Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

I think my PC is infected

This is a discussion on I think my PC is infected within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hi,I inadvertently clicked on an email link and now think I`m infected.My PC is a Medion with AMD A8-5500 ,3.2


 
 
Thread Tools Search this Thread
Old 12-08-2018, 08:52 AM   #1
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi,I inadvertently clicked on an email link and now think I`m infected.My PC is a Medion with AMD A8-5500 ,3.2 GHZ with 4 gig RAM using windows 10 home edition.
I often leave the pc on overnight and the next morning there was a window opened which was blank but the tab was titled DSL-3782 self help,which relates to my router.I`ve managed to change all my financial passwords but having carried out scans with Malwarebytes,Spybot,and Avast anti-virus,I don`t have a clue how to remove the problem.
I ran dds and the results are below.I don`t have a windows disc,it came pre-installed.Kind regards,ingylad99


DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.191.2 Run by ingylad99 at 13:16:14 on 2018-12-08 Microsoft Windows 10 Home 10.0.17134.0.1252.44.2057.18.3543.1162 [GMT 0:00] . AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p C:\WINDOWS\system32\fontdrvhost.exe C:\WINDOWS\system32\fontdrvhost.exe C:\WINDOWS\system32\svchost.exe -k RPCSS -p C:\WINDOWS\system32\dwm.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k netsvcs -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\system32\svchost.exe -k LocalService -p C:\Windows\System32\WUDFHost.exe C:\WINDOWS\system32\atieclxx.exe C:\WINDOWS\System32\svchost.exe -k NetworkService -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k appmodel -p C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalService -p C:\WINDOWS\system32\dashost.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\SysWOW64\CTsvcCDA.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\WINDOWS\system32\DbxSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe svchost.exe C:\Program Files\CyberLink\Shared files\RichVideo64.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p C:\Program Files\Windows Media Player\wmpnetwk.exe C:\WINDOWS\system32\sihost.exe C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup C:\WINDOWS\system32\taskhostw.exe C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Windows Defender\MSASCuiL.exe C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\CCleaner\CCleaner64.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Program Files\rempl\sedsvc.exe C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe C:\WINDOWS\system32\ApplicationFrameHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe svchost.exe C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\smartscreen.exe C:\WINDOWS\system32\AUDIODG.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxps://www.google.com/?trackid=sp-006 uSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - <orphaned> BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll uRun: [OneDrive] "C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" uRun: [Creative MediaSource Go] "C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB uRun: [Amazon Music] C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music.exe uRun: [Amazon Music Helper] "C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe" uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" uRun: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: ConfirmFileDelete = dword:1 mPolicies-System: DSCAutomationHostEnabled = dword:2 mPolicies-System: EnableFullTrustStartupTasks = dword:2 mPolicies-System: EnableUwpStartupTasks = dword:2 mPolicies-System: SupportFullTrustStartupTasks = dword:1 mPolicies-System: SupportUwpStartupTasks = dword:1 mPolicies-System: SoftwareSASGeneration = dword:1 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{5ae57723-0e29-442a-86e3-461a23b72aa8} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{f3528235-6914-4b15-93e7-d52d3665993a} : DHCPNameServer = 192.168.1.1 Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll x64-BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui x64-mPolicies-Explorer: ConfirmFileDelete = dword:1 x64-mPolicies-System: DSCAutomationHostEnabled = dword:2 x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2 x64-mPolicies-System: EnableUwpStartupTasks = dword:2 x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1 x64-mPolicies-System: SupportUwpStartupTasks = dword:1 x64-mPolicies-System: SoftwareSASGeneration = dword:1 x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned> . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll Hosts: 127.0.0.1 Spywareinfo.com Hosts: 0.0.0.0 choice.microsoft.com Hosts: 0.0.0.0 choice.microsoft.com.nstac.net Hosts: 0.0.0.0 df.telemetry.microsoft.com Hosts: 0.0.0.0 oca.telemetry.microsoft.com . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/ FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_32_0_0_101.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2013-4-4 79528] R0 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2013-4-4 26280] R0 aswbidsh;aswbidsh;C:\WINDOWS\System32\drivers\aswbidsha.sys [2017-3-16 201768] R0 aswblog;aswblog;C:\WINDOWS\System32\drivers\aswbloga.sys [2017-3-16 346592] R0 aswbuniv;aswbuniv;C:\WINDOWS\System32\drivers\aswbuniva.sys [2017-3-16 59496] R0 aswElam;aswElam;C:\WINDOWS\System32\drivers\aswElam.sys [2018-6-25 15360] R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-10-10 87432] R0 aswVmm;aswVmm;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-10-10 380464] R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192] R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272] R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896] R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288] R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-29 72768] R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472] R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816] R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424] R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464] R1 aswArPot;aswArPot;C:\WINDOWS\System32\drivers\aswArPot.sys [2017-11-20 201240] R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2017-3-16 230344] R1 aswHdsKe;aswHdsKe;C:\WINDOWS\System32\drivers\aswHdsKe.sys [2018-1-10 239840] R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2018-11-1 42288] R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2015-10-10 1028680] R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-10-10 469272] R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320] R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2013-4-8 91712] R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808] R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 255472] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-4 351944] R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616] R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-10-10 163208] R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-10-10 208472] R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-12-6 324000] R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R2 CDPUserSvc_44504;CDPUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-7-29 414720] R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288] R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2013-3-11 74712] R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2013-3-11 316376] R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2018-11-28 51024] R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-10-3 6347056] R2 OneSyncSvc_44504;OneSyncSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-11 51288] R2 PlexUpdateService;Plex Update Service;C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2018-7-18 2232296] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-4-8 386344] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-12-12 3892256] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-12-12 3943664] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-11-17 233712] R2 SecurityHealthService;Windows Defender Security Centre Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-29 760888] R2 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2018-12-2 326336] R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336] R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432] R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960] R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 WpnUserService_44504;WpnUserService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-12-6 8188768] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-8-31 102912] R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288] R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-12-8 260480] R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992] R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160] R3 RtlWlanu_OldIC;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [2018-4-11 3814400] R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2013-4-4 57000] R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192] S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144] S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480] S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520] S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-11-21 40720] S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432] S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288] S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288] S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-10-10 46384] S3 AvastWscReporter;AvastWscReporter;C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-12-6 57504] S3 BcastDVRUserService_44504;BcastDVRUserService_44504;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288] S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728] S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056] S3 BluetoothUserService_44504;BluetoothUserService_44504;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288] S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304] S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936] S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320] S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392] S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432] S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952] S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144] S3 DevicePickerUserSvc_44504;DevicePickerUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevicesFlowUserSvc_44504;DevicesFlowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984] S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624] S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288] S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288] S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992] S3 GoogleChromeElevationService;Google Chrome Elevation Service;C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [2018-12-4 375776] S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288] S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592] S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136] S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864] S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648] S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360] S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576] S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520] S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592] S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128] S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152] S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144] S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232] S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912] S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256] S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816] S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312] S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408] S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288] S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240] S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736] S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160] S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328] S3 MessagingService_44504;MessagingService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648] S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952] S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104] S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632] S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448] S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776] S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848] S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 PimIndexMaintenanceSvc_44504;PimIndexMaintenanceSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896] S3 PrintWorkflowUserSvc_44504;PrintWorkflowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288] S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840] S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-29 1921944] S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-29 945568] S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288] S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448] S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288] S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920] S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176] S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344] S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528] S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288] S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752] S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-7-29 976384] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288] S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-7-29 105368] S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-29 48544] S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616] S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512] S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576] S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856] S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056] S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-7-29 29600] S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008] S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200] S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288] S3 UnistoreSvc_44504;UnistoreSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088] S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992] S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064] S3 UserDataSvc_44504;UserDataSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-13 36352] S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240] S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288] S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944] S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-13 787456] S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408] S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032] S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616] S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288] S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152] S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-13 228864] S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920] S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288] S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512] S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-29 295424] S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592] S4 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288] S4 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184] S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616] S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] . =============== File Associations =============== . FileExt: .txt: soffice.StarWriterDocument.6="C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" -o "%1" [UserChoice] . =============== Created Last 30 ================ . 2018-12-08 12:56:36 260480 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys 2018-12-08 09:52:59 -------- d-----w- C:\Users\ingylad99\AppData\Local\ESET 2018-12-06 07:38:06 5213184 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe 2018-11-28 13:09:04 51024 ----a-w- C:\WINDOWS\System32\DbxSvc.exe 2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys 2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys 2018-11-28 13:09:04 45752 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys 2018-11-13 20:16:52 835688 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2018-11-13 20:16:52 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2018-11-13 18:54:18 7520088 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll 2018-11-13 18:54:18 6570368 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll 2018-11-13 18:54:15 25855488 ----a-w- C:\WINDOWS\System32\edgehtml.dll 2018-11-13 18:54:13 23861760 ----a-w- C:\WINDOWS\System32\Hydrogen.dll 2018-11-13 18:54:06 4527776 ----a-w- C:\WINDOWS\System32\sppsvc.exe 2018-11-13 18:54:03 22015488 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll 2018-11-13 18:54:01 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll 2018-11-13 18:54:00 9089848 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe . ==================== Find3M ==================== . 2018-12-08 12:51:36 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin 2018-12-06 18:56:43 239840 ----a-w- C:\WINDOWS\System32\drivers\aswHdsKe.sys 2018-11-01 11:49:26 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe 2018-11-01 11:45:20 1376672 ----a-w- C:\WINDOWS\System32\ole32.dll 2018-11-01 11:45:04 1617320 ----a-w- C:\WINDOWS\System32\sppobjs.dll 2018-11-01 11:32:09 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll 2018-11-01 11:31:51 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll 2018-11-01 11:30:26 122368 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll 2018-11-01 11:30:15 29696 ----a-w- C:\WINDOWS\System32\msisip.dll 2018-11-01 11:29:05 73728 ----a-w- C:\WINDOWS\System32\SMSRouter.dll 2018-11-01 11:28:55 253952 ----a-w- C:\WINDOWS\System32\prnntfy.dll 2018-11-01 11:28:25 4491264 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe 2018-11-01 11:28:09 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys 2018-11-01 11:27:22 878592 ----a-w- C:\WINDOWS\System32\CPFilters.dll 2018-11-01 11:27:01 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll 2018-11-01 11:26:51 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll 2018-11-01 11:26:21 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll 2018-11-01 11:25:57 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe 2018-11-01 10:09:54 1027000 ----a-w- C:\WINDOWS\SysWow64\ole32.dll 2018-11-01 09:59:13 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll 2018-11-01 09:56:37 24576 ----a-w- C:\WINDOWS\SysWow64\msisip.dll 2018-11-01 09:56:03 226304 ----a-w- C:\WINDOWS\SysWow64\prnntfy.dll 2018-11-01 09:54:26 3397632 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe 2018-11-01 09:53:44 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll 2018-11-01 09:52:45 2892800 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys 2018-11-01 07:39:00 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe 2018-11-01 07:38:08 269336 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll 2018-11-01 07:37:57 272408 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll 2018-11-01 07:28:29 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe 2018-11-01 07:28:20 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe 2018-11-01 07:28:17 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll 2018-11-01 07:28:13 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe 2018-11-01 07:28:11 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys 2018-11-01 07:28:09 1062712 ----a-w- C:\WINDOWS\System32\SecConfig.efi 2018-11-01 07:27:52 491200 ----a-w- C:\WINDOWS\System32\mf.dll 2018-11-01 07:27:36 1017152 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll 2018-11-01 07:26:42 3180080 ----a-w- C:\WINDOWS\System32\d3d11.dll 2018-11-01 07:26:28 3291640 ----a-w- C:\WINDOWS\System32\combase.dll 2018-11-01 07:26:22 1363536 ----a-w- C:\WINDOWS\System32\WinTypes.dll 2018-11-01 07:26:01 7432120 ----a-w- C:\WINDOWS\System32\windows.storage.dll 2018-11-01 07:03:03 34816 ----a-w- C:\WINDOWS\System32\dusmtask.exe 2018-11-01 07:03:00 3397120 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2018-11-01 07:02:22 47104 ----a-w- C:\WINDOWS\System32\dusmapi.dll 2018-11-01 07:02:21 23552 ----a-w- C:\WINDOWS\System32\CSystemEventsBrokerClient.dll 2018-11-01 07:01:20 7057408 ----a-w- C:\WINDOWS\System32\mos.dll 2018-11-01 07:01:10 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll 2018-11-01 07:00:25 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll 2018-11-01 07:00:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe 2018-11-01 07:00:14 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll 2018-11-01 07:00:11 6031360 ----a-w- C:\WINDOWS\System32\d2d1.dll 2018-11-01 07:00:10 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll 2018-11-01 06:59:14 241152 ----a-w- C:\WINDOWS\System32\tetheringservice.dll 2018-11-01 06:59:09 107520 ----a-w- C:\WINDOWS\System32\dab.dll 2018-11-01 06:59:04 176128 ----a-w- C:\WINDOWS\System32\WPTaskScheduler.dll 2018-11-01 06:59:02 192000 ----a-w- C:\WINDOWS\System32\scrrun.dll 2018-11-01 06:59:00 322048 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe 2018-11-01 06:58:48 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll 2018-11-01 06:58:43 530432 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll 2018-11-01 06:58:43 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll 2018-11-01 06:58:42 149504 ----a-w- C:\WINDOWS\System32\dssvc.dll 2018-11-01 06:58:11 273408 ----a-w- C:\WINDOWS\System32\ubpm.dll 2018-11-01 06:58:10 4867072 ----a-w- C:\WINDOWS\System32\jscript9.dll 2018-11-01 06:58:03 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll 2018-11-01 06:57:53 835584 ----a-w- C:\WINDOWS\System32\PhoneService.dll 2018-11-01 06:57:47 356352 ----a-w- C:\WINDOWS\System32\dusmsvc.dll 2018-11-01 06:57:44 898560 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll 2018-11-01 06:57:42 2364928 ----a-w- C:\WINDOWS\System32\OpcServices.dll 2018-11-01 06:57:41 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll 2018-11-01 06:57:41 265728 ----a-w- C:\WINDOWS\System32\psmsrv.dll 2018-11-01 06:57:38 2825728 ----a-w- C:\WINDOWS\System32\MapGeocoder.dll 2018-11-01 06:57:27 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll 2018-11-01 06:57:19 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll 2018-11-01 06:57:16 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll 2018-11-01 06:57:14 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll 2018-11-01 06:57:04 281600 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll 2018-11-01 06:56:57 1768448 ----a-w- C:\WINDOWS\System32\audiosrv.dll 2018-11-01 06:56:53 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll 2018-11-01 06:56:33 506880 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll 2018-11-01 06:56:25 2929664 ----a-w- C:\WINDOWS\System32\xpsservices.dll 2018-11-01 06:56:19 1395200 ----a-w- C:\WINDOWS\System32\TokenBroker.dll 2018-11-01 06:55:23 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll 2018-11-01 06:55:15 684544 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll 2018-11-01 06:55:09 1058304 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe 2018-11-01 06:54:44 1225216 ----a-w- C:\WINDOWS\System32\MapsStore.dll 2018-11-01 06:54:41 916480 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.Web.Core.dll 2018-11-01 06:54:39 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll 2018-11-01 06:54:23 1023488 ----a-w- C:\WINDOWS\System32\ShareHost.dll 2018-11-01 06:54:21 1264640 ----a-w- C:\WINDOWS\System32\JpMapControl.dll 2018-11-01 06:54:13 606208 ----a-w- C:\WINDOWS\System32\updatehandlers.dll 2018-11-01 06:54:12 943616 ----a-w- C:\WINDOWS\System32\BingOnlineServices.dll 2018-11-01 06:54:11 1679360 ----a-w- C:\WINDOWS\System32\wwansvc.dll 2018-11-01 06:54:06 884736 ----a-w- C:\WINDOWS\System32\MapControlCore.dll 2018-11-01 06:54:03 895488 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll 2018-11-01 06:54:00 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll 2018-11-01 06:53:53 2248192 ----a-w- C:\WINDOWS\System32\wlidsvc.dll 2018-11-01 06:53:53 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll 2018-11-01 06:53:52 542208 ----a-w- C:\WINDOWS\System32\vbscript.dll 2018-11-01 06:53:51 1373696 ----a-w- C:\WINDOWS\System32\usocore.dll 2018-11-01 06:53:47 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll 2018-11-01 06:53:26 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe . ============= FINISH: 13:17:37.93 ===============
Attached Files
File Type: txt attach.txt (12.3 KB, 5 views)
ingylad99 is offline  
Sponsored Links
Advertisement
 
