - 2018-07-06 07:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications .dll
2018-08-19 21:45 - 2018-07-06 07:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-08-19 21:45 - 2018-07-06 07:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-08-19 21:45 - 2018-07-06 07:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-08-19 21:45 - 2018-07-06 07:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-08-19 21:45 - 2018-07-06 07:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-08-19 21:45 - 2018-07-06 07:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-08-19 21:45 - 2018-07-06 07:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-08-19 21:45 - 2018-07-06 07:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-08-19 21:44 - 2018-08-03 09:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-08-19 21:44 - 2018-08-03 08:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-08-19 21:44 - 2018-08-03 04:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-19 21:44 - 2018-08-03 04:16 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-08-19 21:44 - 2018-08-03 04:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-19 21:44 - 2018-08-03 04:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-08-19 21:44 - 2018-08-03 04:13 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-19 21:44 - 2018-08-03 04:12 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-19 21:44 - 2018-08-03 04:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-08-19 21:44 - 2018-08-03 04:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-08-19 21:44 - 2018-08-03 04:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.d ll
2018-08-19 21:44 - 2018-08-03 04:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-08-19 21:44 - 2018-08-03 04:07 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-08-19 21:44 - 2018-08-03 04:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-08-19 21:44 - 2018-08-03 02:54 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-08-19 21:44 - 2018-07-15 01:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-08-19 21:44 - 2018-07-14 04:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-08-19 21:44 - 2018-07-14 04:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-08-19 21:44 - 2018-07-14 04:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-08-19 21:44 - 2018-07-14 04:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-08-19 21:44 - 2018-07-14 04:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-19 21:44 - 2018-07-14 04:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-08-19 21:44 - 2018-07-14 04:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-19 21:44 - 2018-07-14 04:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-08-19 21:44 - 2018-07-14 04:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-19 21:44 - 2018-07-14 04:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-19 21:44 - 2018-07-14 04:50 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-19 21:44 - 2018-07-06 14:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-08-19 21:44 - 2018-07-06 08:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-08-19 21:44 - 2018-07-06 08:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-08-19 21:44 - 2018-07-06 08:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-08-19 21:44 - 2018-07-06 08:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-08-19 21:44 - 2018-07-06 08:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-08-19 21:44 - 2018-07-06 08:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-08-19 21:44 - 2018-07-06 08:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-08-19 21:44 - 2018-07-06 08:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-08-19 21:44 - 2018-07-06 07:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.d ll
2018-08-19 21:44 - 2018-07-06 07:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-08-19 21:44 - 2018-07-06 07:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-08-19 21:44 - 2018-07-06 07:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core. dll
2018-08-19 21:44 - 2018-07-06 07:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-08-19 21:44 - 2018-07-06 07:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-08-19 21:44 - 2018-07-06 07:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-08-19 21:44 - 2018-07-06 07:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core. dll
2018-08-19 21:18 - 2018-08-19 22:51 - 000000000 ____D C:\Users\Fennomenon\AppData\Local\PlaceholderTileL ogoFolder
2018-08-19 19:22 - 2018-08-19 19:22 - 000001417 _____ C:\Users\Fennomenon\Desktop\Microsoft Edge.lnk
2018-08-19 19:22 - 2018-08-19 19:22 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-08-19 19:18 - 2018-08-19 19:18 - 000000020 ___SH C:\Users\Fennomenon\ntuser.ini
2018-08-19 19:17 - 2018-09-14 18:37 - 000004278 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-08-19 19:17 - 2018-09-14 18:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-19 19:17 - 2018-08-31 09:41 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-08-19 19:17 - 2018-08-22 11:04 - 000004004 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachine UA
2018-08-19 19:17 - 2018-08-22 11:04 - 000003772 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachine Core
2018-08-19 19:17 - 2018-08-19 19:30 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1080258345-1341856016-602751229-1002
2018-08-19 19:17 - 2018-08-19 19:18 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineU A
2018-08-19 19:17 - 2018-08-19 19:17 - 000003132 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2018-08-19 19:17 - 2018-08-19 19:17 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineC ore
2018-08-19 19:17 - 2018-08-19 19:17 - 000002654 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine
2018-08-19 19:17 - 2018-08-19 19:17 - 000002490 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2018-08-19 19:17 - 2018-08-19 19:17 - 000002262 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2018-08-19 19:17 - 2018-08-19 19:17 - 000002254 _____ C:\WINDOWS\System32\Tasks\{7818B9BB-AA85-4C4E-B16D-B5A490BEEC25}
2018-08-19 19:17 - 2018-08-19 19:17 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-08-19 19:17 - 2018-08-19 19:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2018-08-19 19:17 - 2018-08-19 19:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2018-08-19 19:17 - 2018-08-19 19:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-08-19 19:16 - 2018-08-19 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-08-19 19:15 - 2018-08-19 19:16 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-08-19 19:15 - 2018-08-19 19:16 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-08-19 19:04 - 2018-09-14 18:42 - 000931448 _____ C:\WINDOWS\system32\PerfStringBackup.INI