Old 12-08-2018, 08:55 AM   #2
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



what have I done wrong there?
ingylad99 is offline  
Old 12-08-2018, 08:58 AM   #3
Team Manager
Microsoft Support
 
Corday's Avatar
 
Join Date: Mar 2010
Location: Midlands of South Carolina
Posts: 26,072
OS: Windows10. In the past CP/M, DOS, Windows 95, 2000, 98SE, ME, Vista & Windows 7

My System


Just be patient. A forum doesn't necessarily beget a response in 3 minutes. If nothing in 24 hours, bump.
__________________

The stability of an OS is in direct proportion to the stability of the user.
Corday is offline  
Sponsored Links
Advertisement
 
Old 12-08-2018, 09:06 AM   #4
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.191.2 Run by ingylad99 at 13:16:14 on 2018-12-08 Microsoft Windows 10 Home 10.0.17134.0.1252.44.2057.18.3543.1162 [GMT 0:00] . AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p C:\WINDOWS\system32\fontdrvhost.exe C:\WINDOWS\system32\fontdrvhost.exe C:\WINDOWS\system32\svchost.exe -k RPCSS -p C:\WINDOWS\system32\dwm.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k netsvcs -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\system32\svchost.exe -k LocalService -p C:\Windows\System32\WUDFHost.exe C:\WINDOWS\system32\atieclxx.exe C:\WINDOWS\System32\svchost.exe -k NetworkService -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k appmodel -p C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalService -p C:\WINDOWS\system32\dashost.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\SysWOW64\CTsvcCDA.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\WINDOWS\system32\DbxSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe svchost.exe C:\Program Files\CyberLink\Shared files\RichVideo64.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p C:\Program Files\Windows Media Player\wmpnetwk.exe C:\WINDOWS\system32\sihost.exe C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup C:\WINDOWS\system32\taskhostw.exe C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExp
erienceHost.exe

C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Windows Defender\MSASCuiL.exe C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\CCleaner\CCleaner64.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Program Files\rempl\sedsvc.exe C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe C:\WINDOWS\system32\ApplicationFrameHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe svchost.exe C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\smartscreen.exe C:\WINDOWS\system32\AUDIODG.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxps://www.google.com/?trackid=sp-006 uSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - <orphaned> BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll uRun: [OneDrive] "C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" uRun: [Creative MediaSource Go] "C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB uRun: [Amazon Music] C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music.exe uRun: [Amazon Music Helper] "C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe"
uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" uRun: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: ConfirmFileDelete = dword:1 mPolicies-System: DSCAutomationHostEnabled = dword:2 mPolicies-System: EnableFullTrustStartupTasks = dword:2 mPolicies-System: EnableUwpStartupTasks = dword:2 mPolicies-System: SupportFullTrustStartupTasks = dword:1 mPolicies-System: SupportUwpStartupTasks = dword:1 mPolicies-System: SoftwareSASGeneration = dword:1 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{5ae57723-0e29-442a-86e3-461a23b72aa8} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{f3528235-6914-4b15-93e7-d52d3665993a} : DHCPNameServer = 192.168.1.1 Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll x64-BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui x64-mPolicies-Explorer: ConfirmFileDelete = dword:1 x64-mPolicies-System: DSCAutomationHostEnabled = dword:2 x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2 x64-mPolicies-System: EnableUwpStartupTasks = dword:2 x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1 x64-mPolicies-System: SupportUwpStartupTasks = dword:1 x64-mPolicies-System: SoftwareSASGeneration = dword:1 x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned> . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned> x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll Hosts: 127.0.0.1 www.spywareinfo.com Hosts: 0.0.0.0 choice.microsoft.com Hosts: 0.0.0.0 choice.microsoft.com.nstac.net Hosts: 0.0.0.0 df.telemetry.microsoft.com Hosts: 0.0.0.0 oca.telemetry.microsoft.com . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/ FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_32_0_0_101.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2013-4-4 79528] R0 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2013-4-4 26280] R0 aswbidsh;aswbidsh;C:\WINDOWS\System32\drivers\aswbidsha.sys [2017-3-16 201768] R0 aswblog;aswblog;C:\WINDOWS\System32\drivers\aswbloga.sys [2017-3-16 346592] R0 aswbuniv;aswbuniv;C:\WINDOWS\System32\drivers\aswbuniva.sys [2017-3-16 59496] R0 aswElam;aswElam;C:\WINDOWS\System32\drivers\aswElam.sys [2018-6-25 15360] R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-10-10 87432] R0 aswVmm;aswVmm;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-10-10 380464] R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192] R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272] R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896] R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288] R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-29 72768] R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472] R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816] R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424] R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464] R1 aswArPot;aswArPot;C:\WINDOWS\System32\drivers\aswArPot.sys [2017-11-20 201240] R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2017-3-16 230344] R1 aswHdsKe;aswHdsKe;C:\WINDOWS\System32\drivers\aswHdsKe.sys [2018-1-10 239840] R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2018-11-1 42288] R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2015-10-10 1028680] R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-10-10 469272] R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320] R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2013-4-8 91712] R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808] R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 255472] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-4 351944] R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616] R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-10-10 163208] R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-10-10 208472]
2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-12-6 324000]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R2 CDPUserSvc_44504;CDPUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-7-29 414720] R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288] R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2013-3-11 74712] R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2013-3-11 316376] R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2018-11-28 51024] R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-10-3 6347056] R2 OneSyncSvc_44504;OneSyncSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-11 51288] R2 PlexUpdateService;Plex Update Service;C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2018-7-18 2232296] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-4-8 386344] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-12-12 3892256] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-12-12 3943664] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-11-17 233712] R2 SecurityHealthService;Windows Defender Security Centre Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-29 760888] R2 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2018-12-2 326336] R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336] R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432] R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960] R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 WpnUserService_44504;WpnUserService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-12-6 8188768] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-8-31 102912] R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288] R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-12-8 260480] R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992] R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160] R3 RtlWlanu_OldIC;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [2018-4-11 3814400] R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11