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-15 11:49 - 2017-07-24 19:28 - 000195905 _____ C:\WINDOWS\ZAM.krnl.trace
2018-09-15 11:49 - 2017-07-24 19:28 - 000162178 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-09-15 11:48 - 2017-07-22 16:29 - 000000000 ____D C:\FRST
2018-09-15 11:43 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-15 11:01 - 2016-08-03 18:21 - 000000000 ____D C:\Users\Fennomenon\Documents\YouCam
2018-09-15 10:58 - 2016-09-13 17:40 - 000000000 ___RD C:\Users\Fennomenon\iCloudDrive
2018-09-15 10:57 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-15 10:57 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-14 20:05 - 2018-08-13 03:10 - 000000000 ____D C:\Users\Fennomenon
2018-09-14 20:05 - 2018-08-08 19:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-14 19:15 - 2018-05-18 22:10 - 000000000 ____D C:\Users\Fennomenon\AppData\Local\Packages
2018-09-14 19:13 - 2018-07-06 09:09 - 000000000 ____D C:\Users\Fennomenon\AppData\Local\CrashDumps
2018-09-14 19:10 - 2017-07-22 15:32 - 000000000 ____D C:\Program Files (x86)\AVG
2018-09-14 19:10 - 2017-07-22 15:29 - 000000000 ____D C:\Users\Fennomenon\AppData\Local\Avg
2018-09-14 18:53 - 2016-08-16 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-14 18:47 - 2017-07-22 15:41 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-09-14 18:46 - 2017-07-22 15:41 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-09-14 18:46 - 2016-08-16 13:35 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-14 18:43 - 2017-07-22 15:41 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-09-14 18:42 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-14 18:39 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-09-14 18:35 - 2016-03-24 21:50 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-14 18:35 - 2016-03-24 21:50 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-14 18:31 - 2017-09-01 16:05 - 000000000 ____D C:\Program Files\CCleaner
2018-09-01 20:34 - 2017-07-22 15:26 - 000000000 ____D C:\Users\Fennomenon\AppData\Roaming\Azureus
2018-09-01 18:43 - 2017-02-14 22:41 - 000000000 ____D C:\Users\Fennomenon\AppData\Local\Amazon Music
2018-09-01 18:42 - 2017-02-14 22:41 - 000001291 _____ C:\Users\Fennomenon\Desktop\Amazon Music.lnk
2018-09-01 18:33 - 2017-07-22 15:27 - 000000000 ____D C:\Users\Fennomenon\Documents\Vuze Downloads
2018-08-31 10:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-08-31 10:47 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-31 09:43 - 2017-07-22 15:41 - 000078864 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-08-31 09:41 - 2017-09-01 16:05 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-31 09:40 - 2018-06-25 22:12 - 000015344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2018-08-31 09:40 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-31 09:40 - 2017-11-27 21:31 - 000192104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-08-31 09:40 - 2017-07-22 15:41 - 000459624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.153694697565 601
2018-08-31 09:40 - 2017-07-22 15:41 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-08-31 09:40 - 2017-07-22 15:41 - 000207192 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys.15369470885 6202
2018-08-31 09:40 - 2017-07-22 15:41 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys.15369471 9782804
2018-08-31 09:40 - 2017-07-22 15:41 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-08-31 09:40 - 2017-07-22 15:41 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-08-31 09:39 - 2017-07-22 15:41 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-08-31 09:39 - 2017-07-22 15:41 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-08-31 09:39 - 2017-07-22 15:41 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-08-31 09:39 - 2017-07-22 15:41 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-08-31 09:39 - 2017-07-22 15:41 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-08-31 09:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-08-22 19:03 - 2017-02-16 08:58 - 000000000 ____D C:\Users\Fennomenon\AppData\Local\ConnectedDevices Platform
2018-08-22 11:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-21 20:33 - 2018-05-20 19:59 - 000000000 ___RD C:\Users\Fennomenon\3D Objects
2018-08-21 20:33 - 2016-11-23 00:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-21 20:28 - 2018-08-08 19:03 - 000268448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-19 22:53 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-19 22:53 - 2017-08-30 12:11 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-19 22:51 - 2018-04-12 17:17 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-19 22:51 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-08-19 19:36 - 2018-07-06 09:15 - 000000000 ____D C:\ProgramData\Packages
2018-08-19 19:30 - 2018-08-13 03:10 - 000002385 _____ C:\Users\Fennomenon\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\OneDrive.lnk
2018-08-19 19:30 - 2017-07-06 11:43 - 000000000 ___RD C:\Users\Fennomenon\OneDrive - wildern.hants.sch.uk
2018-08-19 19:19 - 2018-06-26 18:56 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-19 19:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration
2018-08-19 19:10 - 2016-08-03 18:46 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-19 19:03 - 2017-02-16 05:58 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-08-19 19:01 - 2018-08-13 03:10 - 000000000 ____D C:\Users\Fennomenon\Documents\hp.system.package.me tadata
2018-08-19 18:57 - 2017-02-24 20:23 - 000439710 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-08 19:03

==================== End of FRST.txt ============================
Reply With Quote
  #2  
Old 15-09-18, 10:57
StarLord StarLord is offline
Newbie
 
Join Date: Sep 2018
Posts: 4
Default Re: Slow performance

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Fennomenon (15-09-2018 11:50:37)
Running from C:\Users\Fennomenon\Downloads\Farbar Recovery
Windows 10 Home Version 1803 17134.228 (X64) (2018-08-19 18:18:16)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-1080258345-1341856016-602751229-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1080258345-1341856016-602751229-503 - Limited - Disabled)
Fennomenon (S-1-5-21-1080258345-1341856016-602751229-1002 - Administrator - Enabled) => C:\Users\Fennomenon
Guest (S-1-5-21-1080258345-1341856016-602751229-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1080258345-1341856016-602751229-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Amazon Music (HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\Amazon Amazon Music) (Version: 6.7.1.1366 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{2A582D42-F483-B0D7-2926-12F576D0D257}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter 6.1.3 (HKLM-x32\...\Any Video Converter) (Version: 6.1.3 - Anvsoft)
Apple Application Support (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.6.3066 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 68.0.639.61 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.155.333 - AVG Technologies) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-5cae477c-faaf-4ec0-b583-a8eecd390d35) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-1a13f97e-c021-4afe-a0f3-c01926cf8763) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-1b17f3fd-94fb-4881-b40d-be5a78a31710) (Version: 3.0.2.48 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Crazy Chicken Soccer (HKLM-x32\...\WTA-a45e0b51-b962-4d7f-af38-fcb16ce80649) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5829 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2.4627 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-e8805e66-004b-4ad3-b657-3243377b604d) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP CoolSense (HKLM-x32\...\{1504CF6F-8139-497F-86FC-46174B67CF7F}) (Version: 2.20.51 - Hewlett-Packard Company)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.6.18.11 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.9.24.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
iCloud (HKLM\...\{7464D896-C63C-412E-8ED3-3261C9F14E21}) (Version: 7.0.1.210 - Apple Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{1A51AA9E-D4BC-4318-9419-B55EA4C95B3C}) (Version: 17.1.1525.1443 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed4a5da7-ac62-4aa5-9502-7b4de55e8cb5}) (Version: 20.20.2 - Intel Corporation)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Jedi Knight: Dark Forces II (HKLM\...\{2c4b52b6-7c52-4c74-89e1-7009ef16d36a}.sdb) (Version: - )
Jewel Match 3 (HKLM-x32\...\WTA-5c59efb4-0ca3-4ba3-ad2a-a31ef5c36d2d) (Version: 2.2.0.97 - WildTangent) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft OneDrive for Business 2013 - en-us (HKLM\...\GrooveRetail - en-us) (Version: 15.0.4963.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-60d01e4b-61e4-4ad0-97e1-1df27297cecf) (Version: 3.0.2.59 - WildTangent) Hidden
Python 3.6.3 (32-bit) (HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\{1bb10b8c-6e63-4897-9fb2-3873ce30d7e1}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation)
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-20eb6541-c032-4838-bf12-222b9f16cf63) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.87 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7667 - Realtek Semiconductor Corp.)
Runefall (HKLM-x32\...\WTA-63eb2ba2-bd93-4f04-a46a-196e75d6302c) (Version: 3.0.2.126 - WildTangent) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Trinklit Supreme (HKLM-x32\...\WTA-a02237e0-7948-4495-9015-051cf47996b9) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}) (Version: 2.46.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-7d5894ea-901b-45e6-8ef9-d7522f72b4db) (Version: 3.0.2.59 - WildTangent) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.5.0 - Azureus Software, Inc.)