51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2013-4-4 57000] R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192] S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144] S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480] S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520] S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-11-21 40720] S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432] S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288] S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288] S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-10-10 46384] S3 AvastWscReporter;AvastWscReporter;C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-12-6 57504] S3 BcastDVRUserService_44504;BcastDVRUserService_44504;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288] S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728] S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056] S3 BluetoothUserService_44504;BluetoothUserService_44504;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288] S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304] S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936] S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320] S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392] S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432] S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952] S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144] S3 DevicePickerUserSvc_44504;DevicePickerUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevicesFlowUserSvc_44504;DevicesFlowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984] S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624] S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288] S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288] S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992] S3 GoogleChromeElevationService;Google Chrome Elevation Service;C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [2018-12-4 375776]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288] S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592] S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136] S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864] S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648] S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360] S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576] S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520] S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592] S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128] S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152] S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144] S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232] S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912] S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256] S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816] S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312] S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408] S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288] S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240] S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736] S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160] S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328] S3 MessagingService_44504;MessagingService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648] S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952] S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104] S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632] S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448] S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776] S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848] S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 PimIndexMaintenanceSvc_44504;PimIndexMaintenanceSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_44504;PrintWorkflowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288] S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840] S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-29 1921944] S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-29 945568] S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288] S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448] S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288] S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920] S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176] S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344] S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528] S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288] S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752] S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-7-29 976384] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288] S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-7-29 105368] S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-29 48544] S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616] S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512] S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576] S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856] S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056] S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-7-29 29600] S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008] S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200] S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288] S3 UnistoreSvc_44504;UnistoreSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088] S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992] S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064] S3 UserDataSvc_44504;UserDataSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-13 36352] S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240] S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11
51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944] S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-13 787456] S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408] S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032] S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616] S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288] S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152] S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-13 228864] S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920] S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288] S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512] S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-29 295424] S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592] S4 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288] S4 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184] S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616] S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] . =============== File Associations =============== . FileExt: .txt: soffice.StarWriterDocument.6="C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" -o "%1" [UserChoice] . =============== Created Last 30 ================ . 2018-12-08 12:56:36 260480 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys 2018-12-08 09:52:59 -------- d-----w- C:\Users\ingylad99\AppData\Local\ESET 2018-12-06 07:38:06 5213184 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe 2018-11-28 13:09:04 51024 ----a-w- C:\WINDOWS\System32\DbxSvc.exe 2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys 2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys 2018-11-28 13:09:04 45752 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys 2018-11-13 20:16:52 835688 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2018-11-13 20:16:52 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2018-11-13 18:54:18 7520088 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll 2018-11-13 18:54:18 6570368 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll 2018-11-13 18:54:15 25855488 ----a-w- C:\WINDOWS\System32\edgehtml.dll 2018-11-13 18:54:13 23861760 ----a-w- C:\WINDOWS\System32\Hydrogen.dll 2018-11-13 18:54:06 4527776 ----a-w- C:\WINDOWS\System32\sppsvc.exe 2018-11-13 18:54:03 22015488 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-11-13 18:54:01 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll 2018-11-13 18:54:00 9089848 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe . ==================== Find3M ==================== . 2018-12-08 12:51:36 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin 2018-12-06 18:56:43 239840 ----a-w- C:\WINDOWS\System32\drivers\aswHdsKe.sys 2018-11-01 11:49:26 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe 2018-11-01 11:45:20 1376672 ----a-w- C:\WINDOWS\System32\ole32.dll 2018-11-01 11:45:04 1617320 ----a-w- C:\WINDOWS\System32\sppobjs.dll 2018-11-01 11:32:09 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll 2018-11-01 11:31:51 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll 2018-11-01 11:30:26 122368 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll 2018-11-01 11:30:15 29696 ----a-w- C:\WINDOWS\System32\msisip.dll 2018-11-01 11:29:05 73728 ----a-w- C:\WINDOWS\System32\SMSRouter.dll 2018-11-01 11:28:55 253952 ----a-w- C:\WINDOWS\System32\prnntfy.dll 2018-11-01 11:28:25 4491264 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe 2018-11-01 11:28:09 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys 2018-11-01 11:27:22 878592 ----a-w- C:\WINDOWS\System32\CPFilters.dll 2018-11-01 11:27:01 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll 2018-11-01 11:26:51 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll 2018-11-01 11:26:21 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll 2018-11-01 11:25:57 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe 2018-11-01 10:09:54 1027000 ----a-w- C:\WINDOWS\SysWow64\ole32.dll 2018-11-01 09:59:13 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll 2018-11-01 09:56:37 24576 ----a-w- C:\WINDOWS\SysWow64\msisip.dll 2018-11-01 09:56:03 226304 ----a-w- C:\WINDOWS\SysWow64\prnntfy.dll 2018-11-01 09:54:26 3397632 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe 2018-11-01 09:53:44 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll 2018-11-01 09:52:45 2892800 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys 2018-11-01 07:39:00 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe 2018-11-01 07:38:08 269336 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll 2018-11-01 07:37:57 272408 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll 2018-11-01 07:28:29 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe 2018-11-01 07:28:20 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe 2018-11-01 07:28:17 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll 2018-11-01 07:28:13 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe 2018-11-01 07:28:11 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys 2018-11-01 07:28:09 1062712 ----a-w- C:\WINDOWS\System32\SecConfig.efi 2018-11-01 07:27:52 491200 ----a-w- C:\WINDOWS\System32\mf.dll 2018-11-01 07:27:36 1017152 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll 2018-11-01 07:26:42 3180080 ----a-w- C:\WINDOWS\System32\d3d11.dll 2018-11-01 07:26:28 3291640 ----a-w- C:\WINDOWS\System32\combase.dll 2018-11-01 07:26:22 1363536 ----a-w- C:\WINDOWS\System32\WinTypes.dll 2018-11-01 07:26:01 7432120 ----a-w- C:\WINDOWS\System32\windows.storage.dll 2018-11-01 07:03:03 34816 ----a-w- C:\WINDOWS\System32\dusmtask.exe 2018-11-01 07:03:00 3397120 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2018-11-01 07:02:22 47104 ----a-w- C:\WINDOWS\System32\dusmapi.dll 2018-11-01 07:02:21 23552 ----a-w- C:\WINDOWS\System32\CSystemEventsBrokerClient.dll 2018-11-01 07:01:20 7057408 ----a-w- C:\WINDOWS\System32\mos.dll 2018-11-01 07:01:10 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll 2018-11-01 07:00:25 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll 2018-11-01 07:00:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe 2018-11-01 07:00:14 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll 2018-11-01 07:00:11 6031360 ----a-w- C:\WINDOWS\System32\d2d1.dll 2018-11-01 07:00:10 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll 2018-11-01 06:59:14 241152 ----a-w- C:\WINDOWS\System32\tetheringservice.dll 2018-11-01 06:59:09 107520 ----a-w- C:\WINDOWS\System32\dab.dll 2018-11-01 06:59:04 176128 ----a-w- C:\WINDOWS\System32\WPTaskScheduler.dll 2018-11-01 06:59:02 192000 ----a-w- C:\WINDOWS\System32\scrrun.dll 2018-11-01 06:59:00 322048 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe 2018-11-01 06:58:48 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll 2018-11-01 06:58:43 530432 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2018-11-01 06:58:43 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll 2018-11-01 06:58:42 149504 ----a-w- C:\WINDOWS\System32\dssvc.dll 2018-11-01 06:58:11 273408 ----a-w- C:\WINDOWS\System32\ubpm.dll 2018-11-01 06:58:10 4867072 ----a-w- C:\WINDOWS\System32\jscript9.dll 2018-11-01 06:58:03 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll 2018-11-01 06:57:53 835584 ----a-w- C:\WINDOWS\System32\PhoneService.dll 2018-11-01 06:57:47 356352 ----a-w- C:\WINDOWS\System32\dusmsvc.dll 2018-11-01 06:57:44 898560 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll 2018-11-01 06:57:42 2364928 ----a-w- C:\WINDOWS\System32\OpcServices.dll 2018-11-01 06:57:41 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll 2018-11-01 06:57:41 265728 ----a-w- C:\WINDOWS\System32\psmsrv.dll 2018-11-01 06:57:38 2825728 ----a-w- C:\WINDOWS\System32\MapGeocoder.dll 2018-11-01 06:57:27 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll 2018-11-01 06:57:19 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll 2018-11-01 06:57:16 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll 2018-11-01 06:57:14 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll 2018-11-01 06:57:04 281600 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll 2018-11-01 06:56:57 1768448 ----a-w- C:\WINDOWS\System32\audiosrv.dll 2018-11-01 06:56:53 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll 2018-11-01 06:56:33 506880 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll 2018-11-01 06:56:25 2929664 ----a-w- C:\WINDOWS\System32\xpsservices.dll 2018-11-01 06:56:19 1395200 ----a-w- C:\WINDOWS\System32\TokenBroker.dll 2018-11-01 06:55:23 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll 2018-11-01 06:55:15 684544 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll 2018-11-01 06:55:09 1058304 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe 2018-11-01 06:54:44 1225216 ----a-w- C:\WINDOWS\System32\MapsStore.dll 2018-11-01 06:54:41 916480 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.Web.Core.dll 2018-11-01 06:54:39 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll 2018-11-01 06:54:23 1023488 ----a-w- C:\WINDOWS\System32\ShareHost.dll 2018-11-01 06:54:21 1264640 ----a-w- C:\WINDOWS\System32\JpMapControl.dll 2018-11-01 06:54:13 606208 ----a-w- C:\WINDOWS\System32\updatehandlers.dll 2018-11-01 06:54:12 943616 ----a-w- C:\WINDOWS\System32\BingOnlineServices.dll 2018-11-01 06:54:11 1679360 ----a-w- C:\WINDOWS\System32\wwansvc.dll 2018-11-01 06:54:06 884736 ----a-w- C:\WINDOWS\System32\MapControlCore.dll 2018-11-01 06:54:03 895488 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll 2018-11-01 06:54:00 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll 2018-11-01 06:53:53 2248192 ----a-w- C:\WINDOWS\System32\wlidsvc.dll 2018-11-01 06:53:53 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll 2018-11-01 06:53:52 542208 ----a-w- C:\WINDOWS\System32\vbscript.dll 2018-11-01 06:53:51 1373696 ----a-w- C:\WINDOWS\System32\usocore.dll 2018-11-01 06:53:47 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll 2018-11-01 06:53:26 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe . ============= FINISH: 13:17:37.93 ===============
Is this better?
Attached Files
File Type: txt attach.txt (12.3 KB, 5 views)
ingylad99 is offline  
Old 12-08-2018, 09:08 AM   #5
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



What am I doing wrong?
ingylad99 is offline  
Old 12-08-2018, 09:14 AM   #6
Team Manager
Microsoft Support
 
Corday's Avatar
 
Join Date: Mar 2010
Location: Midlands of South Carolina
Posts: 26,072
OS: Windows10. In the past CP/M, DOS, Windows 95, 2000, 98SE, ME, Vista & Windows 7

My System


Please wait for a Security Mod to explain.
__________________

The stability of an OS is in direct proportion to the stability of the user.
Corday is offline  
Old 12-08-2018, 09:16 AM   #7
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi,thanks for the reply.I`m not being impatient,I`m trying to figure out what I did wrong with the copy and paste.Regards ingylad99
ingylad99 is offline  
Old 12-08-2018, 01:52 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

In Notepad, under the 'Format' tab, untick 'Word Wrap'. Then repost the log in your next reply.

-----------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-08-2018, 11:36 PM   #9
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi Chemist thanks for your help.Here it is again.Can the first two attempts be deleted to tidy the thread up?





DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.191.2
Run by ingylad99 at 13:16:14 on 2018-12-08
Microsoft Windows 10 Home 10.0.17134.0.1252.44.2057.18.3543.1162 [GMT 0:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\SysWOW64\CTsvcCDA.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\DbxSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe
C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
C:\Program Files\rempl\sedsvc.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
svchost.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?trackid=sp-006
uSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll
uRun: [OneDrive] "C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
uRun: [Creative MediaSource Go] "C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
uRun: [Amazon Music] C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music.exe
uRun: [Amazon Music Helper] "C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe"
uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
uRun: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: ConfirmFileDelete = dword:1
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: SoftwareSASGeneration = dword:1
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5ae57723-0e29-442a-86e3-461a23b72aa8} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{f3528235-6914-4b15-93e7-d52d3665993a} : DHCPNameServer = 192.168.1.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll
x64-BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-mPolicies-Explorer: ConfirmFileDelete = dword:1
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned>
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 127.0.0.1 www.spywareinfo.com
Hosts: 0.0.0.0 choice.microsoft.com
Hosts: 0.0.0.0 choice.microsoft.com.nstac.net
Hosts: 0.0.0.0 df.telemetry.microsoft.com
Hosts: 0.0.0.0 oca.telemetry.microsoft.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/
FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_32_0_0_101.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2013-4-4 79528]
R0 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2013-4-4 26280]
R0 aswbidsh;aswbidsh;C:\WINDOWS\System32\drivers\aswbidsha.sys [2017-3-16 201768]
R0 aswblog;aswblog;C:\WINDOWS\System32\drivers\aswbloga.sys [2017-3-16 346592]
R0 aswbuniv;aswbuniv;C:\WINDOWS\System32\drivers\aswbuniva.sys [2017-3-16 59496]
R0 aswElam;aswElam;C:\WINDOWS\System32\drivers\aswElam.sys [2018-6-25 15360]
R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-10-10 87432]
R0 aswVmm;aswVmm;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-10-10 380464]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-29 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 aswArPot;aswArPot;C:\WINDOWS\System32\drivers\aswArPot.sys [2017-11-20 201240]
R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2017-3-16 230344]
R1 aswHdsKe;aswHdsKe;C:\WINDOWS\System32\drivers\aswHdsKe.sys [2018-1-10 239840]
R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2018-11-1 42288]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2015-10-10 1028680]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-10-10 469272]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2013-4-8 91712]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 255472]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-4 351944]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-10-10 163208]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-10-10 208472]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-12-6 324000]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_44504;CDPUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-7-29 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2013-3-11 74712]
R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2013-3-11 316376]
R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2018-11-28 51024]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-10-3 6347056]
R2 OneSyncSvc_44504;OneSyncSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-11 51288]
R2 PlexUpdateService;Plex Update Service;C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2018-7-18 2232296]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-4-8 386344]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-12-12 3892256]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-12-12 3943664]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-11-17 233712]
R2 SecurityHealthService;Windows Defender Security Centre Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-29 760888]
R2 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2018-12-2 326336]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_44504;WpnUserService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-12-6 8188768]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-8-31 102912]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-12-8 260480]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160]
R3 RtlWlanu_OldIC;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [2018-4-11 3814400]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2013-4-4 57000]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-11-21 40720]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-10-10 46384]
S3 AvastWscReporter;AvastWscReporter;C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-12-6 57504]
S3 BcastDVRUserService_44504;BcastDVRUserService_44504;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_44504;BluetoothUserService_44504;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144]
S3 DevicePickerUserSvc_44504;DevicePickerUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_44504;DevicesFlowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GoogleChromeElevationService;Google Chrome Elevation Service;C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [2018-12-4 375776]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_44504;MessagingService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PimIndexMaintenanceSvc_44504;PimIndexMaintenanceSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_44504;PrintWorkflowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-29 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-29 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-7-29 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-7-29 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-29 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-7-29 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UnistoreSvc_44504;UnistoreSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 UserDataSvc_44504;UserDataSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-13 36352]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-13 787456]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-13 228864]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-29 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
S4 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: soffice.StarWriterDocument.6="C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" -o "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2018-12-08 12:56:36 260480 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-12-08 09:52:59 -------- d-----w- C:\Users\ingylad99\AppData\Local\ESET
2018-12-06 07:38:06 5213184 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
2018-11-28 13:09:04 51024 ----a-w- C:\WINDOWS\System32\DbxSvc.exe
2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys
2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys
2018-11-28 13:09:04 45752 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys
2018-11-13 20:16:52 835688 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-11-13 20:16:52 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-11-13 18:54:18 7520088 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-11-13 18:54:18 6570368 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-11-13 18:54:15 25855488 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-11-13 18:54:13 23861760 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-11-13 18:54:06 4527776 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-11-13 18:54:03 22015488 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-11-13 18:54:01 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll
2018-11-13 18:54:00 9089848 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
.
==================== Find3M ====================
.
2018-12-08 12:51:36 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2018-12-06 18:56:43 239840 ----a-w- C:\WINDOWS\System32\drivers\aswHdsKe.sys
2018-11-01 11:49:26 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-11-01 11:45:20 1376672 ----a-w- C:\WINDOWS\System32\ole32.dll
2018-11-01 11:45:04 1617320 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2018-11-01 11:32:09 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-11-01 11:31:51 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-11-01 11:30:26 122368 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll
2018-11-01 11:30:15 29696 ----a-w- C:\WINDOWS\System32\msisip.dll
2018-11-01 11:29:05 73728 ----a-w- C:\WINDOWS\System32\SMSRouter.dll
2018-11-01 11:28:55 253952 ----a-w- C:\WINDOWS\System32\prnntfy.dll
2018-11-01 11:28:25 4491264 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-11-01 11:28:09 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-11-01 11:27:22 878592 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-11-01 11:27:01 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-11-01 11:26:51 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-11-01 11:26:21 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-11-01 11:25:57 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-11-01 10:09:54 1027000 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2018-11-01 09:59:13 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-11-01 09:56:37 24576 ----a-w- C:\WINDOWS\SysWow64\msisip.dll
2018-11-01 09:56:03 226304 ----a-w- C:\WINDOWS\SysWow64\prnntfy.dll
2018-11-01 09:54:26 3397632 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-11-01 09:53:44 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-11-01 09:52:45 2892800 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-11-01 07:39:00 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-11-01 07:38:08 269336 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-11-01 07:37:57 272408 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-11-01 07:28:29 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-11-01 07:28:20 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-11-01 07:28:17 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-11-01 07:28:13 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-11-01 07:28:11 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-11-01 07:28:09 1062712 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-11-01 07:27:52 491200 ----a-w- C:\WINDOWS\System32\mf.dll
2018-11-01 07:27:36 1017152 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll
2018-11-01 07:26:42 3180080 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-11-01 07:26:28 3291640 ----a-w- C:\WINDOWS\System32\combase.dll
2018-11-01 07:26:22 1363536 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2018-11-01 07:26:01 7432120 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-11-01 07:03:03 34816 ----a-w- C:\WINDOWS\System32\dusmtask.exe
2018-11-01 07:03:00 3397120 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-11-01 07:02:22 47104 ----a-w- C:\WINDOWS\System32\dusmapi.dll
2018-11-01 07:02:21 23552 ----a-w- C:\WINDOWS\System32\CSystemEventsBrokerClient.dll
2018-11-01 07:01:20 7057408 ----a-w- C:\WINDOWS\System32\mos.dll
2018-11-01 07:01:10 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2018-11-01 07:00:25 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-11-01 07:00:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
2018-11-01 07:00:14 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-11-01 07:00:11 6031360 ----a-w- C:\WINDOWS\System32\d2d1.dll
2018-11-01 07:00:10 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-11-01 06:59:14 241152 ----a-w- C:\WINDOWS\System32\tetheringservice.dll
2018-11-01 06:59:09 107520 ----a-w- C:\WINDOWS\System32\dab.dll
2018-11-01 06:59:04 176128 ----a-w- C:\WINDOWS\System32\WPTaskScheduler.dll
2018-11-01 06:59:02 192000 ----a-w- C:\WINDOWS\System32\scrrun.dll
2018-11-01 06:59:00 322048 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe
2018-11-01 06:58:48 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-11-01 06:58:43 530432 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2018-11-01 06:58:43 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-11-01 06:58:42 149504 ----a-w- C:\WINDOWS\System32\dssvc.dll
2018-11-01 06:58:11 273408 ----a-w- C:\WINDOWS\System32\ubpm.dll
2018-11-01 06:58:10 4867072 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-11-01 06:58:03 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-11-01 06:57:53 835584 ----a-w- C:\WINDOWS\System32\PhoneService.dll
2018-11-01 06:57:47 356352 ----a-w- C:\WINDOWS\System32\dusmsvc.dll
2018-11-01 06:57:44 898560 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll
2018-11-01 06:57:42 2364928 ----a-w- C:\WINDOWS\System32\OpcServices.dll
2018-11-01 06:57:41 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll
2018-11-01 06:57:41 265728 ----a-w- C:\WINDOWS\System32\psmsrv.dll
2018-11-01 06:57:38 2825728 ----a-w- C:\WINDOWS\System32\MapGeocoder.dll
2018-11-01 06:57:27 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-11-01 06:57:19 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-11-01 06:57:16 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-11-01 06:57:14 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-11-01 06:57:04 281600 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll
2018-11-01 06:56:57 1768448 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2018-11-01 06:56:53 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-11-01 06:56:33 506880 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll
2018-11-01 06:56:25 2929664 ----a-w- C:\WINDOWS\System32\xpsservices.dll
2018-11-01 06:56:19 1395200 ----a-w- C:\WINDOWS\System32\TokenBroker.dll
2018-11-01 06:55:23 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-11-01 06:55:15 684544 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll
2018-11-01 06:55:09 1058304 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe
2018-11-01 06:54:44 1225216 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2018-11-01 06:54:41 916480 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.Web.Core.dll
2018-11-01 06:54:39 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-11-01 06:54:23 1023488 ----a-w- C:\WINDOWS\System32\ShareHost.dll
2018-11-01 06:54:21 1264640 ----a-w- C:\WINDOWS\System32\JpMapControl.dll
2018-11-01 06:54:13 606208 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-11-01 06:54:12 943616 ----a-w- C:\WINDOWS\System32\BingOnlineServices.dll
2018-11-01 06:54:11 1679360 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2018-11-01 06:54:06 884736 ----a-w- C:\WINDOWS\System32\MapControlCore.dll
2018-11-01 06:54:03 895488 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll
2018-11-01 06:54:00 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll
2018-11-01 06:53:53 2248192 ----a-w- C:\WINDOWS\System32\wlidsvc.dll
2018-11-01 06:53:53 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2018-11-01 06:53:52 542208 ----a-w- C:\WINDOWS\System32\vbscript.dll
2018-11-01 06:53:51 1373696 ----a-w- C:\WINDOWS\System32\usocore.dll
2018-11-01 06:53:47 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2018-11-01 06:53:26 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe
.
============= FINISH: 13:17:37.93 ===============
Attached Files
File Type: txt attach.txt (12.3 KB, 4 views)
ingylad99 is offline  
Old 12-09-2018, 06:01 PM   #10
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello ingylad99. Thanks.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan Now
  • Once the Scan is done, select Clean & Repair
  • When prompted, select Clean & Restart Now
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\Logs\AdwCleaner[C0#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-09-2018, 09:21 PM   #11
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi Chemist,here`s the scan results


# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-12-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-10-2018
# Duration: 00:00:32
# OS: Windows 10 Home
# Cleaned: 42
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\ingylad99\AppData\Local\avg web tuneup
Deleted C:\Users\ingylad99\AppData\LocalLow\avg web tuneup
Deleted C:\Users\ingylad99\Downloads\MPC
Deleted C:\Users\ingylad99\AppData\Roaming\DesktopIconForAmazon
Deleted C:\Users\ingylad99\AppData\Roaming\DownLite
Deleted C:\ProgramData\AdTrustMedia
Deleted C:\Users\ingylad99\AppData\Local\AdTrustMedia
Deleted C:\Users\ingylad99\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{5E430C0F-FAD2-44C5-8A54-06BE9137D41B}
Deleted HKLM\Software\Classes\TypeLib\{5E430C0F-FAD2-44C5-8A54-06BE9137D41B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|NTRedirect
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-119260231-2051200503-1535011724-1002\Software\Ciuvo
Deleted HKCU\Software\Ciuvo
Deleted HKLM\Software\Wow6432Node\AVG Security Toolbar
Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90E4CD0C-426F-4207-805B-7885AB32D43F}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE9BEC8-4723-4347-AFC6-25EE3326BA5B}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Ask Jeeves

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5594 octets] - [10/12/2018 04:39:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by ingylad99 (administrator) on PES-ONE (10-12-2018 04:52:34)
Running from C:\Users\ingylad99\Downloads
Loaded Profiles: ingylad99 (Available Profiles: ingylad99 & Administrator)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTSVCCDA.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Amazon Services LLC) C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-06] (AVAST Software)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492248 2012-12-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3806016 2018-11-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Creative MediaSource Go] => C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [143360 2005-12-12] (Creative Technology Ltd)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Amazon Music] => C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music.exe [19715000 2018-11-29] (Amazon Services LLC)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Amazon Music Helper] => C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe [3062712 2018-11-29] (Amazon Services LLC)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [18398696 2018-07-18] (Plex, Inc.)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5ae57723-0e29-442a-86e3-461a23b72aa8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f3528235-6914-4b15-93e7-d52d3665993a}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://ww.safetab.org/textresults.php?q={searchTerms}&full=1
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-119260231-2051200503-1535011724-1002 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://ww.safetab.org/textresults.php?q={searchTerms}&full=1
SearchScopes: HKU\S-1-5-21-119260231-2051200503-1535011724-1002 -> {ACF325CF-7A15-42B3-AD14-BDC177DFC4BE} URL = hxxps://uk.search.yahoo.com/search?fr=sp_tr_ie&ei=utf-8&ilc=12&type=711278&p={searchTerms}
SearchScopes: HKU\S-1-5-21-119260231-2051200503-1535011724-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22] (Oracle Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22] (Oracle Corporation)
BHO-x32: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22] (Oracle Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859 [2018-12-10]
FF Homepage: Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859 -> hxxps://www.google.co.uk/
FF Extension: (Disconnect) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-05-26]
FF Extension: (burlesco) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-12-04]
FF Extension: (Worldwide Radio) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-11-08]
FF Extension: (Avast Online Security) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-12-06]
FF Extension: (No Name) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{0f924709-f8c5-4c78-bfd6-458bd584aff3}.xpi [2018-04-15]
FF Extension: (HackBar) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{4c98c9c7-fc13-4622-b08a-a18923469c1c}.xpi [2018-10-27]
FF Extension: (Native Dark) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{cdb8acd8-90c1-456d-add2-608ceeeb15bc}.xpi [2018-05-26]
FF Extension: (Adblock Plus) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-03]
FF Plugin: @Adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @Java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-22] (Oracle Corporation)
FF Plugin: @Java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-22] (Oracle Corporation)
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @Java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-22] (Oracle Corporation)
FF Plugin-x32: @Java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @Videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default [2018-12-08]
CHR Extension: (Slides) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-06]
CHR Extension: (Docs) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-06]
CHR Extension: (Google Drive) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google Search) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-06]
CHR Extension: (Sheets) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-06]
CHR Extension: (Avira Browser Safety) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-06-06]
CHR Extension: (Google Docs Offline) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-12]
CHR Extension: (Avast Online Security) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-06-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-06]
CHR Extension: (Gmail) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-06]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

Opera:
=======
OPR Extension: (Ghostery Privacy Ad Blocker) - C:\Users\ingylad99\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2018-04-21]
OPR Extension: (SurfEasy VPN - Security, Privacy, Unblock) - C:\Users\ingylad99\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2018-05-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-06] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-12-06] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\SysWOW64\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-20] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-28] (Dropbox, Inc.)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [375776 2018-11-30] (Google Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2232296 2018-07-18] (Plex, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-11-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201240 2018-12-06] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230344 2018-12-06] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201768 2018-12-06] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346592 2018-12-06] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59496 2018-12-06] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-25] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239840 2018-12-06] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46384 2018-12-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2018-12-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163208 2018-12-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111800 2018-12-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87432 2018-12-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028680 2018-12-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469272 2018-12-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208472 2018-12-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380464 2018-12-06] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-08-31] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-12-10] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-10 04:52 - 2018-12-10 04:53 - 000022748 _____ C:\Users\ingylad99\Downloads\FRST.txt
2018-12-10 04:52 - 2018-12-10 04:52 - 000000000 ____D C:\FRST
2018-12-10 04:41 - 2018-12-10 04:41 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-12-10 04:37 - 2018-12-10 04:39 - 000000000 ____D C:\AdwCleaner
2018-12-10 04:35 - 2018-12-10 04:35 - 002417152 _____ (Farbar) C:\Users\ingylad99\Downloads\FRST64.exe
2018-12-10 04:34 - 2018-12-10 04:34 - 007592144 _____ (Malwarebytes) C:\Users\ingylad99\Downloads\AdwCleaner.exe
2018-12-08 13:36 - 2018-12-08 13:36 - 000882680 _____ (Plumbytes Software Lp) C:\Users\ingylad99\Downloads\antimalwaresetup.exe
2018-12-08 13:17 - 2018-12-08 13:17 - 000045246 _____ C:\Users\ingylad99\Desktop\dds.txt
2018-12-08 13:17 - 2018-12-08 13:17 - 000012601 _____ C:\Users\ingylad99\Desktop\attach.txt
2018-12-08 09:52 - 2018-12-08 09:52 - 006981240 _____ (ESET spol. s r.o.) C:\Users\ingylad99\Downloads\esetonlinescanner_enu.exe
2018-12-08 09:52 - 2018-12-08 09:52 - 000000000 ____D C:\Users\ingylad99\AppData\Local\ESET
2018-12-08 09:40 - 2018-12-08 09:40 - 000688992 ____R (Swearware) C:\Users\ingylad99\Downloads\dds.scr
2018-12-08 09:08 - 2018-12-06 21:20 - 000456601 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20181208-090841.backup
2018-12-07 19:43 - 2018-12-07 19:43 - 018177128 _____ (Piriform Software Ltd) C:\Users\ingylad99\Downloads\ccsetup550.exe
2018-12-06 18:54 - 2018-12-06 18:54 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-12-06 07:38 - 2018-12-06 07:38 - 005213184 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-11-29 20:29 - 2018-11-29 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-28 13:09 - 2018-11-28 13:09 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-11-28 13:09 - 2018-11-28 13:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-11-28 13:09 - 2018-11-28 13:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-11-28 13:09 - 2018-11-28 13:09 - 000045752 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-11-13 20:16 - 2018-12-01 04:01 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-13 20:16 - 2018-12-01 04:01 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-13 18:54 - 2018-11-01 11:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-13 18:54 - 2018-11-01 09:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-13 18:54 - 2018-11-01 09:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-13 18:54 - 2018-11-01 07:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-13 18:54 - 2018-11-01 07:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-13 18:54 - 2018-11-01 07:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-13 18:54 - 2018-11-01 07:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-13 18:54 - 2018-11-01 04:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-13 18:54 - 2018-11-01 04:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-13 18:54 - 2018-10-21 13:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-13 18:53 - 2018-11-01 11:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-13 18:53 - 2018-11-01 11:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-13 18:53 - 2018-11-01 11:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-13 18:53 - 2018-11-01 11:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-13 18:53 - 2018-11-01 11:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-13 18:53 - 2018-11-01 11:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-13 18:53 - 2018-11-01 11:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-13 18:53 - 2018-11-01 11:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-13 18:53 - 2018-11-01 11:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-13 18:53 - 2018-11-01 11:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-13 18:53 - 2018-11-01 11:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-13 18:53 - 2018-11-01 11:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-13 18:53 - 2018-11-01 11:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-13 18:53 - 2018-11-01 11:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-13 18:53 - 2018-11-01 11:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-13 18:53 - 2018-11-01 11:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-13 18:53 - 2018-11-01 11:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-13 18:53 - 2018-11-01 11:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-13 18:53 - 2018-11-01 11:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-13 18:53 - 2018-11-01 10:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-13 18:53 - 2018-11-01 09:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-13 18:53 - 2018-11-01 09:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-13 18:53 - 2018-11-01 09:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-13 18:53 - 2018-11-01 09:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-13 18:53 - 2018-11-01 09:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-13 18:53 - 2018-11-01 09:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-13 18:53 - 2018-11-01 09:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-13 18:53 - 2018-11-01 09:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-13 18:53 - 2018-11-01 07:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-13 18:53 - 2018-11-01 07:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-13 18:53 - 2018-11-01 07:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-13 18:53 - 2018-11-01 07:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-13 18:53 - 2018-11-01 07:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-13 18:53 - 2018-11-01 07:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-13 18:53 - 2018-11-01 07:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-13 18:53 - 2018-11-01 07:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-13 18:53 - 2018-11-01 07:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-13 18:53 - 2018-11-01 07:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-13 18:53 - 2018-11-01 07:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-13 18:53 - 2018-11-01 07:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-13 18:53 - 2018-11-01 07:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-13 18:53 - 2018-11-01 07:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-13 18:53 - 2018-11-01 07:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-13 18:53 - 2018-11-01 07:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-13 18:53 - 2018-11-01 07:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-13 18:53 - 2018-11-01 07:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-13 18:53 - 2018-11-01 07:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-13 18:53 - 2018-11-01 07:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-13 18:53 - 2018-11-01 07:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-13 18:53 - 2018-11-01 07:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-13 18:53 - 2018-11-01 07:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-13 18:53 - 2018-11-01 06:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-13 18:53 - 2018-11-01 06:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-13 18:53 - 2018-11-01 06:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-13 18:53 - 2018-11-01 06:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-13 18:53 - 2018-11-01 05:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-13 18:53 - 2018-11-01 05:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-13 18:53 - 2018-11-01 04:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-13 18:53 - 2018-11-01 04:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-13 18:53 - 2018-11-01 04:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-13 18:53 - 2018-11-01 04:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-13 18:53 - 2018-11-01 04:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-13 18:53 - 2018-11-01 04:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-13 18:53 - 2018-11-01 04:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-13 18:53 - 2018-11-01 04:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-13 18:53 - 2018-11-01 04:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-13 18:53 - 2018-11-01 04:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-13 18:53 - 2018-11-01 04:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-13 18:53 - 2018-11-01 04:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-13 18:53 - 2018-11-01 04:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-13 18:53 - 2018-11-01 04:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-13 18:53 - 2018-11-01 04:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-13 18:53 - 2018-11-01 04:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-13 18:53 - 2018-10-21 13:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-13 18:53 - 2018-10-21 13:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-13 18:53 - 2018-10-21 13:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-13 18:53 - 2018-10-21 13:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-13 18:53 - 2018-10-21 12:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-13 18:53 - 2018-10-21 12:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-13 18:53 - 2018-10-21 12:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-13 18:53 - 2018-10-21 12:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-13 18:53 - 2018-10-21 12:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-13 18:53 - 2018-10-21 12:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-13 18:53 - 2018-10-21 12:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-13 18:53 - 2018-10-21 12:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-13 18:53 - 2018-10-21 12:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-13 18:53 - 2018-10-21 12:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-13 18:53 - 2018-10-21 12:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-13 18:53 - 2018-10-21 11:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-13 18:53 - 2018-10-21 11:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-13 18:53 - 2018-10-21 11:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-13 18:53 - 2018-10-21 11:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-13 18:53 - 2018-10-21 11:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-13 18:53 - 2018-10-21 11:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-13 18:53 - 2018-10-21 11:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-13 18:53 - 2018-10-21 11:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-13 18:53 - 2018-10-21 11:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-13 18:53 - 2018-10-21 11:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-13 18:53 - 2018-10-21 11:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-13 18:53 - 2018-10-21 11:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-13 18:53 - 2018-10-21 09:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-13 18:53 - 2018-10-21 08:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-13 18:53 - 2018-10-21 07:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-13 18:53 - 2018-10-21 07:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-13 18:53 - 2018-10-21 07:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-13 18:53 - 2018-10-21 07:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-13 18:53 - 2018-10-21 07:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-13 18:53 - 2018-10-21 07:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-13 18:53 - 2018-10-21 07:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-13 18:53 - 2018-10-21 07:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-13 18:53 - 2018-10-21 07:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-13 18:53 - 2018-10-21 07:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-13 18:53 - 2018-10-21 07:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-13 18:53 - 2018-10-21 07:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-13 18:53 - 2018-10-21 07:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-13 18:53 - 2018-10-21 07:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-13 18:53 - 2018-10-21 07:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-13 18:53 - 2018-10-21 07:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-13 18:53 - 2018-10-21 07:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-13 18:53 - 2018-10-21 07:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-13 18:53 - 2018-10-21 07:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-13 18:53 - 2018-10-21 07:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-13 18:53 - 2018-10-21 07:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-13 18:53 - 2018-10-21 07:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-13 18:53 - 2018-10-21 07:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-13 18:53 - 2018-10-21 07:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-13 18:53 - 2018-10-21 07:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-13 18:53 - 2018-10-21 07:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-13 18:53 - 2018-10-21 07:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-13 18:53 - 2018-10-21 07:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-13 18:53 - 2018-10-21 07:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-13 18:53 - 2018-10-21 07:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-13 18:53 - 2018-10-21 06:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-13 18:53 - 2018-10-21 06:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-13 18:53 - 2018-10-21 06:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-13 18:53 - 2018-10-21 06:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-13 18:53 - 2018-10-21 06:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-13 18:53 - 2018-10-21 05:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-13 18:53 - 2018-10-21 05:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-13 18:53 - 2018-04-28 04:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-10 04:54 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-10 04:49 - 2018-07-29 01:38 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{263E05ED-969C-443B-B796-5A18B545BA3A}
2018-12-10 04:46 - 2016-06-20 17:54 - 000000000 ___RD C:\Users\ingylad99\Dropbox
2018-12-10 04:41 - 2018-07-29 01:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-10 04:41 - 2016-06-20 17:49 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-12-10 04:41 - 2016-06-20 17:49 - 000000926 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-12-10 04:41 - 2015-12-12 10:47 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-12-10 04:40 - 2018-04-11 21:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-12-10 04:40 - 2015-07-30 17:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-12-10 04:37 - 2016-11-17 19:37 - 000000000 ____D C:\Users\ingylad99\AppData\LocalLow\Mozilla
2018-12-09 22:12 - 2018-07-29 01:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-09 17:56 - 2018-07-29 01:38 - 000003762 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-09 17:56 - 2018-07-29 01:38 - 000003750 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-09 17:56 - 2018-07-29 01:38 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-12-09 17:56 - 2018-07-29 01:38 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-12-09 17:56 - 2018-07-29 01:38 - 000003444 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-12-09 17:56 - 2018-07-29 01:38 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-09 17:56 - 2018-07-29 01:38 - 000003290 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1503225450
2018-12-09 17:56 - 2018-07-29 01:38 - 000003220 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-12-09 17:56 - 2018-07-29 01:38 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-09 17:56 - 2018-07-29 01:38 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-09 17:56 - 2018-07-29 01:38 - 000002878 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119260231-2051200503-1535011724-1002
2018-12-09 17:56 - 2018-07-29 01:38 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-119260231-2051200503-1535011724-1002
2018-12-09 17:56 - 2018-07-29 01:38 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-119260231-2051200503-1535011724-500
2018-12-09 17:56 - 2018-07-29 01:38 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-pes-one-ingylad99
2018-12-09 17:56 - 2018-07-29 01:38 - 000002764 _____ C:\WINDOWS\System32\Tasks\[email protected]
2018-12-09 17:56 - 2018-07-29 01:38 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119260231-2051200503-1535011724-500
2018-12-09 17:56 - 2018-07-29 01:38 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-09 17:56 - 2018-07-29 01:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-12-09 08:19 - 2018-07-29 01:11 - 000000000 ____D C:\Users\ingylad99
2018-12-09 08:03 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-09 07:26 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-08 12:59 - 2016-11-22 22:15 - 000000000 ____D C:\Users\ingylad99\AppData\Local\Amazon Music
2018-12-08 12:50 - 2013-12-28 17:38 - 000000000 ____D C:\ProgramData\Adobe
2018-12-08 12:49 - 2013-11-03 18:08 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-12-08 12:48 - 2013-12-28 17:45 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-12-08 12:19 - 2013-08-16 16:00 - 000000000 ____D C:\Users\ingylad99\Downloads\PROGS
2018-12-08 09:20 - 2017-12-29 18:24 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-08 04:46 - 2018-04-11 23:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-07 21:08 - 2018-07-12 01:05 - 000000000 ____D C:\Program Files\rempl
2018-12-07 19:47 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-06 21:26 - 2016-11-22 22:15 - 000001320 _____ C:\Users\ingylad99\Desktop\Amazon Music.lnk
2018-12-06 21:14 - 2015-04-13 19:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-06 18:56 - 2018-07-29 01:38 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-12-06 18:56 - 2018-01-10 23:46 - 000239840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-12-06 18:55 - 2018-05-14 18:13 - 000000000 ____D C:\Users\ingylad99\AppData\Local\AVAST Software
2018-12-06 18:54 - 2018-11-01 20:09 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-12-06 18:54 - 2018-04-11 23:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-06 18:54 - 2017-11-20 02:49 - 000201240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000346592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000230344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000201768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000059496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 001028680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000469272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000380464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000208472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000163208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000111800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000087432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000046384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-12-06 14:17 - 2017-12-06 23:04 - 000000000 ____D C:\Users\ingylad99\AppData\Local\Packages
2018-12-06 07:38 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-06 07:38 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-05 21:41 - 2018-04-11 23:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-04 23:14 - 2015-04-13 18:12 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-04 23:14 - 2015-04-13 18:12 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-29 20:30 - 2016-06-20 17:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-29 20:10 - 2018-07-29 01:11 - 000002416 _____ C:\Users\ingylad99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-29 20:10 - 2015-07-30 18:57 - 000000000 ___RD C:\Users\ingylad99\OneDrive
2018-11-17 12:13 - 2016-10-22 09:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-17 12:13 - 2015-04-13 19:17 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-17 11:21 - 2015-12-12 10:48 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-11-17 11:21 - 2015-12-12 10:48 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-11-17 11:21 - 2015-12-12 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-11-17 11:21 - 2015-12-12 10:47 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-11-17 10:49 - 2018-10-27 15:40 - 000000000 ____D C:\Users\ingylad99\AppData\Local\CrashDumps
2018-11-17 10:47 - 2017-12-29 18:24 - 000000000 ____D C:\Program Files\CCleaner
2018-11-15 19:22 - 2015-11-05 18:05 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-13 20:22 - 2018-07-29 01:26 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-13 20:18 - 2015-09-16 03:28 - 000000000 ___RD C:\Users\ingylad99\3D Objects
2018-11-13 20:18 - 2013-07-10 06:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-13 20:16 - 2018-07-29 01:06 - 004883320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-13 20:14 - 2018-07-29 01:11 - 000000000 ____D C:\Users\Administrator
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-13 19:15 - 2013-08-15 21:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-13 19:11 - 2013-01-07 17:56 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-12 18:37 - 2016-11-13 17:45 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump

==================== Files in the root of some directories =======

2014-04-01 15:15 - 2014-04-01 15:15 - 000000747 _____ () C:\Users\ingylad99\AppData\Local\recently-used.xbel
2013-10-16 21:22 - 2015-04-03 18:34 - 000007605 _____ () C:\Users\ingylad99\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-29 01:06

==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition_10-12-2018 04.58.38.txt (62.2 KB, 3 views)
ingylad99 is offline  
Old 12-10-2018, 03:40 AM   #12
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello ingylad99. It appears you are using pirated copy or copies of Adobe products, which you should have read about in our First Steps link.

https://www.techsupportforum.com/sec...oval-help.html

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-10-2018, 10:56 AM   #13
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi Chemist,yes I was using a copy of photoshop I got from a friend but as requested in the first steps page it was deleted.Thanks anyway for the time and effort you have put in up to this point.Kind regards ingylad99.
ingylad99 is offline  
Old 12-10-2018, 06:12 PM   #14
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, ingylad99. That's fine. We can proceed.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.

https://windows.microsoft.com/en-us/w...-up-your-files

------------------------------------------------------

We need to manually remove an extension in Google Chrome. Open Chrome.

Copy/paste the following bolded text into your Chrome browser address bar and press Enter:

chrome://extensions

Click Remove in the Avira Browser Safety extension box.

When the confirmation dialog appears, click Remove again. Exit Chrome.

------------------------------------------------------
  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST64.exe

    NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.


    Code:
    start
    createrestorepoint:
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
    ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
    ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    Task: {11E9D0DD-A964-4F41-A459-DA4B6FDB3CAE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {1821670F-C38E-4674-81E5-BD11FC58F0F7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {1EE9061B-435D-4795-97A3-F40AE261AD0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {2B2D8349-B350-4F06-8BF7-D6F6E19D6795} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {39906B88-2E8D-46F3-835F-F6FEBB1CFE79} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {3DFFA1C0-81AB-49DD-AB1F-B5E750452223} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {6D666008-CCD1-4D8B-842B-01D9C211A3EC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {71220FF2-CE64-47E0-9EAD-5A8DF75DB05B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {80D2A414-2C20-4245-B21E-DCCD087F8096} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {8762DF2A-A01A-4777-AF63-A0D44D5D1AB8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {8F0AD8C0-5E9B-4609-B86F-C2C15418446B} - \WPD\SqmUpload_S-1-5-21-119260231-2051200503-1535011724-1002 -> No File <==== ATTENTION
    Task: {AC196F75-92C5-4CD5-84F1-590D5111A85D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    FirewallRules: [{2636A999-FC7D-42AD-B731-580183D1D760}] => (Allow) C:\Users\ingylad99\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{7EDD969E-B297-4B68-902D-F4519133E35D}] => (Allow) C:\Users\ingylad99\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{2636A999-FC7D-42AD-B731-580183D1D760}] => (Allow) C:\Users\ingylad99\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{7EDD969E-B297-4B68-902D-F4519133E35D}] => (Allow) C:\Users\ingylad99\AppData\Roaming\uTorrent\uTorrent.exe
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://ww.safetab.org/textresults.php?q={searchTerms}&full=1
    SearchScopes: HKU\S-1-5-21-119260231-2051200503-1535011724-1002 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://ww.safetab.org/textresults.php?q={searchTerms}&full=1
    BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    BHO-x32: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
    BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
    Reg: reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 /v "vProt" /f
    EmptyTemp:
    end
  • Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-10-2018, 09:16 PM   #15
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi Chemist,thanks for the continued support,unfortunately I assumed you were no longer prepared to give help so thinking I had nothing to lose I had a mess with making a fixlist
Typing in the above ,chrome comes back with"aw snap,something went wrong". Should I do another scan or have I screwed up the plan of action?
ingylad99 is offline  
Old 12-10-2018, 09:43 PM   #16
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



I`ve done another scan just in case,here`s the results.I have to get to work. Apologies for being such a pain.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by ingylad99 (administrator) on PES-ONE (11-12-2018 05:21:53)
Running from C:\Users\ingylad99\Desktop
Loaded Profiles: ingylad99 (Available Profiles: ingylad99 & Administrator)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: https://www.geekstogo.com/forum/topi...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTSVCCDA.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe
(Amazon Services LLC) C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-06] (AVAST Software)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-05] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492248 2012-12-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3806016 2018-11-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Creative MediaSource Go] => C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [143360 2005-12-12] (Creative Technology Ltd)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Amazon Music] => C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music.exe [19715000 2018-11-29] (Amazon Services LLC)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Amazon Music Helper] => C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe [3062712 2018-11-29] (Amazon Services LLC)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [18398696 2018-07-18] (Plex, Inc.)
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5ae57723-0e29-442a-86e3-461a23b72aa8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f3528235-6914-4b15-93e7-d52d3665993a}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-119260231-2051200503-1535011724-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://ww.safetab.org/textresults.php?q={searchTerms}&full=1
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-119260231-2051200503-1535011724-1002 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://ww.safetab.org/textresults.php?q={searchTerms}&full=1
SearchScopes: HKU\S-1-5-21-119260231-2051200503-1535011724-1002 -> {ACF325CF-7A15-42B3-AD14-BDC177DFC4BE} URL = hxxps://uk.search.yahoo.com/search?fr=sp_tr_ie&ei=utf-8&ilc=12&type=711278&p={searchTerms}
SearchScopes: HKU\S-1-5-21-119260231-2051200503-1535011724-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22] (Oracle Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22] (Oracle Corporation)
BHO-x32: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-22] (Oracle Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-22] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859 [2018-12-11]
FF Homepage: Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859 -> hxxps://www.google.co.uk/
FF Extension: (Disconnect) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-05-26]
FF Extension: (burlesco) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-12-04]
FF Extension: (Worldwide Radio) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-11-08]
FF Extension: (Avast Online Security) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\[email protected] [2018-12-06]
FF Extension: (No Name) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{0f924709-f8c5-4c78-bfd6-458bd584aff3}.xpi [2018-04-15]
FF Extension: (HackBar) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{4c98c9c7-fc13-4622-b08a-a18923469c1c}.xpi [2018-10-27]
FF Extension: (Native Dark) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{cdb8acd8-90c1-456d-add2-608ceeeb15bc}.xpi [2018-05-26]
FF Extension: (Adblock Plus) - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-03]
FF Plugin: @Adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @Java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-22] (Oracle Corporation)
FF Plugin: @Java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-22] (Oracle Corporation)
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @Java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-22] (Oracle Corporation)
FF Plugin-x32: @Java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @Videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default [2018-12-11]
CHR Extension: (Slides) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-11]
CHR Extension: (Docs) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-11]
CHR Extension: (Google Drive) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Google Search) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-11]
CHR Extension: (Sheets) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-11]
CHR Extension: (Avira Browser Safety) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-12-11]
CHR Extension: (Google Docs Offline) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-11]
CHR Extension: (Avast Online Security) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-12-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-11]
CHR Extension: (Gmail) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\ingylad99\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