Wedding Dash (HKLM-x32\...\WTA-f7a4b8a9-3ee3-4e92-ab23-950b17541f3e) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.16 - WildTangent) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22395 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Youda Jewel Shop (HKLM-x32\...\WTA-78e1eeb4-2ff7-4656-a5cf-652466b75caf) (Version: 3.0.2.51 - WildTangent) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{F21C5C41-E759-472F-B5AE-501AC583B693}) (Version: 15.0.653.17211 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.0.653.17211 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{06F804D0-A69C-423A-8F77-A158EA7DF295}) (Version: 15.0.653.17211 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-08-15] (Microsoft Corporation)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-09-18] (Apple Inc.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-06] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B9DBA2B-4289-458F-8103-54DA7802A6FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {170745E9-8E7A-4324-90E6-47525FFBCEA5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.ex e [2016-11-07] (HP Inc.)
Task: {1C5DA19B-16ED-4718-B653-4415F38DF25D} - System32\Tasks\{7818B9BB-AA85-4C4E-B16D-B5A490BEEC25} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\ByteFence\ByteFence.exe" -c /uninstall
Task: {20C8F10B-82B9-4ACE-A874-E894CD55AD0C} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-08-22] (AVAST Software)
Task: {294D0E34-47B9-4311-8ABB-13BE63E53DFA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {4C2500BD-07DD-4FCE-BBC2-A180836556EB} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2015-05-21] (Hewlett-Packard Development Company, L.P.)
Task: {54B4BB46-0739-412E-AA26-F9C97F58ED75} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {59AA6AB3-5015-4507-8A8D-6374B8F4C41D} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-08-31] (AVG Technologies CZ, s.r.o.)
Task: {5B234294-8912-4BFD-8C09-8DF43E7CDE80} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-06-27] (HP Inc.)
Task: {633E5763-6CA2-4816-B7B9-B7689D741934} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {65183BD8-7594-4533-A53F-22F1E5510F93} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-09-14] (AVG Technologies) <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODClea nupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstall er.exe [2018-04-12] ()
Task: {67990438-6C7F-4674-9A98-F81B5DCED769} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {7303427B-275E-4A01-918A-0F2C58357685} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {7329706D-1844-4C4D-A5E5-A0D3F6B415E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {861631C6-B4C5-4B49-9EE9-8BE447C8B491} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {872F65E8-380A-4851-9395-3B23702260D8} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-10-29] (CyberLink Corp.)
Task: {881E5AB1-44A6-48E3-A72B-8F11AF454A88} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {98E12E9B-3366-4B24-B176-61DCA321AA8B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {A4B6EBEA-09AA-42E9-A3D0-A2B8A053DA76} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {AF9D7DC0-0CAD-4820-BECD-87221D6A29EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {B1C06F0C-5D24-4F39-9AD9-EE0DB6AC3940} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-14] (AVG Technologies CZ, s.r.o.)
Task: {CD14E78A-A8F6-4D9B-89F5-56BDB4D6EFF2} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-09-14] (AVG Technologies) <==== ATTENTION
Task: {CF7D53BD-FF07-4334-AF9D-1DCD2AAFBACA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {E0442D68-FFE4-41E5-8A1A-7024A8CE098C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {EB8CE6ED-4213-4D8F-8CE6-3A0631659F21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {EC9C99C5-27D4-4FC7-8927-4724CF7FEF61} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-08-22] (AVAST Software)
Task: {F7A9C979-23AB-4EE5-869E-7C7EA26D02C9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FAA298E5-6D17-4546-B5DA-6A100D950559} - System32\Tasks\HPCeeScheduleForFennomenon => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForFennomenon.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Fennomenon\AppData\Roaming\Microsoft\Wind ows\Start Menu\Programs\Chrome Apps\Coding with Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=becloognjehhioodmnimnehjcibkloed
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.booking.com/index.html?aid=398438&label=square

==================== Loaded Modules (Whitelisted) ==============

2018-04-04 18:03 - 2018-04-04 18:03 - 000173760 _____ () C:\WINDOWS\system32\IntelWifiIhv04.dll
2016-10-05 19:17 - 2016-10-05 19:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-07-06 11:35 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-06 22:39 - 2015-08-06 22:39 - 000127488 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-03-24 21:52 - 2014-04-14 19:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-08-22 07:34 - 2016-08-22 07:46 - 000592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2017-07-06 11:36 - 2017-07-06 11:37 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-19 21:46 - 2018-08-03 04:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.Core.dll
2018-08-19 19:10 - 2018-08-08 01:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libg lesv2.dll
2018-08-19 19:10 - 2018-08-08 01:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libe gl.dll
2018-08-31 09:50 - 2018-08-31 09:52 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos .exe
2018-08-31 09:50 - 2018-08-31 09:52 - 069283840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.Photos .dll
2017-10-06 20:30 - 2017-10-06 20:30 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\UnityEngineDeleg ates.dll
2018-08-31 09:50 - 2018-08-31 09:52 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\MediaEngineCSWra pper.dll
2018-08-21 20:46 - 2018-08-21 20:48 - 000049664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\RenderingPlugin. dll
2018-05-16 18:08 - 2018-05-16 18:15 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\ImagePipelineNat ive.dll
2018-08-31 09:50 - 2018-08-31 09:52 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\WinMLWrapper.UWP .dll
2018-08-21 20:46 - 2018-08-21 20:48 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\opencv_core320.d ll
2018-05-16 18:08 - 2018-05-16 18:15 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\TrackingDLLUWP.d ll
2018-08-21 20:46 - 2018-08-21 20:48 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\opencv_imgproc32 0.dll
2018-08-31 09:50 - 2018-08-31 09:52 - 014333440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\PhotosApp.Window s.dll
2018-08-31 09:50 - 2018-08-31 09:52 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-08-31 09:50 - 2018-08-31 09:52 - 002869248 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\AppCore.Windows. dll
2018-08-31 09:50 - 2018-08-31 09:52 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\RuntimeConfigura tion.dll
2018-08-06 21:02 - 2018-08-08 16:35 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18 071.15310.1000_x64__8wekyb3d8bbwe\Microsoft.UI.Xam l.dll
2018-09-14 18:59 - 2018-09-14 18:59 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.100 1.9.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-09-14 18:59 - 2018-09-14 18:59 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.100 1.9.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-10-05 19:18 - 2016-10-05 19:18 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-04-09 13:41 - 2018-04-09 13:41 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-08-31 09:39 - 2018-08-31 09:39 - 000574192 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2016-08-22 07:54 - 2016-08-22 07:54 - 038907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1080258345-1341856016-602751229-1002\...\sharepoint.com -> hxxps://wildernhantsschuk-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-07-24 19:21 - 2017-07-24 19:21 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1080258345-1341856016-602751229-1002\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{879D849C-BA2E-4EB1-A658-97ACBE0049C6}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{22D493F6-6B44-4515-AC58-76F2FB484F54}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{1A4FDB36-DCBB-4B9E-A34F-41469FE2D113}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{ECD05646-5ABB-4872-9D56-6E4308D7FC3A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{C6BF2099-8E20-41E7-A7FC-3ECA862816F6}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{E5811199-7F84-4792-831E-22ACEA3F1750}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [UDP Query User{3E78C287-E735-4C94-8D94-4A1EA85B8B6A}C:\users\fennomenon\appdata\local\ama zon music\amazon music helper.exe] => (Allow) C:\users\fennomenon\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{A730A060-FF69-4A80-8BCE-83A5DE6D1800}C:\users\fennomenon\appdata\local\ama zon music\amazon music helper.exe] => (Allow) C:\users\fennomenon\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{B25DFAC3-2E69-4127-B2F7-970B75AC8A48}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{73320393-54C4-49ED-9276-FDCEDF458BE2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{13A27CCA-A729-47A2-A564-6F0F741BF689}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPD VD14.exe
FirewallRules: [{7C5A5E9C-E8CF-475F-98BE-60ABE61D00D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{552A760A-7F48-421B-B527-60F89BFEA899}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{8B25E8F1-5734-404E-9D48-C6EA472310D3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{D0718E7F-F4E1-4AAB-95BF-E94D28BF7C92}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22E50A7C-182D-46CA-9B0D-AF67C3634435}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1DB8802-6B31-497B-A8EF-A288DA4BB258}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FF060E89-93DB-4912-A796-3AA6025BD7FF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9ED13F85-2CE3-4C9A-83E4-B3B426DC0390}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8FA07691-F443-4283-A2EF-A1324A9089DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F578340B-6FE4-486F-85F5-286EAB5FA3D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{39B4F09F-C53A-4798-8760-4B75C463B191}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{CD698AB8-EB67-4548-AB1A-4533F2CABED5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7BB89198-2C3A-47DD-BD1D-06AC3EB9B8DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{FCCD642F-71BE-4C82-AA01-2037A6613441}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe
FirewallRules: [{8CC3123A-4F28-4209-83CD-1E920B56CCD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Football Manager 2017\fm.exe
FirewallRules: [{27256F54-AE92-48A8-B662-EC97138B2B5C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{143FED4A-0210-4F73-AC35-66A8561B7F61}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{543FE4C9-FA3E-49AE-ABBD-B87A036DCE3D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{11B481DD-CE6E-4651-AD91-A339A6A0C526}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{E7C3F1F6-4D89-4CB8-A6E1-13130E9E445B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{271841F8-87F0-4C02-B038-8E63733C60E2}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{C9211CC4-B7BC-4BAB-ACDA-BFCD3CD5A683}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{9DB669D5-A0DD-4D6C-ABF2-75F5B2CAEDE7}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe

==================== Restore Points =========================

31-08-2018 13:56:13 Scheduled Checkpoint
14-09-2018 18:45:09 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/15/2018 11:24:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AdaptiveSleepService.exe, version: 0.0.0.0, time stamp: 0x55c40c49
Faulting module name: AdaptiveSleepService.exe, version: 0.0.0.0, time stamp: 0x55c40c49
Exception code: 0xc0000005
Fault offset: 0x000000000000b9f4
Faulting process ID: 0xcd0
Faulting application start time: 0x01d44c51b7e854f9
Faulting application path: c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
Faulting module path: c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
Report ID: 4c32c955-645d-40ac-be17-36b87b2e565b
Faulting package full name:
Faulting package-relative application ID:

Error: (09/14/2018 08:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_UserDataSvc, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: ucrtbase.dll, version: 10.0.17134.191, time stamp: 0x5db729cd
Exception code: 0xc0000005
Fault offset: 0x0000000000039078
Faulting process ID: 0x2100
Faulting application start time: 0x01d44c51d018a006
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\System32\ucrtbase.dll
Report ID: 7e5a3434-ad85-4737-af4c-f1238c166298
Faulting package full name:
Faulting package-relative application ID:

Error: (09/14/2018 07:13:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00000000
Faulting process ID: 0x140c
Faulting application start time: 0x01d44c54e772ca5d
Faulting application path: bad_module_info
Faulting module path: unknown
Report ID: 01db32c0-bd28-4315-bea9-44b67f60d7b1
Faulting package full name:
Faulting package-relative application ID:

Error: (09/14/2018 06:36:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ICM-Service.exe, version: 15.0.653.17211, time stamp: 0x58a284e6
Faulting module name: ntdll.dll, version: 10.0.17134.228, time stamp: 0x2c71c7b8
Exception code: 0xc0000005
Fault offset: 0x0004481b
Faulting process ID: 0xf6c
Faulting application start time: 0x01d44c515e38dd87
Faulting application path: C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report ID: b4cf3824-6168-4e38-935a-9daf5eff6217
Faulting package full name:
Faulting package-relative application ID:

Error: (09/14/2018 06:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HxTsr.exe, version: 16.0.10730.20064, time stamp: 0x5b7d72b2
Faulting module name: HxOutlookBackground.dll, version: 16.0.10730.20064, time stamp: 0x5b7daeda
Exception code: 0x80000003
Fault offset: 0x000000000000ac8a
Faulting process ID: 0x101c
Faulting application start time: 0x01d4456d2cacbeb1
Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.10730.20064.0_x64__8wekyb3d8bbwe\HxTsr.e xe
Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.10730.20064.0_x64__8wekyb3d8bbwe\HxOutlo okBackground.dll
Report ID: 4db0b8ea-6054-42cd-a4f2-254baa0d5c92
Faulting package full name: microsoft.windowscommunicationsapps_16005.10730.20 064.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (09/06/2018 12:07:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8984

Error: (09/06/2018 12:07:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8984

Error: (09/06/2018 12:07:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/15/2018 11:24:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AdaptiveSleepService service terminated unexpectedly. It has done this 1 time(s).

Error: (09/15/2018 10:59:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/15/2018 10:56:08 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FOH831L0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-FOH831L0\Fennomenon SID (S-1-5-21-1080258345-1341856016-602751229-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/15/2018 10:54:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/15/2018 10:54:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/15/2018 10:54:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/14/2018 07:12:54 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FOH831L0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-FOH831L0\Fennomenon SID (S-1-5-21-1080258345-1341856016-602751229-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/14/2018 07:10:30 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FOH831L0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user LAPTOP-FOH831L0\Fennomenon SID (S-1-5-21-1080258345-1341856016-602751229-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================

Date: 2018-08-19 19:21:27.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_ broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 50%
Total physical RAM: 7102.88 MB
Available physical RAM: 3530.99 MB
Total Virtual: 7550.88 MB
Available Virtual: 3420.52 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1847.29 GB) (Free:1443.27 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.74 GB) (Free:1.63 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{8c5c4cf1-1151-46d2-bb0f-17ac50dd068d}\ () (Fixed) (Total:1.71 GB) (Free:1.19 GB) NTFS
\\?\Volume{334f331e-12b2-48f3-bad3-97aaa0afd79d}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 1863 GB) (Disk ID: 07A4E257)

Partition: GPT.

==================== End of Addition.txt ============================
Reply With Quote
  #3  
Old 20-09-18, 12:46
kevinf80's Avatar
kevinf80 kevinf80 is offline
Global Moderator
 
Join Date: Feb 2008
Location: Sunderland.UK.
Posts: 2,954
Default Re: Slow performance

Hello StarLord and welcome to WebUser,

What exactly do you believe is wrong with your system, there is no obvious Malware or Infection showing in your FRST logs..

One point of note is the following Proxy server setting, do you know of and trust this proxy server..?

ProxyServer: [S-1-5-21-1080258345-1341856016-602751229-1002] => proxy.wildern.hants.sch.uk:9000

Thank you,

Kevin..
Reply With Quote
  #4  
Old 24-09-18, 20:59
StarLord StarLord is offline
Newbie
 
Join Date: Sep 2018
Posts: 4
Default Re: Slow performance

Hello, yes that is trusted. Just general slow performance, booting up, some navigation etc
Reply With Quote
  #5  
Old 24-09-18, 21:34
Cantrel Cantrel is offline
Global Moderator
 
Join Date: Jul 2012
Location: UK
Posts: 11,201
Default Re: Slow performance

Now that an infection has been ruled out, can I suggest that you go Start - type %temp% and press enter when it comes up.

If that is highly populated then press CTRL+a to highlight then CTRL+d to delete - confirm then check the box and select Skip then empty the Recycle Bin.

Right click on the taskbar and select Task Manager.

If that is the first time you have been into Task Manager you will be presented with a blank window - click on More info lower left where the window will populate.

Click on Start-up and disable all items by clicking on each and then on Disable in turn - I only have Realtek HD Audio Manager enabled in mine.

Click on Processes and check how much CPU and memory is being used.

Clicking on either CPU or Memory will sort to the highest user at the top.

Check to see if anything is hogging either.

If that is okay then click on File/Exit - reboot to see if there is any improvement in boot speed and performance.

A disk defragment wouldn't go amiss if you are using a HDD but you don't defrag a SSD - Windows will take care of that.

I've noticed that as well as AVG you are also using Zonealarm.

Are you just using the firewall aspect of Zonealarm as running two antivirus programs can cause problems.
Reply With Quote
Reply

Bookmarks

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Search the forum

Search

© Dennis Publishing Limited Licensed by Felden





All times are GMT. The time now is 05:20.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright Dennis Publishing 2010, All rights reserved