Opera:
=======
OPR Extension: (Ghostery Privacy Ad Blocker) - C:\Users\ingylad99\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2018-04-21]
OPR Extension: (SurfEasy VPN - Security, Privacy, Unblock) - C:\Users\ingylad99\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2018-05-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-06] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-12-06] (AVAST Software)
R2 Creative Service for CDROM Access; C:\WINDOWS\SysWOW64\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-20] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-28] (Dropbox, Inc.)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [375776 2018-11-30] (Google Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2232296 2018-07-18] (Plex, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-11-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201240 2018-12-06] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230344 2018-12-06] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201768 2018-12-06] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346592 2018-12-06] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59496 2018-12-06] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-25] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239840 2018-12-06] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46384 2018-12-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2018-12-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163208 2018-12-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111800 2018-12-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87432 2018-12-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028680 2018-12-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469272 2018-12-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208472 2018-12-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380464 2018-12-06] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-08-31] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-12-10] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-11 05:21 - 2018-12-11 05:22 - 000022726 _____ C:\Users\ingylad99\Desktop\FRST.txt
2018-12-10 22:31 - 2018-12-10 22:31 - 000602112 _____ (OldTimer Tools) C:\Users\ingylad99\Downloads\OTL.exe
2018-12-10 21:42 - 2018-12-10 21:42 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-12-10 21:26 - 2018-12-10 21:41 - 000004125 _____ C:\Users\ingylad99\Desktop\Fixlog.txt
2018-12-10 19:05 - 2018-12-10 19:05 - 000071966 _____ C:\Users\ingylad99\Desktop\FRST_10-12-2018 19.05.24.txt
2018-12-10 19:05 - 2018-12-10 19:05 - 000065799 _____ C:\Users\ingylad99\Desktop\Addition_10-12-2018 19.05.24.txt
2018-12-10 04:54 - 2018-12-10 19:05 - 000065799 _____ C:\Users\ingylad99\Downloads\Addition.txt
2018-12-10 04:52 - 2018-12-11 05:21 - 000000000 ____D C:\FRST
2018-12-10 04:52 - 2018-12-10 19:05 - 000071966 _____ C:\Users\ingylad99\Downloads\FRST.txt
2018-12-10 04:37 - 2018-12-10 04:39 - 000000000 ____D C:\AdwCleaner
2018-12-10 04:35 - 2018-12-10 04:35 - 002417152 _____ (Farbar) C:\Users\ingylad99\Desktop\FRST64.exe
2018-12-10 04:34 - 2018-12-10 04:34 - 007592144 _____ (Malwarebytes) C:\Users\ingylad99\Downloads\AdwCleaner.exe
2018-12-08 13:36 - 2018-12-08 13:36 - 000882680 _____ (Plumbytes Software Lp) C:\Users\ingylad99\Downloads\antimalwaresetup.exe
2018-12-08 13:17 - 2018-12-08 13:17 - 000045246 _____ C:\Users\ingylad99\Desktop\dds.txt
2018-12-08 13:17 - 2018-12-08 13:17 - 000012601 _____ C:\Users\ingylad99\Desktop\attach.txt
2018-12-08 09:52 - 2018-12-08 09:52 - 006981240 _____ (ESET spol. s r.o.) C:\Users\ingylad99\Downloads\esetonlinescanner_enu.exe
2018-12-08 09:52 - 2018-12-08 09:52 - 000000000 ____D C:\Users\ingylad99\AppData\Local\ESET
2018-12-08 09:40 - 2018-12-08 09:40 - 000688992 ____R (Swearware) C:\Users\ingylad99\Downloads\dds.scr
2018-12-08 09:08 - 2018-12-06 21:20 - 000456601 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20181208-090841.backup
2018-12-07 19:43 - 2018-12-07 19:43 - 018177128 _____ (Piriform Software Ltd) C:\Users\ingylad99\Downloads\ccsetup550.exe
2018-12-06 18:54 - 2018-12-06 18:54 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-11-28 13:09 - 2018-11-28 13:09 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-11-28 13:09 - 2018-11-28 13:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-11-28 13:09 - 2018-11-28 13:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-11-28 13:09 - 2018-11-28 13:09 - 000045752 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-11-13 20:16 - 2018-12-01 04:01 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-13 20:16 - 2018-12-01 04:01 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-13 18:54 - 2018-11-01 11:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-13 18:54 - 2018-11-01 09:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-13 18:54 - 2018-11-01 09:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-13 18:54 - 2018-11-01 07:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-13 18:54 - 2018-11-01 07:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-13 18:54 - 2018-11-01 07:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-13 18:54 - 2018-11-01 07:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-13 18:54 - 2018-11-01 04:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-13 18:54 - 2018-11-01 04:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-13 18:54 - 2018-10-21 13:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-13 18:53 - 2018-11-01 11:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-13 18:53 - 2018-11-01 11:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-13 18:53 - 2018-11-01 11:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-13 18:53 - 2018-11-01 11:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-13 18:53 - 2018-11-01 11:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-13 18:53 - 2018-11-01 11:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-13 18:53 - 2018-11-01 11:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-13 18:53 - 2018-11-01 11:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-13 18:53 - 2018-11-01 11:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-13 18:53 - 2018-11-01 11:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-13 18:53 - 2018-11-01 11:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-13 18:53 - 2018-11-01 11:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-13 18:53 - 2018-11-01 11:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-13 18:53 - 2018-11-01 11:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-13 18:53 - 2018-11-01 11:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-13 18:53 - 2018-11-01 11:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-13 18:53 - 2018-11-01 11:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-13 18:53 - 2018-11-01 11:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-13 18:53 - 2018-11-01 11:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-13 18:53 - 2018-11-01 10:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-13 18:53 - 2018-11-01 09:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-13 18:53 - 2018-11-01 09:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-13 18:53 - 2018-11-01 09:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-13 18:53 - 2018-11-01 09:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-13 18:53 - 2018-11-01 09:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-13 18:53 - 2018-11-01 09:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-13 18:53 - 2018-11-01 09:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-13 18:53 - 2018-11-01 09:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-13 18:53 - 2018-11-01 07:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-13 18:53 - 2018-11-01 07:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-13 18:53 - 2018-11-01 07:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-13 18:53 - 2018-11-01 07:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-13 18:53 - 2018-11-01 07:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-13 18:53 - 2018-11-01 07:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-13 18:53 - 2018-11-01 07:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-13 18:53 - 2018-11-01 07:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-13 18:53 - 2018-11-01 07:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-13 18:53 - 2018-11-01 07:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-13 18:53 - 2018-11-01 07:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-13 18:53 - 2018-11-01 07:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-13 18:53 - 2018-11-01 07:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-13 18:53 - 2018-11-01 07:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-13 18:53 - 2018-11-01 07:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-13 18:53 - 2018-11-01 07:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-13 18:53 - 2018-11-01 07:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-13 18:53 - 2018-11-01 07:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-13 18:53 - 2018-11-01 07:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-13 18:53 - 2018-11-01 07:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-13 18:53 - 2018-11-01 07:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-13 18:53 - 2018-11-01 07:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-13 18:53 - 2018-11-01 07:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-13 18:53 - 2018-11-01 07:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-13 18:53 - 2018-11-01 07:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-13 18:53 - 2018-11-01 07:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-13 18:53 - 2018-11-01 07:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-13 18:53 - 2018-11-01 06:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-13 18:53 - 2018-11-01 06:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-13 18:53 - 2018-11-01 06:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-13 18:53 - 2018-11-01 06:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-13 18:53 - 2018-11-01 06:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-13 18:53 - 2018-11-01 06:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-13 18:53 - 2018-11-01 06:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-13 18:53 - 2018-11-01 06:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-13 18:53 - 2018-11-01 06:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-13 18:53 - 2018-11-01 06:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-13 18:53 - 2018-11-01 05:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-13 18:53 - 2018-11-01 05:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-13 18:53 - 2018-11-01 04:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-13 18:53 - 2018-11-01 04:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-13 18:53 - 2018-11-01 04:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-13 18:53 - 2018-11-01 04:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-13 18:53 - 2018-11-01 04:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-13 18:53 - 2018-11-01 04:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-13 18:53 - 2018-11-01 04:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-13 18:53 - 2018-11-01 04:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-13 18:53 - 2018-11-01 04:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-13 18:53 - 2018-11-01 04:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-13 18:53 - 2018-11-01 04:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-13 18:53 - 2018-11-01 04:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-13 18:53 - 2018-11-01 04:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-13 18:53 - 2018-11-01 04:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-13 18:53 - 2018-11-01 04:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-13 18:53 - 2018-11-01 04:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-13 18:53 - 2018-11-01 04:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-13 18:53 - 2018-11-01 04:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-13 18:53 - 2018-11-01 04:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-13 18:53 - 2018-11-01 04:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-13 18:53 - 2018-11-01 04:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-13 18:53 - 2018-10-21 13:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-13 18:53 - 2018-10-21 13:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-13 18:53 - 2018-10-21 13:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-13 18:53 - 2018-10-21 13:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-13 18:53 - 2018-10-21 12:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-13 18:53 - 2018-10-21 12:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-13 18:53 - 2018-10-21 12:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-13 18:53 - 2018-10-21 12:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-13 18:53 - 2018-10-21 12:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-13 18:53 - 2018-10-21 12:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-13 18:53 - 2018-10-21 12:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-13 18:53 - 2018-10-21 12:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-13 18:53 - 2018-10-21 12:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-13 18:53 - 2018-10-21 12:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-13 18:53 - 2018-10-21 12:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-13 18:53 - 2018-10-21 12:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-13 18:53 - 2018-10-21 11:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-13 18:53 - 2018-10-21 11:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-13 18:53 - 2018-10-21 11:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-13 18:53 - 2018-10-21 11:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-13 18:53 - 2018-10-21 11:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-13 18:53 - 2018-10-21 11:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-13 18:53 - 2018-10-21 11:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-13 18:53 - 2018-10-21 11:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-13 18:53 - 2018-10-21 11:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-13 18:53 - 2018-10-21 11:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-13 18:53 - 2018-10-21 11:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-13 18:53 - 2018-10-21 11:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-13 18:53 - 2018-10-21 09:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-13 18:53 - 2018-10-21 08:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-13 18:53 - 2018-10-21 07:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-13 18:53 - 2018-10-21 07:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-13 18:53 - 2018-10-21 07:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-13 18:53 - 2018-10-21 07:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-13 18:53 - 2018-10-21 07:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-13 18:53 - 2018-10-21 07:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-13 18:53 - 2018-10-21 07:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-13 18:53 - 2018-10-21 07:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-13 18:53 - 2018-10-21 07:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-13 18:53 - 2018-10-21 07:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-13 18:53 - 2018-10-21 07:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-13 18:53 - 2018-10-21 07:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-13 18:53 - 2018-10-21 07:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-13 18:53 - 2018-10-21 07:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-13 18:53 - 2018-10-21 07:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-13 18:53 - 2018-10-21 07:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-13 18:53 - 2018-10-21 07:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-13 18:53 - 2018-10-21 07:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-13 18:53 - 2018-10-21 07:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-13 18:53 - 2018-10-21 07:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-13 18:53 - 2018-10-21 07:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-13 18:53 - 2018-10-21 07:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-13 18:53 - 2018-10-21 07:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-13 18:53 - 2018-10-21 07:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-13 18:53 - 2018-10-21 07:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-13 18:53 - 2018-10-21 07:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-13 18:53 - 2018-10-21 07:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-13 18:53 - 2018-10-21 07:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-13 18:53 - 2018-10-21 07:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-13 18:53 - 2018-10-21 07:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-13 18:53 - 2018-10-21 07:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-13 18:53 - 2018-10-21 07:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-13 18:53 - 2018-10-21 07:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-13 18:53 - 2018-10-21 07:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-13 18:53 - 2018-10-21 07:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-13 18:53 - 2018-10-21 07:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-13 18:53 - 2018-10-21 07:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-13 18:53 - 2018-10-21 07:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-13 18:53 - 2018-10-21 06:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-13 18:53 - 2018-10-21 06:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-13 18:53 - 2018-10-21 06:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-13 18:53 - 2018-10-21 06:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-13 18:53 - 2018-10-21 06:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-13 18:53 - 2018-10-21 05:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-13 18:53 - 2018-10-21 05:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-13 18:53 - 2018-04-28 04:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-11 05:21 - 2016-11-17 19:37 - 000000000 ____D C:\Users\ingylad99\AppData\LocalLow\Mozilla
2018-12-11 05:16 - 2018-07-29 01:38 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{263E05ED-969C-443B-B796-5A18B545BA3A}
2018-12-11 05:10 - 2018-04-11 23:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-11 04:44 - 2016-06-20 17:54 - 000000000 ___RD C:\Users\ingylad99\Dropbox
2018-12-10 21:59 - 2018-04-11 23:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-10 21:59 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-10 21:42 - 2018-07-29 01:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-10 21:42 - 2015-12-12 10:47 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-12-10 21:41 - 2018-04-11 21:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-12-10 21:41 - 2015-07-30 17:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-12-10 19:32 - 2018-07-29 01:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-10 04:41 - 2016-06-20 17:49 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-12-10 04:41 - 2016-06-20 17:49 - 000000926 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-12-09 17:56 - 2018-07-29 01:38 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-09 17:56 - 2018-07-29 01:38 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-09 17:56 - 2018-07-29 01:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-12-09 08:19 - 2018-07-29 01:11 - 000000000 ____D C:\Users\ingylad99
2018-12-09 08:03 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-08 12:59 - 2016-11-22 22:15 - 000000000 ____D C:\Users\ingylad99\AppData\Local\Amazon Music
2018-12-08 12:50 - 2013-12-28 17:38 - 000000000 ____D C:\ProgramData\Adobe
2018-12-08 12:49 - 2013-11-03 18:08 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-12-08 12:48 - 2013-12-28 17:45 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-12-08 12:19 - 2013-08-16 16:00 - 000000000 ____D C:\Users\ingylad99\Downloads\PROGS
2018-12-08 09:20 - 2017-12-29 18:24 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-07 21:08 - 2018-07-12 01:05 - 000000000 ____D C:\Program Files\rempl
2018-12-07 19:47 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-06 21:26 - 2016-11-22 22:15 - 000001320 _____ C:\Users\ingylad99\Desktop\Amazon Music.lnk
2018-12-06 21:14 - 2015-04-13 19:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-06 18:56 - 2018-07-29 01:38 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-12-06 18:56 - 2018-01-10 23:46 - 000239840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-12-06 18:55 - 2018-05-14 18:13 - 000000000 ____D C:\Users\ingylad99\AppData\Local\AVAST Software
2018-12-06 18:54 - 2018-11-01 20:09 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-12-06 18:54 - 2018-04-11 23:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-12-06 18:54 - 2017-11-20 02:49 - 000201240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000346592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000230344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000201768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-12-06 18:54 - 2017-03-16 11:34 - 000059496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 001028680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000469272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000380464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000208472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000163208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000111800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000087432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-12-06 18:54 - 2015-10-10 20:05 - 000046384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-12-06 14:17 - 2017-12-06 23:04 - 000000000 ____D C:\Users\ingylad99\AppData\Local\Packages
2018-12-06 07:38 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-06 07:38 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-05 21:41 - 2018-04-11 23:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-04 23:14 - 2015-04-13 18:12 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-04 23:14 - 2015-04-13 18:12 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-29 20:30 - 2016-06-20 17:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-29 20:10 - 2018-07-29 01:11 - 000002416 _____ C:\Users\ingylad99\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-29 20:10 - 2015-07-30 18:57 - 000000000 ___RD C:\Users\ingylad99\OneDrive
2018-11-17 12:13 - 2016-10-22 09:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-17 12:13 - 2015-04-13 19:17 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-17 11:21 - 2015-12-12 10:48 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-11-17 11:21 - 2015-12-12 10:48 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-11-17 11:21 - 2015-12-12 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-11-17 11:21 - 2015-12-12 10:47 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-11-17 10:49 - 2018-10-27 15:40 - 000000000 ____D C:\Users\ingylad99\AppData\Local\CrashDumps
2018-11-17 10:47 - 2017-12-29 18:24 - 000000000 ____D C:\Program Files\CCleaner
2018-11-15 19:22 - 2015-11-05 18:05 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-13 20:22 - 2018-07-29 01:26 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-13 20:18 - 2015-09-16 03:28 - 000000000 ___RD C:\Users\ingylad99\3D Objects
2018-11-13 20:18 - 2013-07-10 06:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-13 20:16 - 2018-07-29 01:06 - 004883320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-13 20:14 - 2018-07-29 01:11 - 000000000 ____D C:\Users\Administrator
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-13 20:12 - 2018-04-11 23:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-13 19:15 - 2013-08-15 21:43 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-13 19:11 - 2013-01-07 17:56 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-12 18:37 - 2016-11-13 17:45 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump

==================== Files in the root of some directories =======

2014-04-01 15:15 - 2014-04-01 15:15 - 000000747 _____ () C:\Users\ingylad99\AppData\Local\recently-used.xbel
2013-10-16 21:22 - 2015-04-03 18:34 - 000007605 _____ () C:\Users\ingylad99\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-29 01:06

==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition.txt (63.5 KB, 3 views)
ingylad99 is offline  
Old 12-11-2018, 03:35 AM   #17
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, ingylad99.

Quote:
thinking I had nothing to lose I had a mess with making a fixlist
What exactly do you mean by that? Did you make your own fixlist?

Please post the Fixlog.txt log located on your desktop in your next reply.

Did you also run OTL.exe?

Running these tools on your own can render your machine unbootable. Please don't.

Quote:
Typing in the above ,chrome comes back with"aw snap,something went wrong"
Do you mean you got the message after removing the Avira Browser Safety extension?

At what step in the process were you when that message appeared?

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-11-2018, 10:53 AM   #18
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi Chemist,I`ve just got back from work so I can go into more detail now I`m not in a rush.
Like I said this morning,I thought I was not going to get any more help so,as my computer is infected,if I break it,it`s no great loss.I tried reading the tutorial for FRST and looked through the logs for things that I felt should not be there (yes you`re right,I don`t have a clue). Here`s the result.


Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by ingylad99 (10-12-2018 21:41:27) Run:2
Running from C:\Users\ingylad99\Desktop
Loaded Profiles: ingylad99 (Available Profiles: ingylad99 & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
2018-12-06 07:38 - 2018-12-06 07:38 - 005213184 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-11-29 20:29 - 2018-11-29 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-09 17:56 - 2018-07-29 01:38 - 000003762 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-09 17:56 - 2018-07-29 01:38 - 000003750 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-09 17:56 - 2018-07-29 01:38 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-12-09 17:56 - 2018-07-29 01:38 - 000003446 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-12-09 17:56 - 2018-07-29 01:38 - 000003444 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-12-09 17:56 - 2018-07-29 01:38 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-09 17:56 - 2018-07-29 01:38 - 000003290 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1503225450
2018-12-09 17:56 - 2018-07-29 01:38 - 000003220 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-12-09 17:56 - 2018-07-29 01:38 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-09 17:56 - 2018-07-29 01:38 - 000002878 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119260231-2051200503-1535011724-1002
2018-12-09 17:56 - 2018-07-29 01:38 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-119260231-2051200503-1535011724-1002
2018-12-09 17:56 - 2018-07-29 01:38 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-119260231-2051200503-1535011724-500
2018-12-09 17:56 - 2018-07-29 01:38 - 000002764 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-pes-one-ingylad99
2018-12-09 17:56 - 2018-07-29 01:38 - 000002764 _____ C:\WINDOWS\System32\Tasks\[email protected]
2018-12-09 17:56 - 2018-07-29 01:38 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119260231-2051200503-1535011724-500
*****************

C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox => moved successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier => moved successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier => moved successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1503225450 => moved successfully
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119260231-2051200503-1535011724-1002 => moved successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-119260231-2051200503-1535011724-1002 => moved successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-119260231-2051200503-1535011724-500 => moved successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-pes-one-ingylad99 => moved successfully
C:\WINDOWS\System32\Tasks\[email protected] => moved successfully
C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-119260231-2051200503-1535011724-500 => moved successfully


The system needed a reboot.

==== End of Fixlog 21:41:28 ====


I did not run OLT.
Regarding the chrome browser,I opened chrome and pasted "chrome://extensions" into the address bar and that message came up.
Kind regards ingylad99
ingylad99 is offline  
Old 12-11-2018, 06:36 PM   #19
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, ingylad99. Gonna take an extra step to get back on track here.
  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST64.exe

    NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.


    Code:
    start
    createrestorepoint:
    RestoreQuarantine:
    end
  • Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-11-2018, 09:36 PM   #20
Registered Member
 
Join Date: Dec 2018
Location: Staffordshire,UK
Posts: 20
OS: WINDOWS 10 HOME



Hi Chemist,here`s the fixlog.


Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by ingylad99 (12-12-2018 05:26:54) Run:3
Running from C:\Users\ingylad99\Desktop
Loaded Profiles: ingylad99 (Available Profiles: ingylad99 & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
createrestorepoint:
RestoreQuarantine:
end
*****************

Restore point was successfully created.
RestoreQuarantine:=> Restoring from Quarantine completed.

==== End of Fixlog 05:32:05 ====
ingylad99 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
XP Security 2011/Java-CVE-2010/Cycbot Removal
Hey, everybody. Here's the lowdown: A couple of months ago my sister accidentally sent me the XP Security 2011 virus in a .JPG attached to her e-mail. (I know it was her, alas, as that's how she caught the exact same virus.) I took my PC to a local computer company and paid good money to...
KeithEKimball Resolved HJT Threads 20 08-15-2011 03:34 PM
Laptop barely works, can't access task manager
No access to a Windows install disc or a boot CD Computer takes way too long to start. Takes way too long to restart and shut down. The internet shuts off after a couple of hours and I have to restart the computer. Pop-up keeps appearing even when a web page isn't open....
BalloonBottle Resolved HJT Threads 21 07-25-2011 02:36 PM
"The memory could not be written"
Hi. I appreciate any help you could provide. Recently, I started getting an error that popped up when I run Real Player. Now, anytime I try to install a program I get an application error referencing memory at "0x71ab4a07" and am unable to complete installation. Here is the specific message when...
calbum2 Inactive Malware Help Topics 6 05-09-2011 07:32 AM
Windows 7 Recovery Problem
Hello, I first got this about a month ago as "Win 7 2011 Security Alert" which wouldn't let me open internet explorer, disabled malwarebytes and caused general chaos. I managed to get malware bytes open by running an antivirus scan (Panda) and then malware bytes could update and detect/remove...
RichieFth Virus/Trojan/Spyware Help 21 04-28-2011 01:08 PM
XP security center
Hi, using XP SP3, with up to date AVG free. Using other PC to post this. I got the XP security center malware while browsing. I can not open exe files (but get no prompts like for missing associations for example, anything I have tried like Firefox, etc. I can navigate in windows explorer...
rgmm Resolved HJT Threads 16 04-09-2011 08:00 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 08:17 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts