[RESOLVED] reponse to hacked computer - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 39

Thread: [RESOLVED] reponse to hacked computer

  1. #16
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.


    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

  2. #17
    Join Date
    Jan 2019
    Posts
    31
    # -------------------------------
    # Malwarebytes AdwCleaner 7.2.7.0
    # -------------------------------
    # Build: 01-30-2019
    # Database: 2019-02-15.6 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 02-18-2019
    # Duration: 00:00:01
    # OS: Windows 10 Home
    # Cleaned: 14
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    No malicious folders cleaned.

    ***** [ Files ] *****

    No malicious files cleaned.

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
    Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
    Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
    Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
    Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
    Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
    Deleted HKCU\Software\Lavasoft\Web Companion
    Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    Deleted http://www.bing.com/?pc=COSP&ptag=D0...logo=CT3335799


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [3228 octets] - [18/02/2019 21:46:57]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

  3. #18
    Join Date
    Jan 2019
    Posts
    31
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.02.2019
    Ran by Cosmos (administrator) on DESKTOP-N0KELHM (18-02-2019 22:24:34)
    Running from C:\Users\Cosmos\Downloads\Antivirus\FRST
    Loaded Profiles: Cosmos (Available Profiles: defaultuser0 & Cosmos)
    Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: English (United States)
    Default browser: Edge
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_140ca414b7e07d19\igfxCUIService.exe
    (Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_140ca414b7e07d19\IntelCpHDCPSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (Toshiba Electronic Devices & Storage Corporation) C:\Program Files (x86)\TOSHIBA\Storage Backup Software\TosHDDBkupSvc.exe
    (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_140ca414b7e07d19\IntelCpHeciSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\plugins\ColorIntelligence\CACE.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_140ca414b7e07d19\igfxext.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_140ca414b7e07d19\igfxext.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
    () C:\OEM\Preload\FUBService\FUBService.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
    (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
    () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
    (Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
    () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.DesktopBridge.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
    HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [32256 2018-04-11] (Microsoft Corporation) [File not signed]
    HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [27136 2018-04-11] (Microsoft Corporation) [File not signed]
    HKU\S-1-5-21-236146839-932208297-861440787-1001\...\RunOnce: [Application Restart #4] => C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\devenv.exe [726864 2019-01-08] (Microsoft Corporation -> Microsoft Corporation)
    Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
    Startup: C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-02-18]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
    Tcpip\..\Interfaces\{2EEEE076-F2FA-46A9-942E-70ED200204C8}: [NameServer] 8.8.8.8 8.8.4.4
    Tcpip\..\Interfaces\{46D72490-E6CD-4C06-AD4B-122C7770EA54}: [NameServer] 8.8.8.8 8.8.4.4
    Tcpip\..\Interfaces\{855061C6-C34F-4F69-8CA4-5D2C6AA760A8}: [NameServer] 8.8.8.8 8.8.4.4
    Tcpip\..\Interfaces\{9FAAB16B-BA73-46A8-A583-C8EA2F3E8B31}: [NameServer] 8.8.8.8 8.8.4.4
    Tcpip\..\Interfaces\{ABFA52FE-2B4E-4B41-8D47-64D05EFD7CCD}: [NameServer] 8.8.8.8 8.8.4.4
    Tcpip\..\Interfaces\{c5e81bab-cd9f-478e-99ba-64ab89bd76e3}: [DhcpNameServer] 209.18.47.63 209.18.47.61
    Tcpip\..\Interfaces\{f2308bda-f462-438b-8517-2a617de8ff9f}: [DhcpNameServer] 10.66.184.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-236146839-932208297-861440787-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://weather.com/
    HKU\S-1-5-21-236146839-932208297-861440787-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
    SearchScopes: HKU\S-1-5-21-236146839-932208297-861440787-1001 -> DefaultScope {CE82ECFF-5ACE-4A9B-93C0-3061D7C90A95} URL =
    SearchScopes: HKU\S-1-5-21-236146839-932208297-861440787-1001 -> {87390958-03D4-4406-944A-86362636AB19} URL =
    SearchScopes: HKU\S-1-5-21-236146839-932208297-861440787-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo&type=10555005_11.0.0.6744_i_ds
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-13] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: zmdhmrev.default
    FF ProfilePath: C:\Users\Cosmos\AppData\Roaming\Mozilla\Firefox\Profiles\zmdhmrev.default [2019-02-18]
    FF Homepage: Mozilla\Firefox\Profiles\zmdhmrev.default -> hxxps://www.google.com/
    FF NewTab: Mozilla\Firefox\Profiles\zmdhmrev.default -> hxxp://www.bing.com/?pc=COSP&ptag=D020219-N0600A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
    FF Extension: (Firefox Lightbeam) - C:\Users\Cosmos\AppData\Roaming\Mozilla\Firefox\Profiles\zmdhmrev.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2019-02-12]
    FF Extension: (Avast Online Security) - C:\Users\Cosmos\AppData\Roaming\Mozilla\Firefox\Profiles\zmdhmrev.default\Extensions\wrc@avast.com.xpi [2019-01-08]
    FF Extension: (Web of Trust) - C:\Users\Cosmos\AppData\Roaming\Mozilla\Firefox\Profiles\zmdhmrev.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-01-07]
    FF SearchPlugin: C:\Users\Cosmos\AppData\Roaming\Mozilla\Firefox\Profiles\zmdhmrev.default\searchplugins\bing-lavasoft-ff59.xml [2019-02-01]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-07] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-07] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-13] (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-01-31] (Adobe Systems Inc.)

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    U3 AJRouter; C:\WINDOWS\System32\AJRouter.dll [25088 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 ALG; C:\WINDOWS\System32\alg.exe [91136 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 AppIDSvc; C:\WINDOWS\System32\appidsvc.dll [77312 2018-04-11] (Microsoft Corporation) [File not signed]
    R3 Appinfo; C:\WINDOWS\System32\appinfo.dll [166912 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 AppReadiness; C:\WINDOWS\system32\AppReadiness.dll [667648 2018-06-08] (Microsoft Corporation) [File not signed]
    U3 AppXSvc; C:\WINDOWS\system32\appxdeploymentserver.dll [3396608 2019-01-09] (Microsoft Corporation) [File not signed]
    U3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-27] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
    U2 AudioEndpointBuilder; C:\WINDOWS\System32\AudioEndpointBuilder.dll [684544 2018-12-08] (Microsoft Corporation) [File not signed]
    R2 Audiosrv; C:\WINDOWS\System32\Audiosrv.dll [1768448 2018-12-08] (Microsoft Corporation) [File not signed]
    U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [369264 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U3 AxInstSV; C:\WINDOWS\System32\AxInstSV.dll [110080 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1364992 2019-02-06] (Microsoft Corporation) [File not signed]
    U3 BDESVC; C:\WINDOWS\System32\bdesvc.dll [402944 2018-09-08] (Microsoft Corporation) [File not signed]
    U2 BFE; C:\WINDOWS\System32\bfe.dll [778752 2018-06-08] (Microsoft Corporation) [File not signed]
    U2 BITS; C:\WINDOWS\System32\qmgr.dll [1374208 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 BrokerInfrastructure; C:\WINDOWS\System32\bisrv.dll [847360 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [514048 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [399872 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 bthserv; C:\WINDOWS\system32\bthserv.dll [184320 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 camsvc; C:\WINDOWS\system32\CapabilityAccessManager.dll [266752 2019-01-09] (Microsoft Corporation) [File not signed]
    U2 CDPSvc; C:\WINDOWS\System32\CDPSvc.dll [632320 2018-10-21] (Microsoft Corporation) [File not signed]
    U2 CDPUserSvc; C:\WINDOWS\System32\CDPUserSvc.dll [453632 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 CertPropSvc; C:\WINDOWS\System32\certprop.dll [188928 2018-09-08] (Microsoft Corporation) [File not signed]
    U2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013280 2019-02-07] (Microsoft Corporation -> Microsoft Corporation)
    U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10747264 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
    U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
    U3 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [20888 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    U3 COMSysApp; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [19360 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    R2 CryptSvc; C:\WINDOWS\system32\cryptsvc.dll [94720 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163336 2016-09-19] (Dolby Laboratories, Inc. -> )
    R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [1159680 2019-01-01] (Microsoft Corporation) [File not signed]
    U2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [82944 2018-04-10] (Microsoft Corporation) [File not signed]
    U3 defragsvc; C:\WINDOWS\System32\defragsvc.dll [491520 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [151040 2018-04-10] (Microsoft Corporation) [File not signed]
    U2 DeviceAssociationService; C:\WINDOWS\system32\das.dll [463360 2018-09-07] (Microsoft Corporation) [File not signed]
    U3 DeviceInstall; C:\WINDOWS\system32\umpnpmgr.dll [119296 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [400896 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [750080 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 DevQueryBroker; C:\WINDOWS\system32\DevQueryBroker.dll [33792 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 Dhcp; C:\WINDOWS\system32\dhcpcore.dll [352768 2019-01-01] (Microsoft Corporation) [File not signed]
    U2 Dhcp; C:\WINDOWS\SysWOW64\dhcpcore.dll [317440 2019-01-01] (Microsoft Corporation) [File not signed]
    U3 diagnosticshub.standardcollector.service; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [90624 2018-08-02] (Microsoft Corporation) [File not signed]
    U3 diagsvc; C:\WINDOWS\system32\DiagSvc.dll [219648 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [3090432 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 DmEnrollmentSvc; C:\WINDOWS\system32\Windows.Internal.Management.dll [827392 2018-06-14] (Microsoft Corporation) [File not signed]
    U3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll [593408 2018-06-14] (Microsoft Corporation) [File not signed]
    U3 dmwappushservice; C:\WINDOWS\system32\dmwappushsvc.dll [57856 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [300032 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 DoSvc; C:\WINDOWS\system32\dosvc.dll [1457152 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 dot3svc; C:\WINDOWS\System32\dot3svc.dll [252928 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 DPS; C:\WINDOWS\system32\dps.dll [168448 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2276616 2018-12-05] (Comodo Security Solutions, Inc. -> Comodo)
    U3 DsmSvc; C:\WINDOWS\System32\DeviceSetupManager.dll [235520 2018-06-14] (Microsoft Corporation) [File not signed]
    U3 DsSvc; C:\WINDOWS\System32\DsSvc.dll [153088 2019-01-01] (Microsoft Corporation) [File not signed]
    U2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [356352 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 Eaphost; C:\WINDOWS\System32\eapsvc.dll [109568 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 EFS; C:\WINDOWS\system32\efssvc.dll [58880 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 embeddedmode; C:\WINDOWS\System32\embeddedmodesvc.dll [167424 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [308736 2018-11-08] (Microsoft Corporation) [File not signed]
    U2 EventLog; C:\WINDOWS\System32\wevtsvc.dll [1854976 2018-10-21] (Microsoft Corporation) [File not signed]
    U2 EventSystem; C:\WINDOWS\system32\es.dll [486400 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 EventSystem; C:\WINDOWS\SysWOW64\es.dll [331264 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Fax; C:\WINDOWS\system32\fxssvc.exe [642048 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 fdPHost; C:\WINDOWS\system32\fdPHost.dll [20992 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 FDResPub; C:\WINDOWS\system32\fdrespub.dll [34816 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 fhsvc; C:\WINDOWS\system32\fhsvc.dll [121344 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 FontCache; C:\WINDOWS\system32\FntCache.dll [1919488 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 FrameServer; C:\WINDOWS\system32\FrameServer.dll [673792 2018-06-08] (Microsoft Corporation) [File not signed]
    U2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
    R2 gpsvc; C:\WINDOWS\System32\gpsvc.dll [1267712 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 GraphicsPerfSvc; C:\WINDOWS\System32\GraphicsPerfSvc.dll [90624 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 hidserv; C:\WINDOWS\system32\hidserv.dll [33792 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 hidserv; C:\WINDOWS\SysWOW64\hidserv.dll [29696 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    U3 icssvc; C:\WINDOWS\System32\tetheringservice.dll [241152 2018-11-01] (Microsoft Corporation) [File not signed]
    U2 IKEEXT; C:\WINDOWS\System32\ikeext.dll [990720 2018-08-08] (Microsoft Corporation) [File not signed]
    U3 InstallService; C:\WINDOWS\system32\InstallService.dll [1487360 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 InstallService; C:\WINDOWS\SysWOW64\InstallService.dll [1110528 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
    U2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2016-09-19] (Intel(R) CN -> Intel Corporation)
    U2 iphlpsvc; C:\WINDOWS\System32\iphlpsvc.dll [786432 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [63488 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 irmon; C:\WINDOWS\System32\irmon.dll [24576 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199816 2018-04-24] (Comodo Security Solutions, Inc. -> COMODO)
    U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
    U3 KeyIso; C:\WINDOWS\system32\keyiso.dll [89088 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 KeyIso; C:\WINDOWS\SysWOW64\keyiso.dll [70656 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 KtmRm; C:\WINDOWS\system32\msdtckrm.dll [368128 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 LanmanServer; C:\WINDOWS\system32\srvsvc.dll [271360 2018-04-11] (Microsoft Corporation) [File not signed]
    R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [271872 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 lfsvc; C:\WINDOWS\System32\lfsvc.dll [44544 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 LicenseManager; C:\WINDOWS\system32\LicenseManagerSvc.dll [48640 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 lltdsvc; C:\WINDOWS\System32\lltdsvc.dll [269312 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 lmhosts; C:\WINDOWS\System32\lmhsvc.dll [26112 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 LSM; C:\WINDOWS\System32\lsm.dll [671744 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [199680 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 MapsBroker; C:\WINDOWS\System32\moshost.dll [91136 2018-07-06] (Microsoft Corporation) [File not signed]
    U2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
    U3 MessagingService; C:\WINDOWS\System32\MessagingService.dll [52224 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 mpssvc; C:\WINDOWS\system32\mpssvc.dll [885760 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 MSDTC; C:\WINDOWS\System32\msdtc.exe [148480 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 MSiSCSI; C:\WINDOWS\system32\iscsiexe.dll [150528 2018-04-11] (Microsoft Corporation) [File not signed]
    S3 msiserver; C:\WINDOWS\System32\msiexec.exe /V [66048 2018-08-03] (Microsoft Corporation) [File not signed]
    S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe /V [60416 2018-08-03] (Microsoft Corporation) [File not signed]
    U3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [824832 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NcaSvc; C:\WINDOWS\System32\ncasvc.dll [167936 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NcbService; C:\WINDOWS\System32\ncbservice.dll [376832 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NcdAutoSetup; C:\WINDOWS\System32\NcdAutoSetup.dll [88064 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Netlogon; C:\WINDOWS\system32\netlogon.dll [773632 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Netlogon; C:\WINDOWS\SysWOW64\netlogon.dll [659456 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Netman; C:\WINDOWS\System32\netman.dll [262656 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 netprofm; C:\WINDOWS\System32\netprofmsvc.dll [507392 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 NetSetupSvc; C:\WINDOWS\System32\NetSetupSvc.dll [335360 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NgcCtnrSvc; C:\WINDOWS\System32\NgcCtnrSvc.dll [582144 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NgcSvc; C:\WINDOWS\system32\ngcsvc.dll [784896 2018-09-07] (Microsoft Corporation) [File not signed]
    U2 NlaSvc; C:\WINDOWS\System32\nlasvc.dll [367616 2018-04-11] (Microsoft Corporation) [File not signed]
    R2 nsi; C:\WINDOWS\System32\nsisvc.dll [30720 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
    U3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
    U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
    U2 OneSyncSvc; C:\WINDOWS\System32\APHostService.dll [324608 2018-04-10] (Microsoft Corporation) [File not signed]
    U3 p2pimsvc; C:\WINDOWS\system32\pnrpsvc.dll [343552 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 p2psvc; C:\WINDOWS\system32\p2psvc.dll [424960 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PerfHost; C:\WINDOWS\SysWow64\perfhost.exe [21504 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PhoneSvc; C:\WINDOWS\System32\PhoneService.dll [835584 2018-11-01] (Microsoft Corporation) [File not signed]
    U3 PimIndexMaintenanceSvc; C:\WINDOWS\System32\PimIndexMaintenance.dll [185856 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 pla; C:\WINDOWS\system32\pla.dll [1463296 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 pla; C:\WINDOWS\SysWOW64\pla.dll [1537536 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PlugPlay; C:\WINDOWS\system32\umpnpmgr.dll [119296 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PNRPAutoReg; C:\WINDOWS\system32\pnrpauto.dll [26624 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PNRPsvc; C:\WINDOWS\system32\pnrpsvc.dll [343552 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PolicyAgent; C:\WINDOWS\System32\ipsecsvc.dll [441856 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 Power; C:\WINDOWS\system32\umpo.dll [152576 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3441152 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PrintWorkflowUserSvc; C:\WINDOWS\System32\PrintWorkflowService.dll [170496 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PrintWorkflowUserSvc; C:\WINDOWS\SysWOW64\PrintWorkflowService.dll [138240 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 ProfSvc; C:\WINDOWS\system32\profsvc.dll [396800 2018-07-13] (Microsoft Corporation) [File not signed]
    U3 PushToInstall; C:\WINDOWS\system32\PushToInstall.dll [262144 2018-07-13] (Microsoft Corporation) [File not signed]
    U3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2018-03-09] (Acer Incorporated -> Acer Incorporated)
    U3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2018-03-09] (Acer Incorporated -> Acer Incorporated)
    U3 QWAVE; C:\WINDOWS\system32\qwave.dll [278016 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 QWAVE; C:\WINDOWS\SysWOW64\qwave.dll [236032 2018-04-11] (Microsoft Corporation) [File not signed]
    S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [104960 2018-04-11] (Microsoft Corporation) [File not signed]
    R2 RasMan; C:\WINDOWS\System32\rasmans.dll [933888 2018-11-08] (Microsoft Corporation) [File not signed]
    S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [497664 2018-04-11] (Microsoft Corporation) [File not signed]
    S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [407552 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 RemoteRegistry; C:\WINDOWS\system32\regsvc.dll [155648 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 RetailDemo; C:\WINDOWS\system32\RDXService.dll [681984 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 RmSvc; C:\WINDOWS\System32\RMapi.dll [153600 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
    R2 RpcEptMapper; C:\WINDOWS\System32\RpcEpMap.dll [78336 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 RpcLocator; C:\WINDOWS\system32\locator.exe [10752 2018-04-11] (Microsoft Corporation) [File not signed]
    R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [1159680 2019-01-01] (Microsoft Corporation) [File not signed]
    U3 SCardSvr; C:\WINDOWS\System32\SCardSvr.dll [258560 2018-09-08] (Microsoft Corporation) [File not signed]
    U3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [198144 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 Schedule; C:\WINDOWS\system32\schedsvc.dll [889344 2018-11-01] (Microsoft Corporation) [File not signed]
    U3 SCPolicySvc; C:\WINDOWS\System32\certprop.dll [188928 2018-09-08] (Microsoft Corporation) [File not signed]
    U3 SDRSVC; C:\WINDOWS\System32\SDRSVC.dll [146944 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 seclogon; C:\WINDOWS\system32\seclogon.dll [30720 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1248768 2018-04-11] (Microsoft Corporation) [File not signed]
    R2 SENS; C:\WINDOWS\System32\sens.dll [73216 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1273344 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SensorService; C:\WINDOWS\system32\SensorService.dll [712192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SensrSvc; C:\WINDOWS\system32\sensrsvc.dll [208896 2018-11-09] (Microsoft Corporation) [File not signed]
    U3 SessionEnv; C:\WINDOWS\system32\sessenv.dll [397312 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SessionEnv; C:\WINDOWS\SysWOW64\sessenv.dll [346112 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [604672 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SharedRealitySvc; C:\WINDOWS\System32\SharedRealitySvc.dll [713216 2018-08-28] (Microsoft Corporation) [File not signed]
    U2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [613376 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 ShellHWDetection; C:\WINDOWS\SysWOW64\shsvcs.dll [564736 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 shpamsvc; C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [195584 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 smphost; C:\WINDOWS\System32\smphost.dll [23552 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 smphost; C:\WINDOWS\SysWOW64\smphost.dll [20992 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SmsRouter; C:\WINDOWS\system32\SmsRouterSvc.dll [590336 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15360 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 spectrum; C:\WINDOWS\system32\spectrum.exe [976384 2018-06-08] (Microsoft Corporation) [File not signed]
    R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [768512 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [228864 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () [File not signed]
    U3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [383488 2018-09-07] (Microsoft Corporation) [File not signed]
    U3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970240 2018-05-20] () [File not signed]
    U3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [286720 2018-09-07] (Microsoft Corporation) [File not signed]
    U3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [265216 2018-09-07] (Microsoft Corporation) [File not signed]
    U3 SstpSvc; C:\WINDOWS\system32\sstpsvc.dll [207872 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 stisvc; C:\WINDOWS\System32\wiaservc.dll [611840 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 StorSvc; C:\WINDOWS\system32\storsvc.dll [960512 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 svsvc; C:\WINDOWS\system32\svsvc.dll [13824 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 swprv; C:\WINDOWS\System32\swprv.dll [467456 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 SysMain; C:\WINDOWS\system32\sysmain.dll [972800 2018-07-13] (Microsoft Corporation) [File not signed]
    U2 SystemEventsBroker; C:\WINDOWS\System32\SystemEventsBrokerServer.dll [281600 2018-11-01] (Microsoft Corporation) [File not signed]
    U2 TabletInputService; C:\WINDOWS\System32\TabSvc.dll [221696 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [308224 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 TapiSrv; C:\WINDOWS\SysWOW64\tapisrv.dll [254464 2018-04-11] (Microsoft Corporation) [File not signed]
    R3 TermService; C:\WINDOWS\System32\termsrv.dll [1030656 2018-04-11] (Microsoft Corporation) [File not signed]
    R2 Themes; C:\WINDOWS\system32\themeservice.dll [69632 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [303616 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 TimeBrokerSvc; C:\WINDOWS\System32\TimeBrokerServer.dll [176128 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 TokenBroker; C:\WINDOWS\System32\TokenBroker.dll [1395200 2019-01-09] (Microsoft Corporation) [File not signed]
    U3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [1000448 2019-01-09] (Microsoft Corporation) [File not signed]
    U2 toshddbkupsvc; C:\Program Files (x86)\TOSHIBA\Storage Backup Software\TosHDDBkupSvc.exe [2136568 2018-06-20] (Toshiba Electronic Devices & Storage Corporation -> Toshiba Electronic Devices & Storage Corporation)
    U2 TrkWks; C:\WINDOWS\System32\trkwks.dll [110592 2018-04-11] (Microsoft Corporation) [File not signed]
    S3 TrustedInstaller; C:\WINDOWS\servicing\TrustedInstaller.exe [131584 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 tzautoupdate; C:\WINDOWS\system32\tzautoupdate.dll [92160 2018-11-08] (Microsoft Corporation) [File not signed]
    U4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UmRdpService; C:\WINDOWS\System32\umrdp.dll [367104 2018-04-12] (Microsoft Corporation) [File not signed]
    U3 UnistoreSvc; C:\WINDOWS\System32\unistore.dll [1220096 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [965632 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 upnphost; C:\WINDOWS\System32\upnphost.dll [451072 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 upnphost; C:\WINDOWS\SysWOW64\upnphost.dll [331264 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UserDataSvc; C:\WINDOWS\System32\userdataservice.dll [1495040 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 UserManager; C:\WINDOWS\System32\usermgr.dll [1027584 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 UsoSvc; C:\WINDOWS\system32\usocore.dll [1373696 2018-11-01] (Microsoft Corporation) [File not signed]
    U3 VaultSvc; C:\Windows\System32\vaultsvc.dll [345600 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vds; C:\WINDOWS\System32\vds.exe [642560 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [289792 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [289792 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [289792 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmicrdv; C:\WINDOWS\System32\icsvcext.dll [309760 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [289792 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [289792 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [289792 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmicvss; C:\WINDOWS\System32\icsvcext.dll [309760 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 VSS; C:\WINDOWS\system32\vssvc.exe [1540096 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [157480 2018-08-02] (Microsoft Corporation -> Microsoft Corporation)

  4. #19
    Join Date
    Jan 2019
    Posts
    31
    U3 W32Time; C:\WINDOWS\system32\w32time.dll [579584 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation) [File not signed]
    U3 WalletService; C:\WINDOWS\system32\WalletService.dll [427520 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WarpJITSvc; C:\WINDOWS\System32\Windows.WARP.JITService.dll [31744 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 wbengine; C:\WINDOWS\system32\wbengine.exe [1535488 2018-11-09] (Microsoft Corporation) [File not signed]
    U2 WbioSrvc; C:\WINDOWS\System32\wbiosrvc.dll [983040 2018-09-07] (Microsoft Corporation) [File not signed]
    U2 Wcmsvc; C:\WINDOWS\System32\wcmsvc.dll [949248 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 wcncsvc; C:\WINDOWS\System32\wcncsvc.dll [468992 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WdiServiceHost; C:\WINDOWS\system32\wdi.dll [99840 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WdiServiceHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WdiSystemHost; C:\WINDOWS\system32\wdi.dll [99840 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WdiSystemHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-17] (Microsoft Corporation -> Microsoft Corporation)
    U3 WebClient; C:\WINDOWS\System32\webclnt.dll [217088 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WebClient; C:\WINDOWS\SysWOW64\webclnt.dll [191488 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1265152 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 Wecsvc; C:\WINDOWS\system32\wecsvc.dll [202240 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [27136 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 wercplsupport; C:\WINDOWS\System32\wercplsupport.dll [119808 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WerSvc; C:\WINDOWS\System32\WerSvc.dll [204288 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [681984 2018-07-13] (Microsoft Corporation) [File not signed]
    U3 WiaRpc; C:\WINDOWS\System32\wiarpc.dll [81920 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-02-17] (Microsoft Corporation -> Microsoft Corporation)
    U2 Winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [224256 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [2612736 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WinRM; C:\WINDOWS\SysWOW64\WsmSvc.dll [2378752 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 wisvc; C:\WINDOWS\system32\flightsettings.dll [858112 2018-06-08] (Microsoft Corporation) [File not signed]
    U3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-08] (Microsoft Corporation) [File not signed]
    U2 WlanSvc; C:\WINDOWS\System32\wlansvc.dll [2584576 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 wlidsvc; C:\WINDOWS\system32\wlidsvc.dll [2247680 2019-01-01] (Microsoft Corporation) [File not signed]
    U3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1364992 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 wmiApSrv; C:\WINDOWS\system32\wbem\WmiApSrv.exe [203264 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1456640 2018-05-20] (Microsoft Corporation) [File not signed]
    U3 WPDBusEnum; C:\WINDOWS\system32\wpdbusenum.dll [82432 2018-06-15] (Microsoft Corporation) [File not signed]
    U2 WpnService; C:\WINDOWS\system32\WpnService.dll [280576 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 WpnUserService; C:\WINDOWS\System32\WpnUserService.dll [96768 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 wscsvc; C:\WINDOWS\System32\wscsvc.dll [266240 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [1058304 2018-12-08] (Microsoft Corporation) [File not signed]
    U2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [856576 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [2904064 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 WwanSvc; C:\WINDOWS\System32\wwansvc.dll [1679360 2018-11-01] (Microsoft Corporation) [File not signed]
    U3 XblAuthManager; C:\WINDOWS\System32\XblAuthManager.dll [1115648 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 XblGameSave; C:\WINDOWS\System32\XblGameSave.dll [1308672 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 XboxGipSvc; C:\WINDOWS\System32\XboxGipSvc.dll [58880 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 XboxNetApiSvc; C:\WINDOWS\system32\XboxNetApiSvc.dll [1148928 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-09-06] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
    U2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    U3 1394ohci; C:\WINDOWS\System32\drivers\1394ohci.sys [237568 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 AcpiDev; C:\WINDOWS\System32\drivers\AcpiDev.sys [20480 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 acpipagr; C:\WINDOWS\System32\drivers\acpipagr.sys [12800 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 AcpiPmi; C:\WINDOWS\System32\drivers\acpipmi.sys [14848 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 acpitime; C:\WINDOWS\System32\drivers\acpitime.sys [13824 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [39424 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 ahcache; C:\WINDOWS\System32\DRIVERS\ahcache.sys [254464 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 AmdK8; C:\WINDOWS\System32\drivers\amdk8.sys [181760 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 AmdPPM; C:\WINDOWS\System32\drivers\amdppm.sys [179712 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 applockerfltr; C:\WINDOWS\System32\drivers\applockerfltr.sys [18432 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    U1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [519872 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
    U1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
    U2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    U3 AsyncMac; C:\WINDOWS\System32\drivers\asyncmac.sys [28672 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [63488 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [34816 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2018-04-11] (Windows (R) Win 7 DDK provider) [File not signed]
    U1 Beep; C:\Windows\System32\Drivers\Beep.sys [10240 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 bowser; C:\WINDOWS\System32\DRIVERS\bowser.sys [101888 2018-08-31] (Microsoft Corporation) [File not signed]
    U3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2012-07-31] (Brother Industries, Ltd. -> Brother Industries Ltd.)
    U3 BrSerId; C:\WINDOWS\system32\DRIVERS\BrSerId.sys [290816 2012-03-27] (Brother Industries Ltd.) [File not signed]
    U3 BrUsbSer; C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys [14720 2011-07-18] (Brother Industries Ltd.) [File not signed]
    U3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2012-06-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
    U3 BthEnum; C:\WINDOWS\System32\drivers\BthEnum.sys [106496 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [112128 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 BthLEEnum; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [86528 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [67072 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 BthPan; C:\WINDOWS\System32\drivers\bthpan.sys [129536 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 BTHPORT; C:\WINDOWS\system32\DRIVERS\BTHport.sys [1097728 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 BTHUSB; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [85504 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 buttonconverter; C:\WINDOWS\System32\drivers\buttonconverter.sys [39936 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 CapImg; C:\WINDOWS\System32\drivers\capimg.sys [123392 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 cdfs; C:\WINDOWS\System32\DRIVERS\cdfs.sys [93696 2019-02-05] (Microsoft Corporation) [File not signed]
    U1 cdrom; C:\WINDOWS\System32\drivers\cdrom.sys [159744 2018-06-14] (Microsoft Corporation) [File not signed]
    U3 circlass; C:\WINDOWS\System32\drivers\circlass.sys [49152 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [414720 2018-07-13] (Microsoft Corporation) [File not signed]
    U3 CmBatt; C:\WINDOWS\System32\drivers\CmBatt.sys [32256 2018-04-11] (Microsoft Corporation) [File not signed]
    U0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17944 2018-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
    U1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
    U1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [832032 2018-05-23] (Comodo Security Solutions, Inc. -> COMODO)
    U3 CompositeBus; C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys [40448 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 dc1-controller; C:\WINDOWS\System32\drivers\dc1-controller.sys [54272 2018-04-11] (Microsoft Corp.) [File not signed]
    U1 Dfsc; C:\WINDOWS\System32\Drivers\dfsc.sys [141312 2018-06-14] (Microsoft Corporation) [File not signed]
    U3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    U3 dmvsc; C:\WINDOWS\System32\drivers\dmvsc.sys [47104 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 ErrDev; C:\WINDOWS\System32\drivers\errdev.sys [13824 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 ETDI2C; C:\WINDOWS\System32\drivers\ETDI2C.sys [217688 2016-08-17] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
    U3 exfat; C:\Windows\System32\Drivers\exfat.sys [358912 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 fdc; C:\WINDOWS\System32\drivers\fdc.sys [32768 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 FileCrypt; C:\WINDOWS\System32\drivers\filecrypt.sys [55808 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Filetrace; C:\WINDOWS\System32\drivers\filetrace.sys [36352 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 flpydisk; C:\WINDOWS\System32\drivers\flpydisk.sys [26624 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 gencounter; C:\WINDOWS\System32\drivers\vmgencounter.sys [13312 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 genericusbfn; C:\WINDOWS\System32\drivers\genericusbfn.sys [20992 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 GpuEnergyDrv; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [8192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 HDAudBus; C:\WINDOWS\System32\drivers\HDAudBus.sys [86016 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 HidBth; C:\WINDOWS\System32\drivers\hidbth.sys [115200 2018-09-07] (Microsoft Corporation) [File not signed]
    U3 hidi2c; C:\WINDOWS\System32\drivers\hidi2c.sys [54272 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 HidIr; C:\WINDOWS\System32\drivers\hidir.sys [47104 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 HidUsb; C:\WINDOWS\System32\drivers\hidusb.sys [42496 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 HwNClx0101; C:\WINDOWS\System32\Drivers\mshwnclx.sys [27136 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 hyperkbd; C:\WINDOWS\System32\drivers\hyperkbd.sys [16896 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [28672 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 i8042prt; C:\WINDOWS\System32\drivers\i8042prt.sys [105984 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 iagpio; C:\WINDOWS\System32\drivers\iagpio.sys [36864 2018-04-11] (Intel(R) Corporation) [File not signed]
    U3 iai2c; C:\WINDOWS\System32\drivers\iai2c.sys [91648 2018-04-11] (Intel(R) Corporation) [File not signed]
    U3 iaLPSS2i_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [79360 2018-04-11] (Intel Corporation) [File not signed]
    U3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [88576 2018-04-11] (Intel Corporation) [File not signed]
    U3 iaLPSS2i_I2C; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [171520 2018-04-11] (Intel Corporation) [File not signed]
    U3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [174592 2018-04-11] (Intel Corporation) [File not signed]
    U3 iaLPSSi_I2C; C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152 2018-04-11] (Intel Corporation) [File not signed]
    U0 ijbsgx; no ImagePath
    U3 IndirectKmd; C:\WINDOWS\System32\drivers\IndirectKmd.sys [38912 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 IntelHaxm; C:\WINDOWS\system32\DRIVERS\IntelHaxm.sys [126064 2017-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    U3 intelppm; C:\WINDOWS\System32\drivers\intelppm.sys [200704 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-09] (Intel Corporation -> Intel Corporation)
    U3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [85504 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 IPNAT; C:\WINDOWS\System32\drivers\ipnat.sys [214528 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 IPT; C:\WINDOWS\System32\drivers\ipt.sys [32256 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 irda; C:\WINDOWS\system32\drivers\irda.sys [119808 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 IRENUM; C:\WINDOWS\System32\drivers\irenum.sys [19968 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63200 2017-12-12] (Comodo Security Solutions, Inc. -> COMODO)
    U3 kbdhid; C:\WINDOWS\System32\drivers\kbdhid.sys [40448 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 kdnic; C:\WINDOWS\System32\drivers\kdnic.sys [23040 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 ksthunk; C:\WINDOWS\system32\drivers\ksthunk.sys [27136 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 lltdio; C:\WINDOWS\System32\drivers\lltdio.sys [65024 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
    U2 luafv; C:\WINDOWS\system32\drivers\luafv.sys [128000 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-02-18] (Malwarebytes Corporation -> Malwarebytes)
    U2 MMCSS; C:\WINDOWS\system32\drivers\mmcss.sys [43008 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 Modem; C:\WINDOWS\System32\drivers\modem.sys [42496 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 monitor; C:\WINDOWS\System32\drivers\monitor.sys [44544 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 mouhid; C:\WINDOWS\System32\drivers\mouhid.sys [33280 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 mpsdrv; C:\WINDOWS\System32\drivers\mpsdrv.sys [75776 2018-08-30] (Microsoft Corporation) [File not signed]
    U3 MRxDAV; C:\WINDOWS\system32\drivers\mrxdav.sys [144384 2018-06-08] (Microsoft Corporation) [File not signed]
    U3 MsBridge; C:\WINDOWS\System32\drivers\bridge.sys [116736 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [31232 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 mshidkmdf; C:\WINDOWS\System32\drivers\mshidkmdf.sys [8704 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 mshidumdf; C:\WINDOWS\System32\drivers\mshidumdf.sys [11776 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [32256 2018-06-08] (Microsoft Corporation) [File not signed]
    U2 MsLldp; C:\WINDOWS\System32\drivers\mslldp.sys [84480 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [10752 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [10752 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [12800 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 MTConfig; C:\WINDOWS\System32\drivers\MTConfig.sys [16896 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NativeWifiP; C:\WINDOWS\System32\DRIVERS\nwifi.sys [528384 2018-08-08] (Microsoft Corporation) [File not signed]
    U3 NdisCap; C:\WINDOWS\System32\drivers\ndiscap.sys [53760 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NdisImPlatform; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [128512 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [27136 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Ndisuio; C:\WINDOWS\System32\drivers\ndisuio.sys [65024 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NdisVirtualBus; C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [20992 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NdisWan; C:\WINDOWS\System32\drivers\ndiswan.sys [193536 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 ndiswanlegacy; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [193536 2018-11-08] (Microsoft Corporation) [File not signed]
    U3 ndproxy; C:\WINDOWS\System32\DRIVERS\NDProxy.sys [63488 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 Ndu; C:\WINDOWS\System32\drivers\Ndu.sys [128000 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [175104 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [311296 2018-08-02] (Microsoft Corporation) [File not signed]
    U3 netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [197632 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
    U1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [73216 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 npsvctrig; C:\WINDOWS\System32\drivers\npsvctrig.sys [26112 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 nsiproxy; C:\WINDOWS\System32\drivers\nsiproxy.sys [44544 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 Null; C:\Windows\System32\Drivers\Null.sys [7168 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [104448 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_8ed00d842392588b\nvlddmkm.sys [17213832 2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
    U3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
    U3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [45152 2018-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
    U3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
    U3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
    U3 Parport; C:\WINDOWS\System32\drivers\parport.sys [98816 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 PEAUTH; C:\WINDOWS\System32\drivers\peauth.sys [726528 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 pmem; C:\WINDOWS\System32\drivers\pmem.sys [105984 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PNPMEM; C:\WINDOWS\System32\drivers\pnpmem.sys [16896 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 PptpMiniport; C:\WINDOWS\System32\drivers\raspptp.sys [97280 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Processor; C:\WINDOWS\System32\drivers\processr.sys [178176 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2360048 2018-08-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
    U3 QWAVEdrv; C:\WINDOWS\system32\drivers\qwavedrv.sys [49152 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
    U3 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [17408 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 RasAgileVpn; C:\WINDOWS\System32\drivers\AgileVpn.sys [108032 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Rasl2tp; C:\WINDOWS\System32\drivers\rasl2tp.sys [106496 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [82944 2018-04-11] (Microsoft Corporation) [File not signed]


    U3 RasSstp; C:\WINDOWS\System32\drivers\rassstp.sys [78848 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 rdpbus; C:\WINDOWS\System32\drivers\rdpbus.sys [27136 2018-04-12] (Microsoft Corporation) [File not signed]
    U3 RDPDR; C:\WINDOWS\System32\drivers\rdpdr.sys [182784 2018-06-15] (Microsoft Corporation) [File not signed]
    U3 RFCOMM; C:\WINDOWS\System32\drivers\rfcomm.sys [193536 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 rhproxy; C:\WINDOWS\System32\drivers\rhproxy.sys [104448 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 rspndr; C:\WINDOWS\System32\drivers\rspndr.sys [81920 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-08-04] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
    U3 s3cap; C:\WINDOWS\System32\drivers\vms3cap.sys [9216 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 scfilter; C:\WINDOWS\System32\DRIVERS\scfilter.sys [43008 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 SensorsHIDClassDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Serenum; C:\WINDOWS\System32\drivers\serenum.sys [25088 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 Serial; C:\WINDOWS\System32\drivers\serial.sys [84992 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 sermouse; C:\WINDOWS\System32\drivers\sermouse.sys [28160 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 sfloppy; C:\WINDOWS\System32\drivers\sfloppy.sys [17920 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [736256 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [266752 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
    U2 storqosflt; C:\WINDOWS\System32\drivers\storqosflt.sys [82432 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 Synth3dVsc; C:\WINDOWS\System32\drivers\Synth3dVsc.sys [64512 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 tcpipreg; C:\WINDOWS\System32\drivers\tcpipreg.sys [51712 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-02-18] (Adlice -> )
    U3 TsUsbFlt; C:\WINDOWS\System32\drivers\tsusbflt.sys [63488 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 TsUsbGD; C:\WINDOWS\System32\drivers\TsUsbGD.sys [35328 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 tunnel; C:\WINDOWS\System32\drivers\tunnel.sys [119296 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UcmCx0101; C:\WINDOWS\System32\Drivers\UcmCx.sys [128512 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UcmTcpciCx0101; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [152576 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UcmUcsi; C:\WINDOWS\System32\drivers\UcmUcsi.sys [57856 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [45056 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 udfs; C:\WINDOWS\System32\DRIVERS\udfs.sys [324608 2019-02-05] (Microsoft Corporation) [File not signed]
    U3 umbus; C:\WINDOWS\System32\drivers\umbus.sys [56832 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 UmPass; C:\WINDOWS\System32\drivers\umpass.sys [14336 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 usbcir; C:\WINDOWS\System32\drivers\usbcir.sys [102912 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 usbohci; C:\WINDOWS\System32\drivers\usbohci.sys [30208 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 usbprint; C:\WINDOWS\System32\drivers\usbprint.sys [27136 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [46592 2018-06-01] (Microsoft Corporation) [File not signed]
    U3 usbser; C:\WINDOWS\System32\drivers\usbser.sys [72192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 usbuhci; C:\WINDOWS\System32\drivers\usbuhci.sys [35328 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [236048 2018-12-18] (Oracle Corporation -> Oracle Corporation)
    U3 vhf; C:\WINDOWS\System32\drivers\vhf.sys [36352 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel(R) Software -> Intel Corporation)
    U3 VMBusHID; C:\WINDOWS\System32\drivers\VMBusHID.sys [25088 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vmgid; C:\WINDOWS\System32\drivers\vmgid.sys [10240 2018-08-02] (Microsoft Corporation) [File not signed]
    U3 vwifibus; C:\WINDOWS\System32\drivers\vwifibus.sys [27136 2018-04-11] (Microsoft Corporation) [File not signed]
    U1 vwififlt; C:\WINDOWS\System32\drivers\vwififlt.sys [76288 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 vwifimp; C:\WINDOWS\System32\drivers\vwifimp.sys [44544 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WacomPen; C:\WINDOWS\System32\drivers\wacompen.sys [30720 2018-04-11] (Microsoft Corporation) [File not signed]
    U2 wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [81920 2019-01-01] (Microsoft Corporation) [File not signed]
    U3 wanarpv6; C:\WINDOWS\System32\DRIVERS\wanarp.sys [81920 2019-01-01] (Microsoft Corporation) [File not signed]
    U3 wcnfs; C:\WINDOWS\system32\drivers\wcnfs.sys [83456 2018-12-08] (Microsoft Corporation) [File not signed]
    U3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    U3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-02-17] (Microsoft Windows -> Microsoft Corporation)
    U3 wdiwifi; C:\WINDOWS\System32\DRIVERS\wdiwifi.sys [787456 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-17] (Microsoft Windows -> Microsoft Corporation)
    U3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [228864 2018-10-21] (Microsoft Corporation) [File not signed]
    U3 WINUSB; C:\WINDOWS\System32\drivers\WinUSB.SYS [92672 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WmiAcpi; C:\WINDOWS\System32\drivers\wmiacpi.sys [18432 2018-04-11] (Microsoft Corporation) [File not signed]
    U4 ws2ifsl; C:\WINDOWS\system32\drivers\ws2ifsl.sys [23040 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WudfPf; C:\WINDOWS\System32\drivers\WudfPf.sys [125440 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WUDFRd; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [264192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WUDFWpdFs; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [264192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [264192 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 xboxgip; C:\WINDOWS\System32\drivers\xboxgip.sys [295424 2018-06-14] (Microsoft Corporation) [File not signed]
    U3 xinputhid; C:\WINDOWS\System32\drivers\xinputhid.sys [46592 2018-04-11] (Microsoft Corporation) [File not signed]
    U3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [51536 2018-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-02-18 22:12 - 2019-02-18 22:12 - 007316688 ____C (Malwarebytes) C:\Users\Cosmos\Downloads\adwcleaner_7.2.7.0.exe
    2019-02-18 22:11 - 2019-02-18 22:11 - 007316688 ____C (Malwarebytes) C:\Users\Cosmos\Downloads\AdwCleaner(2).exe
    2019-02-18 21:55 - 2019-02-18 21:55 - 000261032 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2019-02-18 21:54 - 2019-02-18 21:54 - 000012663 ____C C:\Users\Cosmos\Documents\check this later.txt
    2019-02-18 21:53 - 2019-02-18 21:53 - 000000059 ____C C:\Users\Cosmos\Documents\FIGHTING FOR EACH DAY WHEN I WAKE UP.txt
    2019-02-18 21:53 - 2019-02-18 21:53 - 000000027 ____C C:\Users\Cosmos\Documents\continue on today fro what.txt
    2019-02-18 21:53 - 2019-02-18 21:53 - 000000015 ____C C:\Users\Cosmos\Documents\20 something.txt
    2019-02-18 21:52 - 2019-02-18 21:52 - 000000349 ____C C:\Users\Cosmos\Documents\check list of today.txt
    2019-02-18 21:52 - 2019-02-18 21:52 - 000000118 ____C C:\Users\Cosmos\Documents\18+ warning on my websites.txt
    2019-02-18 21:52 - 2019-02-18 21:52 - 000000111 ____C C:\Users\Cosmos\Documents\call nissan.txt
    2019-02-18 21:52 - 2019-02-18 21:52 - 000000096 ____C C:\Users\Cosmos\Documents\webpage stuff.txt
    2019-02-18 21:52 - 2019-02-18 21:52 - 000000022 ____C C:\Users\Cosmos\Documents\idk finish this later.txt
    2019-02-18 21:51 - 2019-02-18 22:20 - 000000000 ___DC C:\Users\Cosmos\Documents\unknown
    2019-02-18 21:51 - 2019-02-18 21:51 - 000000545 ____C C:\Users\Cosmos\Documents\probiotics movie.txt
    2019-02-18 21:46 - 2019-02-18 21:54 - 000000000 ___DC C:\AdwCleaner
    2019-02-18 21:43 - 2019-02-18 21:46 - 007316688 ____C (Malwarebytes) C:\Users\Cosmos\Downloads\AdwCleaner(1).exe
    2019-02-18 19:35 - 2019-02-18 19:35 - 000028272 ____C C:\WINDOWS\system32\Drivers\truesight.sys
    2019-02-18 17:50 - 2019-02-18 17:50 - 000000000 ___DC C:\ProgramData\RogueKiller
    2019-02-18 17:50 - 2019-02-18 17:50 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2019-02-18 17:50 - 2019-02-18 17:50 - 000000000 ___DC C:\Program Files\RogueKiller
    2019-02-18 16:45 - 2019-02-18 16:45 - 000000176 ____C C:\Users\Cosmos\Documents\lawrence cannot be trusted.txt
    2019-02-18 16:28 - 2019-02-18 16:28 - 000000125 ____C C:\Users\Cosmos\Documents\movie idea (depreciation over 50-100000000000000000 years).txt
    2019-02-18 14:28 - 2019-02-18 14:28 - 000000844 ____C C:\Users\Cosmos\Documents\anything regardi chehyanna bell has nothing 0 to do with me has nothing to do with me,.txt
    2019-02-18 13:43 - 2019-02-18 13:43 - 000000068 ____C C:\Users\Cosmos\Documents\i remember this.txt
    2019-02-18 13:37 - 2019-02-18 13:37 - 000000063 ____C C:\Users\Cosmos\Documents\to remember!.txt
    2019-02-18 13:22 - 2019-02-18 13:22 - 000000047 ____C C:\Users\Cosmos\Documents\resovlved! thanks to while watching DR GUNDRY! and ref link from Lee Williams!.txt
    2019-02-18 00:15 - 2019-02-18 00:15 - 000002513 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
    2019-02-18 00:15 - 2019-02-18 00:15 - 000002504 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
    2019-02-18 00:15 - 2019-02-18 00:15 - 000002484 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
    2019-02-18 00:15 - 2019-02-18 00:15 - 000002475 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
    2019-02-18 00:15 - 2019-02-18 00:15 - 000002473 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
    2019-02-18 00:15 - 2019-02-18 00:15 - 000002449 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
    2019-02-18 00:15 - 2019-02-18 00:15 - 000002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
    2019-02-18 00:15 - 2019-02-18 00:15 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office -työkalut
    2019-02-17 23:57 - 2019-02-17 17:53 - 000592616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2019-02-17 23:03 - 2019-02-17 23:22 - 000000000 ___DC C:\Users\Cosmos\Documents\Sound recordings
    2019-02-17 22:58 - 2019-02-17 23:02 - 029333240 ____C (Adlice Software ) C:\Users\Cosmos\Downloads\RogueKiller_setup_ref3.exe
    2019-02-17 22:57 - 2019-02-17 22:57 - 000000316 ____C C:\Users\Cosmos\Desktop\make a jerlwery website for mama.txt
    2019-02-17 22:57 - 2019-02-17 22:57 - 000000178 ____C C:\Users\Cosmos\Desktop\other website stuff.txt
    2019-02-17 22:57 - 2019-02-17 22:57 - 000000129 ____C C:\Users\Cosmos\Desktop\research this.txt
    2019-02-17 22:55 - 2019-02-17 22:55 - 000001051 ____C C:\Users\Cosmos\Desktop\Label-456968695.pdf - Shortcut.lnk
    2019-02-17 17:27 - 2019-02-17 17:38 - 000000000 ___DC C:\Users\Cosmos\Documents\i don't care but mightso maybe open
    2019-02-17 17:25 - 2019-02-17 17:25 - 000000000 ___DC C:\Users\Cosmos\Documents\psychology
    2019-02-17 17:24 - 2019-02-17 17:25 - 000000000 ___DC C:\Users\Cosmos\Documents\Art
    2019-02-17 17:24 - 2019-02-17 17:24 - 000000000 ___DC C:\Users\Cosmos\Documents\Networking Lernen Maybe
    2019-02-17 17:20 - 2019-02-17 17:38 - 000000000 ___DC C:\Users\Cosmos\Documents\some things i do care some i don't care don't open delete if want to
    2019-02-17 15:26 - 2019-02-17 15:26 - 000074784 ____C C:\Users\Cosmos\Downloads\Addition.txt
    2019-02-15 18:45 - 2019-02-17 22:57 - 000000000 ___DC C:\Users\Cosmos\Documents\On going projects
    2019-02-15 12:48 - 2019-02-17 18:34 - 000000000 ___DC C:\Users\Cosmos\Documents\--- Main ---
    2019-02-15 04:37 - 2019-02-15 04:37 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
    2019-02-15 04:31 - 2019-02-15 04:37 - 000000000 ___DC C:\Users\Cosmos\Anaconda3
    2019-02-15 04:27 - 2019-02-15 04:30 - 644094168 ____C (Anaconda, Inc.) C:\Users\Cosmos\Downloads\Anaconda3-2018.12-Windows-x86_64.exe
    2019-02-15 04:22 - 2019-02-15 04:24 - 684396431 ____C C:\Users\Cosmos\Downloads\Anaconda3-2018.12-MacOSX-x86_64.pkg
    2019-02-15 04:10 - 2019-02-15 05:24 - 3011225138 ____C C:\Users\Cosmos\Downloads\Windows_7_64-bit_Professional_x64.iso.t8mcc7z.partial
    2019-02-15 04:10 - 2019-02-15 04:10 - 000000000 ____C C:\Users\Cosmos\Downloads\Windows_7_64-bit_Professional_x64.iso
    2019-02-15 00:11 - 2019-02-15 00:11 - 000002951 ____C C:\Users\Cosmos\AppData\LocalLow\wbkAF05.tmp

  5. #20
    Join Date
    Jan 2019
    Posts
    31
    2019-02-14 23:48 - 2019-02-14 23:48 - 000031000 ____C C:\Users\Cosmos\Downloads\font-awesome.min.css
    2019-02-14 23:13 - 2019-02-15 00:11 - 000002951 ____C C:\Users\Cosmos\Desktop\Welcome to Japnese Suicide Forest (2).html
    2019-02-14 23:12 - 2019-02-14 23:39 - 000000366 ____C C:\Users\Cosmos\Desktop\Welcome to Japnese Suicide Forest.html
    2019-02-14 21:34 - 2019-02-14 21:34 - 000000000 ___DC C:\Users\Cosmos\PycharmProjects
    2019-02-14 21:33 - 2019-02-14 21:33 - 000000000 ___DC C:\Users\Cosmos\.PyCharmCE2018.3
    2019-02-14 19:40 - 2019-02-14 19:40 - 000000547 ____C C:\Users\Cosmos\Desktop\accounts via email.txt
    2019-02-14 19:40 - 2019-02-14 19:40 - 000000014 ____C C:\Users\Cosmos\Desktop\widgit!!!.txt
    2019-02-14 13:01 - 2019-02-14 13:01 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains
    2019-02-14 13:00 - 2019-02-14 21:33 - 000001246 ____C C:\Users\Cosmos\Desktop\JetBrains PyCharm Community Edition 2018.3.4 x64.lnk
    2019-02-14 13:00 - 2019-02-14 13:00 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\JetBrains
    2019-02-14 12:52 - 2019-02-14 12:52 - 000000000 ___DC C:\Users\Cosmos\Documents\CoffeeCup Software
    2019-02-14 02:26 - 2019-02-14 19:39 - 000000000 ___DC C:\Users\Cosmos\Desktop\SQL
    2019-02-14 02:24 - 2019-02-14 02:24 - 000001324 ____C C:\Users\Cosmos\Desktop\Medical Coding.html
    2019-02-14 00:50 - 2019-02-14 00:50 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Macromedia
    2019-02-13 22:05 - 2019-02-13 22:05 - 000001036 ____C C:\Users\Cosmos\Desktop\Structured Query Language.txt
    2019-02-13 19:49 - 2019-02-13 20:15 - 218616696 ____C C:\Users\Cosmos\Downloads\pycharm-community-2018.3.4.exe
    2019-02-13 15:47 - 2019-02-06 02:54 - 004527584 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2019-02-13 15:47 - 2019-02-06 02:53 - 001634704 ____C (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-02-13 15:47 - 2019-02-06 02:35 - 000058368 ____C (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2019-02-13 15:47 - 2019-02-06 02:32 - 003648512 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-02-13 15:47 - 2019-02-06 02:30 - 004052992 ____C (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-02-13 15:47 - 2019-02-06 02:30 - 001662464 ____C (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2019-02-13 15:47 - 2019-02-06 02:30 - 001364992 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-02-13 15:47 - 2019-02-06 02:11 - 001454648 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-02-13 15:47 - 2019-02-06 01:57 - 000044032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2019-02-13 15:47 - 2019-02-06 01:52 - 004053504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-02-13 15:47 - 2019-02-06 01:52 - 002891776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-02-13 15:47 - 2019-02-06 01:52 - 001470976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2019-02-13 15:47 - 2019-02-05 22:01 - 001989040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2019-02-13 15:47 - 2019-02-05 22:01 - 001221432 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-02-13 15:47 - 2019-02-05 22:01 - 001029944 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-02-13 15:47 - 2019-02-05 22:01 - 000720480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2019-02-13 15:47 - 2019-02-05 22:01 - 000566568 ____C (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-02-13 15:47 - 2019-02-05 22:01 - 000134968 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-02-13 15:47 - 2019-02-05 22:01 - 000076088 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-02-13 15:47 - 2019-02-05 22:01 - 000033576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
    2019-02-13 15:47 - 2019-02-05 22:00 - 009084432 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-02-13 15:47 - 2019-02-05 22:00 - 007520112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-02-13 15:47 - 2019-02-05 22:00 - 006572416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-02-13 15:47 - 2019-02-05 22:00 - 002719760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-02-13 15:47 - 2019-02-05 22:00 - 002465792 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2019-02-13 15:47 - 2019-02-05 22:00 - 002421264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-02-13 15:47 - 2019-02-05 22:00 - 001257904 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-02-13 15:47 - 2019-02-05 22:00 - 001140680 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-02-13 15:47 - 2019-02-05 22:00 - 001130568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-02-13 15:47 - 2019-02-05 22:00 - 001098272 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-02-13 15:47 - 2019-02-05 22:00 - 000945680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
    2019-02-13 15:47 - 2019-02-05 22:00 - 000899728 ____C (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2019-02-13 15:47 - 2019-02-05 22:00 - 000466960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2019-02-13 15:47 - 2019-02-05 22:00 - 000376120 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2019-02-13 15:47 - 2019-02-05 22:00 - 000043536 ____C (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
    2019-02-13 15:47 - 2019-02-05 22:00 - 000038792 ____C (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
    2019-02-13 15:47 - 2019-02-05 21:59 - 001922064 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
    2019-02-13 15:47 - 2019-02-05 21:59 - 001457248 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-02-13 15:47 - 2019-02-05 21:59 - 000983128 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-02-13 15:47 - 2019-02-05 21:59 - 000144288 ____C (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
    2019-02-13 15:47 - 2019-02-05 21:52 - 022014464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-02-13 15:47 - 2019-02-05 21:45 - 019404288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-02-13 15:47 - 2019-02-05 21:42 - 003711488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-02-13 15:47 - 2019-02-05 21:41 - 025853952 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-02-13 15:47 - 2019-02-05 21:41 - 005307392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2019-02-13 15:47 - 2019-02-05 21:40 - 005792256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-02-13 15:47 - 2019-02-05 21:40 - 000021504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
    2019-02-13 15:47 - 2019-02-05 21:38 - 000608768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-02-13 15:47 - 2019-02-05 21:38 - 000561152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2019-02-13 15:47 - 2019-02-05 21:37 - 004515840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2019-02-13 15:47 - 2019-02-05 21:37 - 000578560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-02-13 15:47 - 2019-02-05 21:33 - 022714880 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-02-13 15:47 - 2019-02-05 21:29 - 004865536 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-02-13 15:47 - 2019-02-05 21:28 - 000046080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
    2019-02-13 15:47 - 2019-02-05 21:28 - 000039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
    2019-02-13 15:47 - 2019-02-05 21:27 - 000894464 ____C (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-02-13 15:47 - 2019-02-05 21:27 - 000808448 ____C (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-02-13 15:47 - 2019-02-05 21:27 - 000358912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
    2019-02-13 15:47 - 2019-02-05 21:27 - 000266752 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2019-02-13 15:47 - 2019-02-05 21:26 - 007599616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-02-13 15:47 - 2019-02-05 21:26 - 000726528 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-02-13 15:47 - 2019-02-05 21:26 - 000324608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
    2019-02-13 15:47 - 2019-02-05 21:26 - 000174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2019-02-13 15:47 - 2019-02-05 21:26 - 000154112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-02-13 15:47 - 2019-02-05 21:25 - 000736256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2019-02-13 15:47 - 2019-02-05 21:25 - 000507392 ____C (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2019-02-13 15:47 - 2019-02-05 21:24 - 004937728 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2019-02-13 15:47 - 2019-02-05 21:24 - 000466432 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2019-02-13 15:47 - 2019-02-05 21:23 - 000393216 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2019-02-13 15:47 - 2019-02-05 21:22 - 000960512 ____C (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2019-02-13 15:47 - 2019-02-05 21:22 - 000885760 ____C (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2019-02-13 15:47 - 2019-02-05 21:21 - 000093696 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
    2019-02-13 15:47 - 2019-02-05 20:04 - 000001314 ____C C:\WINDOWS\system32\tcbres.wim
    2019-02-13 15:47 - 2019-01-12 03:56 - 001008640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-02-13 15:47 - 2019-01-11 21:28 - 000352768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-02-13 15:47 - 2019-01-09 13:08 - 000309560 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2019-02-13 15:47 - 2019-01-09 12:57 - 000720536 ____C (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-02-13 15:47 - 2019-01-09 12:42 - 004716032 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-02-13 15:47 - 2019-01-09 12:41 - 012730368 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-02-13 15:47 - 2019-01-09 12:41 - 000064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2019-02-13 15:47 - 2019-01-09 12:40 - 000171520 ____C (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
    2019-02-13 15:47 - 2019-01-09 12:36 - 001054720 ____C (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2019-02-13 15:47 - 2019-01-09 12:35 - 002919936 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2019-02-13 15:47 - 2019-01-09 05:14 - 000607744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-02-13 15:47 - 2019-01-09 04:55 - 011919872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-02-13 15:47 - 2019-01-09 04:55 - 000150016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
    2019-02-13 15:47 - 2019-01-09 03:55 - 001285432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2019-02-13 15:47 - 2019-01-09 03:48 - 000527368 ____C (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-02-13 15:47 - 2019-01-09 00:59 - 000611848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2019-02-13 15:47 - 2019-01-09 00:44 - 000078688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 006043496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 004789944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 002253480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 001981280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 001620264 ____C C:\WINDOWS\SysWOW64\ntdll.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 000607376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 000581592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 000287640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 000129088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 000127744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
    2019-02-13 15:47 - 2019-01-09 00:43 - 000071456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
    2019-02-13 15:47 - 2019-01-09 00:42 - 001035232 ____C (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-02-13 15:47 - 2019-01-09 00:42 - 000092704 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
    2019-02-13 15:47 - 2019-01-09 00:40 - 002765336 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-02-13 15:47 - 2019-01-09 00:40 - 001063224 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-02-13 15:47 - 2019-01-09 00:40 - 000432952 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
    2019-02-13 15:47 - 2019-01-09 00:40 - 000226104 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2019-02-13 15:47 - 2019-01-09 00:40 - 000090872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 007436016 ____C (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 004404720 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 002571632 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 001943128 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 000789696 ____C (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 000713264 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 000349656 ____C (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 000269624 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 000260800 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 000175416 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2019-02-13 15:47 - 2019-01-09 00:39 - 000164192 ____C (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
    2019-02-13 15:47 - 2019-01-09 00:39 - 000085472 ____C (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
    2019-02-13 15:47 - 2019-01-09 00:33 - 016597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2019-02-13 15:47 - 2019-01-09 00:32 - 013878272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2019-02-13 15:47 - 2019-01-09 00:29 - 008188928 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2019-02-13 15:47 - 2019-01-09 00:29 - 002500096 ____C (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
    2019-02-13 15:47 - 2019-01-09 00:27 - 004710912 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2019-02-13 15:47 - 2019-01-09 00:27 - 004384256 ____C (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-02-13 15:47 - 2019-01-09 00:27 - 001587712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2019-02-13 15:47 - 2019-01-09 00:26 - 006661632 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-02-13 15:47 - 2019-01-09 00:26 - 003396608 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-02-13 15:47 - 2019-01-09 00:26 - 002966016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-02-13 15:47 - 2019-01-09 00:25 - 000161792 ____C (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
    2019-02-13 15:47 - 2019-01-09 00:24 - 000209408 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2019-02-13 15:47 - 2019-01-09 00:24 - 000174080 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
    2019-02-13 15:47 - 2019-01-09 00:24 - 000157184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 002368000 ____C (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 001708544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 001361408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 001189888 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 000898560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 000145920 ____C (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 000100864 ____C (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2019-02-13 15:47 - 2019-01-09 00:23 - 000067072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 001551360 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 001395200 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 000624640 ____C (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 000392704 ____C (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 000333824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 000266752 ____C (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 000138752 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
    2019-02-13 15:47 - 2019-01-09 00:22 - 000126976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
    2019-02-13 15:47 - 2019-01-09 00:21 - 002173440 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-02-13 15:47 - 2019-01-09 00:21 - 000197632 ____C (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
    2019-02-13 15:47 - 2019-01-09 00:21 - 000106496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
    2019-02-13 15:47 - 2019-01-09 00:20 - 001000448 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2019-02-13 15:47 - 2019-01-09 00:20 - 000916480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2019-02-13 15:47 - 2019-01-09 00:20 - 000607232 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-02-13 15:47 - 2019-01-09 00:20 - 000135680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
    2019-02-13 15:47 - 2019-01-09 00:19 - 000678400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2019-02-13 15:47 - 2019-01-09 00:19 - 000507392 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-02-13 15:47 - 2019-01-09 00:19 - 000316928 ____C (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2019-02-13 15:47 - 2019-01-09 00:19 - 000251904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-02-13 15:47 - 2019-01-09 00:18 - 000195584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
    2019-02-13 15:47 - 2019-01-08 23:34 - 000806320 ____C C:\WINDOWS\SysWOW64\locale.nls
    2019-02-13 15:47 - 2019-01-08 23:34 - 000806320 ____C C:\WINDOWS\system32\locale.nls
    2019-02-13 15:47 - 2019-01-08 04:08 - 000868864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-02-13 15:47 - 2019-01-07 22:06 - 001311744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-02-13 15:47 - 2019-01-07 22:06 - 000313344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
    2019-02-13 15:47 - 2019-01-07 22:06 - 000000072 ____C C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
    2019-02-13 06:22 - 2019-02-13 06:22 - 000519872 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
    2019-02-12 22:09 - 2019-02-18 21:51 - 000003482 ____C C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2019-02-12 22:09 - 2019-02-12 22:09 - 000002457 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2019-02-12 22:09 - 2019-02-12 22:09 - 000002128 ____C C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2019-02-12 22:09 - 2019-02-12 22:09 - 000002128 ____C C:\ProgramData\Desktop\Acrobat Reader DC.lnk
    2019-02-12 22:08 - 2019-02-12 22:08 - 000000000 ___DC C:\Program Files (x86)\Adobe
    2019-02-12 22:07 - 2019-02-13 22:00 - 000000000 ___DC C:\ProgramData\Adobe
    2019-02-12 22:05 - 2019-02-18 16:27 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\Adobe
    2019-02-12 21:47 - 2019-02-12 21:47 - 000000000 ___HC C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
    2019-02-12 18:42 - 2019-02-13 03:21 - 000000444 ____C C:\WINDOWS\system32\Drivers\etc\hosts.ics
    2019-02-12 18:22 - 2019-02-12 18:22 - 000000000 ___DC C:\Users\Cosmos\obj
    2019-02-12 17:30 - 2019-02-12 17:39 - 000000000 ___DC C:\Users\Cosmos\myWebApp
    2019-02-12 17:25 - 2019-02-12 17:25 - 000002003 ____C C:\Users\Cosmos\Startup.cs
    2019-02-12 17:25 - 2019-02-12 17:25 - 000000628 ____C C:\Users\Cosmos\Program.cs
    2019-02-12 17:25 - 2019-02-12 17:25 - 000000413 ____C C:\Users\Cosmos\Cosmos.csproj
    2019-02-12 17:25 - 2019-02-12 17:25 - 000000146 ____C C:\Users\Cosmos\appsettings.Development.json
    2019-02-12 17:25 - 2019-02-12 17:25 - 000000105 ____C C:\Users\Cosmos\appsettings.json
    2019-02-12 17:25 - 2019-02-12 17:25 - 000000000 ___DC C:\Users\Cosmos\wwwroot
    2019-02-12 17:25 - 2019-02-12 17:25 - 000000000 ___DC C:\Users\Cosmos\Properties
    2019-02-12 17:25 - 2019-02-12 17:25 - 000000000 ___DC C:\Users\Cosmos\Pages
    2019-02-12 16:27 - 2019-02-13 13:39 - 000000000 ___DC C:\Users\Cosmos\Documents\OneNote Notebooks
    2019-02-12 15:56 - 2019-02-12 15:56 - 000362888 ____C (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2019-02-11 17:58 - 2019-02-11 17:58 - 000000931 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
    2019-02-11 17:58 - 2019-02-11 17:58 - 000000000 ___DC C:\Program Files\Sublime Text 3
    2019-02-11 17:55 - 2019-02-11 17:55 - 000001958 ____C C:\Users\Public\Desktop\Storage Backup Software.lnk
    2019-02-11 17:55 - 2019-02-11 17:55 - 000001958 ____C C:\ProgramData\Desktop\Storage Backup Software.lnk
    2019-02-11 17:55 - 2019-02-11 17:55 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
    2019-02-11 17:55 - 2019-02-11 17:55 - 000000000 ___DC C:\Program Files (x86)\TOSHIBA
    2019-02-11 17:53 - 2019-02-11 17:54 - 009475672 ____C (Toshiba Electronic Devices & Storage Corporation) C:\Users\Cosmos\Downloads\StorageBackupSoftware_1.21.7820.exe
    2019-02-11 17:52 - 2019-02-11 17:52 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\U3
    2019-02-11 15:00 - 2017-12-21 15:32 - 000935105 ____C C:\Users\Cosmos\Documents\Task management.accdt
    2019-02-11 00:56 - 2019-02-13 00:15 - 000000388 ____C C:\Users\Cosmos\Desktop\future wife - nurse.txt
    2019-02-10 18:29 - 2018-04-10 21:10 - 007242240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0011.dll
    2019-02-10 18:29 - 2018-04-10 21:10 - 002454528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0011.dll
    2019-02-10 18:29 - 2018-04-10 21:10 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70011.dll
    2019-02-10 18:29 - 2018-04-10 21:09 - 007702016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0011.dll
    2019-02-10 18:29 - 2018-04-10 21:05 - 007406080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0011.dll
    2019-02-10 18:29 - 2018-04-10 21:05 - 000712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70011.dll
    2019-02-10 18:29 - 2017-10-29 18:10 - 000002060 _____ C:\WINDOWS\system32\noise.jpn
    2019-02-09 15:53 - 2019-02-09 15:53 - 000000000 ___DC C:\Users\Cosmos\Desktop\Italiana
    2019-02-08 22:18 - 2019-02-08 22:18 - 000000160 ____C C:\Users\Cosmos\Desktop\ol and li.html
    2019-02-08 22:02 - 2019-02-08 22:03 - 000588153 ____C C:\Users\Cosmos\Downloads\13455212.txt
    2019-02-08 18:40 - 2019-02-15 14:29 - 000000000 ___DC C:\Users\Cosmos\Documents\Prior to 2 Feb 2019
    2019-02-08 18:39 - 2019-02-08 18:39 - 000000084 ____C C:\Users\Cosmos\Desktop\remmebering watersheds.txt
    2019-02-08 18:00 - 2019-02-08 18:00 - 000018927 ____C C:\Users\Cosmos\AppData\LocalLow\wbk762D.tmp
    2019-02-08 15:18 - 2019-02-08 15:18 - 000000149 ____C C:\Users\Cosmos\Desktop\writing a book.txt
    2019-02-07 21:30 - 2019-02-07 21:30 - 000000503 ____C C:\Users\Cosmos\Desktop\genius!.txt
    2019-02-07 10:58 - 2019-02-12 12:52 - 000000605 ____C C:\Users\Cosmos\Desktop\test website.html
    2019-02-07 10:57 - 2019-02-15 00:12 - 000000715 ____C C:\Users\Cosmos\Desktop\test html.html
    2019-02-07 09:02 - 2019-02-07 12:13 - 000000000 ___DC C:\Users\Cosmos\Documents\Visual Studio 2017
    2019-02-07 00:56 - 2019-02-07 00:56 - 051108160 ____C C:\Users\Cosmos\Downloads\eclipse-inst-win64.exe
    2019-02-07 00:50 - 2019-02-07 00:51 - 000000000 ___DC C:\Users\Cosmos\Desktop\Java
    2019-02-07 00:49 - 2019-02-07 00:49 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Sun
    2019-02-07 00:48 - 2019-02-07 00:48 - 000099192 ____C (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2019-02-07 00:48 - 2019-02-07 00:48 - 000000000 ___DC C:\ProgramData\Oracle
    2019-02-07 00:48 - 2019-02-07 00:48 - 000000000 ___DC C:\Program Files (x86)\Java
    2019-02-07 00:47 - 2019-02-07 00:47 - 001962336 ____C (Oracle Corporation) C:\Users\Cosmos\Downloads\JavaSetup8u201.exe
    2019-02-07 00:46 - 2019-02-07 00:46 - 014467050 ____C C:\Users\Cosmos\Downloads\drjava-beta-20160913-225446.exe
    2019-02-07 00:43 - 2019-02-08 14:48 - 000001208 ____C C:\Users\Cosmos\.drjava
    2019-02-07 00:43 - 2019-02-07 00:43 - 000001918 ____C C:\Users\Cosmos\AppData\Local\1
    2019-02-07 00:43 - 2019-02-07 00:43 - 000000958 ____C C:\Users\Cosmos\Desktop\DrJava.lnk
    2019-02-07 00:43 - 2019-02-07 00:43 - 000000879 ____C C:\Users\Cosmos\Desktop\Command Prompt.lnk
    2019-02-07 00:42 - 2019-02-08 14:38 - 000000000 ___DC C:\Users\Cosmos\introcs
    2019-02-07 00:42 - 2019-02-07 00:42 - 000358912 ____C (Princeton University) C:\Users\Cosmos\Downloads\introcs.exe
    2019-02-07 00:42 - 2019-02-07 00:42 - 000167936 ____C C:\Users\Cosmos\AppData\Local\unzip.exe
    2019-02-07 00:42 - 2019-02-07 00:42 - 000015173 ____C C:\Users\Cosmos\AppData\Local\introcs.ps1
    2019-02-07 00:29 - 2019-02-07 00:29 - 000000000 ___DC C:\WINDOWS\nn-NO
    2019-02-06 12:27 - 2019-02-06 12:27 - 000000000 ____C C:\Users\Cosmos\netstat
    2019-02-05 22:44 - 2019-02-05 22:44 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Microsoft Corporation
    2019-02-05 22:44 - 2019-02-05 22:44 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\Xamarin
    2019-02-05 21:01 - 2017-07-12 18:40 - 000126064 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelHaxm.sys
    2019-02-05 21:00 - 2019-02-05 21:00 - 000000000 ___DC C:\Program Files (x86)\Xamarin
    2019-02-05 21:00 - 2019-02-05 21:00 - 000000000 ___DC C:\Program Files (x86)\Android
    2019-02-05 20:56 - 2019-02-05 20:56 - 000000000 ___DC C:\WINDOWS\symbols
    2019-02-05 20:56 - 2019-02-05 20:56 - 000000000 ___DC C:\Program Files\Windows Identity Foundation
    2019-02-05 20:56 - 2019-02-05 20:56 - 000000000 ___DC C:\Program Files\Microsoft Identity Extensions
    2019-02-05 20:56 - 2019-02-05 20:56 - 000000000 ___DC C:\Program Files (x86)\Workflow Manager Tools
    2019-02-05 20:56 - 2019-02-05 20:56 - 000000000 ___DC C:\Program Files (x86)\Open XML SDK
    2019-02-05 20:54 - 2019-02-07 18:55 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.6
    2019-02-05 20:42 - 2019-02-05 20:42 - 000000000 ___DC C:\Program Files\Microsoft ASP.NET Core Runtime Package Store
    2019-02-05 20:38 - 2019-02-05 20:38 - 000001796 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2017 (3).lnk
    2019-02-05 20:33 - 2019-02-05 20:33 - 000001491 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017 (3).lnk
    2019-02-05 19:12 - 2019-02-05 19:14 - 008905825 ____C C:\Users\Cosmos\Downloads\Brown Simple Church Newsletter.pdf
    2019-02-05 17:24 - 2019-02-05 17:24 - 000000000 ___DC C:\Users\Cosmos\Documents\node
    2019-02-05 15:36 - 2019-02-05 15:36 - 000000600 ____C C:\Users\Cosmos\AppData\Local\PUTTY.RND
    2019-02-05 15:27 - 2019-02-05 15:27 - 000000000 ___DC C:\ProgramData\Mozilla
    2019-02-05 14:38 - 2019-01-16 20:01 - 000000601 ____C C:\Users\Cosmos\Desktop\Core FTP Server(x64).lnk
    2019-02-05 13:26 - 2019-02-05 13:26 - 000000000 ___DC C:\Users\Cosmos\Documents\Custom Office Templates
    2019-02-04 01:15 - 2019-02-18 22:22 - 000000000 ___DC C:\Users\Cosmos\Documents\Outlook Files
    2019-02-04 01:14 - 2019-02-18 22:03 - 000469876 ____C C:\WINDOWS\system32\perfh006.dat
    2019-02-04 01:14 - 2019-02-18 22:03 - 000080688 ____C C:\WINDOWS\system32\perfc006.dat
    2019-02-04 01:14 - 2019-02-03 14:13 - 000312234 ____C C:\WINDOWS\system32\perfi006.dat
    2019-02-04 01:14 - 2019-02-03 14:13 - 000041338 ____C C:\WINDOWS\system32\perfd006.dat
    2019-02-04 01:13 - 2019-02-04 01:13 - 000000000 ___DC C:\WINDOWS\SysWOW64\da
    2019-02-04 01:13 - 2019-02-04 01:13 - 000000000 ___DC C:\WINDOWS\system32\da
    2019-02-03 23:58 - 2019-02-04 13:25 - 000001399 ____C C:\Users\Cosmos\Desktop\xplorephotographyAbout.html
    2019-02-03 23:16 - 2019-02-18 14:56 - 000000000 ___DC C:\Users\Cosmos\Documents\My Web Sites
    2019-02-03 23:16 - 2019-02-03 23:16 - 000000000 ___DC C:\Users\Cosmos\Documents\IISExpress
    2019-02-03 17:54 - 2019-02-03 17:55 - 007954904 ____C (Tim Kosse) C:\Users\Cosmos\Downloads\FileZilla_3.40.0_win64-setup.exe
    2019-02-03 14:44 - 2019-02-05 22:25 - 000000000 ___DC C:\Users\Cosmos\Desktop\Saved Ebay Messages 2-3-2019
    2019-02-03 14:08 - 2018-04-10 21:10 - 007046144 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0006.dll
    2019-02-02 20:36 - 2019-02-07 18:56 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\Package Cache
    2019-02-02 20:36 - 2019-02-06 18:29 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7
    2019-02-02 00:51 - 2019-02-18 21:51 - 000003758 ____C C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2019-02-01 22:44 - 2019-02-05 18:05 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\uTorrent Web
    2019-02-01 22:44 - 2019-02-01 22:44 - 000001888 ____C C:\Users\Cosmos\Desktop\uTorrent Web.lnk
    2019-02-01 22:44 - 2019-02-01 22:44 - 000001874 ____C C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
    2019-01-31 15:33 - 2019-02-01 11:38 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Wireshark
    2019-01-31 15:16 - 2019-01-31 15:16 - 000001831 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
    2019-01-31 14:51 - 2019-01-31 14:51 - 000000000 ___DC C:\Program Files (x86)\WinPcap
    2019-01-31 14:50 - 2019-01-31 15:16 - 000000000 ___DC C:\Program Files\Wireshark
    2019-01-29 23:13 - 2019-01-29 23:15 - 146827472 ____C (Microsoft Corporation) C:\Users\Cosmos\Downloads\dotnet-sdk-2.2.103-win-x64.exe
    2019-01-29 23:09 - 2019-01-29 23:09 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\ASP.NET
    2019-01-29 17:22 - 2019-01-29 18:51 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Notepad++
    2019-01-29 17:22 - 2019-01-29 17:22 - 000000881 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
    2019-01-29 17:22 - 2019-01-29 17:22 - 000000869 ____C C:\Users\Public\Desktop\Notepad++.lnk
    2019-01-29 17:22 - 2019-01-29 17:22 - 000000869 ____C C:\ProgramData\Desktop\Notepad++.lnk
    2019-01-29 17:22 - 2019-01-29 17:22 - 000000000 ___DC C:\Program Files\Notepad++
    2019-01-25 21:29 - 2019-01-25 21:29 - 000906016 ____C (O&O Software GmbH) C:\Users\Cosmos\Downloads\OOSU10.exe
    2019-01-25 14:23 - 2019-01-25 14:23 - 000132787 ____C C:\Users\Cosmos\Downloads\CCS_Content_Outline_Update_090718.pdf
    2019-01-23 23:09 - 2019-01-24 19:14 - 000000000 ___DC C:\WINDOWS\Minidump
    2019-01-23 19:51 - 2019-01-23 19:51 - 000002685 ____C C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
    2019-01-23 19:51 - 2019-01-23 19:51 - 000002685 ____C C:\ProgramData\Desktop\Intel(R) Extreme Tuning Utility.lnk
    2019-01-23 19:51 - 2010-05-26 11:41 - 002526056 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
    2019-01-23 19:51 - 2010-05-26 11:41 - 002106216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
    2019-01-23 19:50 - 2019-01-23 19:50 - 000000000 ___DC C:\WINDOWS\System32\Tasks\Intel
    2019-01-23 19:50 - 2019-01-23 19:50 - 000000000 ___DC C:\Program Files\Microsoft SQL Server Compact Edition
    2019-01-23 19:50 - 2019-01-23 19:50 - 000000000 ___DC C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2019-01-21 00:20 - 2019-01-21 00:20 - 000002368 ____C C:\Users\Cosmos\Desktop\Symbility Mobile Claims.lnk
    2019-01-21 00:20 - 2019-01-21 00:20 - 000002324 ____C C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symbility Mobile Claims.lnk
    2019-01-20 01:20 - 2019-01-20 01:20 - 000000000 ___DC C:\Users\Cosmos\app

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-02-18 22:25 - 2019-01-13 15:07 - 000509952 ____C C:\WINDOWS\system32\Drivers\fvstore.dat
    2019-02-18 22:25 - 2019-01-13 14:15 - 001474832 ____C C:\WINDOWS\system32\Drivers\sfi.dat
    2019-02-18 22:25 - 2019-01-05 21:47 - 000000000 ___DC C:\ProgramData\regid.1991-06.com.microsoft
    2019-02-18 22:24 - 2019-01-10 15:51 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\CrashDumps
    2019-02-18 22:22 - 2017-12-21 23:15 - 000000000 ___DC C:\Users\Cosmos\AppData\LocalLow\Mozilla
    2019-02-18 22:03 - 2019-01-05 21:57 - 000741750 ____C C:\WINDOWS\system32\perfh01F.dat
    2019-02-18 22:03 - 2019-01-05 21:57 - 000161336 ____C C:\WINDOWS\system32\perfc01F.dat
    2019-02-18 22:03 - 2019-01-05 21:56 - 000809320 ____C C:\WINDOWS\system32\perfh019.dat
    2019-02-18 22:03 - 2019-01-05 21:56 - 000168028 ____C C:\WINDOWS\system32\perfc019.dat
    2019-02-18 22:03 - 2019-01-05 21:54 - 000507892 ____C C:\WINDOWS\system32\perfh011.dat
    2019-02-18 22:03 - 2019-01-05 21:54 - 000147312 ____C C:\WINDOWS\system32\perfc011.dat
    2019-02-18 22:03 - 2019-01-05 21:52 - 000832216 ____C C:\WINDOWS\system32\perfh00C.dat
    2019-02-18 22:03 - 2019-01-05 21:52 - 000167602 ____C C:\WINDOWS\system32\perfc00C.dat
    2019-02-18 22:03 - 2019-01-05 21:50 - 000598130 ____C C:\WINDOWS\system32\perfh008.dat
    2019-02-18 22:03 - 2019-01-05 21:50 - 000108854 ____C C:\WINDOWS\system32\perfc008.dat
    2019-02-18 22:03 - 2019-01-05 21:49 - 000785774 ____C C:\WINDOWS\system32\perfh007.dat
    2019-02-18 22:03 - 2019-01-05 21:49 - 000167870 ____C C:\WINDOWS\system32\perfc007.dat
    2019-02-18 22:03 - 2019-01-05 21:46 - 000000000 ___DC C:\WINDOWS\INF
    2019-02-18 22:03 - 2019-01-05 19:14 - 006565410 ____C C:\WINDOWS\system32\PerfStringBackup.INI
    2019-02-18 22:01 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\AppReadiness
    2019-02-18 21:55 - 2019-01-05 21:42 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2019-02-18 21:55 - 2019-01-05 19:09 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
    2019-02-18 21:55 - 2019-01-05 19:04 - 000000000 ___DC C:\ProgramData\NVIDIA
    2019-02-18 21:54 - 2019-01-05 21:42 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2019-02-18 21:51 - 2019-01-08 13:28 - 000002800 ____C C:\WINDOWS\System32\Tasks\Git for Windows Updater
    2019-02-18 21:51 - 2019-01-08 01:25 - 000000000 ___DC C:\WINDOWS\System32\Tasks\Avast Software
    2019-02-18 21:51 - 2019-01-07 17:24 - 000002626 ____C C:\WINDOWS\System32\Tasks\Study Anki
    2019-02-18 21:51 - 2019-01-06 20:17 - 000002216 ____C C:\WINDOWS\System32\Tasks\Quick Access
    2019-02-18 21:51 - 2019-01-05 21:31 - 000002848 ____C C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-236146839-932208297-861440787-1001
    2019-02-18 21:51 - 2019-01-05 19:09 - 000004302 ____C C:\WINDOWS\System32\Tasks\Software Update Application
    2019-02-18 21:51 - 2019-01-05 19:09 - 000003852 ____C C:\WINDOWS\System32\Tasks\ACCAgent
    2019-02-18 21:51 - 2019-01-05 19:09 - 000003118 ____C C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
    2019-02-18 21:51 - 2019-01-05 19:09 - 000002820 ____C C:\WINDOWS\System32\Tasks\ACC
    2019-02-18 21:51 - 2019-01-05 19:09 - 000002560 ____C C:\WINDOWS\System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2019-02-18 21:51 - 2019-01-05 19:09 - 000002328 ____C C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
    2019-02-18 21:51 - 2019-01-05 19:09 - 000002162 ____C C:\WINDOWS\System32\Tasks\User Boot Experience Task
    2019-02-18 16:28 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\SysWOW64\Macromed
    2019-02-18 16:28 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\Macromed
    2019-02-18 15:46 - 2019-01-05 19:03 - 000000000 ___DC C:\WINDOWS\system32\SleepStudy
    2019-02-18 00:14 - 2017-03-10 12:45 - 000000000 ___DC C:\Program Files (x86)\Microsoft Office
    2019-02-17 18:56 - 2019-01-07 17:10 - 000000000 ___DC C:\WINDOWS\System32\Tasks\CareCenter
    2019-02-17 18:05 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\LiveKernelReports
    2019-02-17 17:55 - 2019-01-05 19:09 - 000000000 ___DC C:\WINDOWS\system32\Drivers\wd
    2019-02-17 17:54 - 2019-01-05 21:47 - 000000000 ___DC C:\Program Files\Windows Defender
    2019-02-17 15:19 - 2019-01-08 01:24 - 000004264 ____C C:\WINDOWS\System32\Tasks\Avast Emergency Update
    2019-02-16 11:41 - 2019-01-14 20:06 - 000000000 ___DC C:\Program Files\rempl
    2019-02-15 19:37 - 2017-12-22 13:31 - 000000000 _SHDC C:\Users\Cosmos\IntelGraphicsProfiles
    2019-02-15 18:47 - 2019-01-05 19:08 - 000000000 ___DC C:\Users\Cosmos
    2019-02-15 18:44 - 2019-01-04 23:03 - 000000000 ___DC C:\FRST
    2019-02-15 18:18 - 2019-01-08 01:24 - 000474456 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2019-02-15 14:31 - 2019-01-08 16:48 - 000000499 ____C C:\Users\Cosmos\Desktop\website idea.txt
    2019-02-15 04:36 - 2018-11-23 23:11 - 000000000 ___DC C:\Users\Cosmos\lpthw
    2019-02-15 03:29 - 2019-01-07 08:56 - 000000000 ___DC C:\Program Files\Mozilla Firefox
    2019-02-15 03:29 - 2019-01-07 08:56 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
    2019-02-15 02:15 - 2018-10-30 12:55 - 000005438 ____C C:\Users\Cosmos\.node_repl_history
    2019-02-14 22:55 - 2019-01-05 21:47 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-02-14 22:55 - 2019-01-05 19:15 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\Packages
    2019-02-14 22:54 - 2019-01-06 20:08 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\PlaceholderTileLogoFolder
    2019-02-14 21:35 - 2019-01-05 21:51 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Visual Studio Setup
    2019-02-14 19:38 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\NDF
    2019-02-14 13:28 - 2019-01-07 08:56 - 000001009 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2019-02-14 13:26 - 2018-11-16 01:22 - 000000000 ___DC C:\Users\Cosmos\.p2
    2019-02-14 12:46 - 2019-01-05 19:03 - 000448824 ____C C:\WINDOWS\system32\FNTCACHE.DAT
    2019-02-14 03:38 - 2019-01-05 19:08 - 000000000 ___DC C:\Users\defaultuser0
    2019-02-14 03:37 - 2019-01-05 21:47 - 000000000 __SDC C:\WINDOWS\SysWOW64\F12
    2019-02-14 03:37 - 2019-01-05 21:47 - 000000000 __SDC C:\WINDOWS\system32\F12
    2019-02-14 03:37 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\TextInput
    2019-02-14 03:37 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\ShellExperiences
    2019-02-14 03:37 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\bcastdvr
    2019-02-14 03:36 - 2019-01-07 17:23 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Anki2
    2019-02-13 21:39 - 2019-01-08 13:36 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\heroku
    2019-02-13 15:51 - 2019-01-05 21:44 - 000000000 ___DC C:\WINDOWS\CbsTemp
    2019-02-13 15:46 - 2019-01-14 20:07 - 000000000 ___DC C:\WINDOWS\system32\MRT
    2019-02-13 15:44 - 2019-01-14 20:07 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-02-12 23:08 - 2018-01-28 01:24 - 000000000 ___DC C:\Users\Cosmos\AppData\LocalLow\Adobe
    2019-02-12 17:25 - 2018-11-14 22:50 - 000000000 ___DC C:\Users\Cosmos\.dotnet
    2019-02-12 16:30 - 2017-03-10 12:59 - 006690768 ____C C:\WINDOWS\SysWOW64\PerfStringBackup.INI
    2019-02-12 15:56 - 2019-01-14 09:38 - 000225680 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 001034432 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000379952 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000320696 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000216784 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000205400 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000196072 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000167304 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000112312 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000087944 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000057960 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
    2019-02-12 15:56 - 2019-01-08 01:24 - 000042288 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2019-02-12 15:56 - 2019-01-05 21:47 - 000000000 __HDC C:\WINDOWS\ELAMBKUP
    2019-02-12 15:50 - 2019-01-05 19:31 - 000000000 ___DC C:\ProgramData\Packages
    2019-02-11 20:26 - 2019-01-16 20:04 - 000000000 ___DC C:\ftp
    2019-02-11 17:55 - 2017-03-10 13:21 - 000000000 __HDC C:\Program Files (x86)\InstallShield Installation Information
    2019-02-10 18:29 - 2019-01-05 21:58 - 000000000 ____D C:\WINDOWS\OCR
    2019-02-10 17:22 - 2019-01-05 19:08 - 000002366 ____C C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-02-10 17:22 - 2017-12-22 13:32 - 000000000 _RDCL C:\Users\Cosmos\OneDrive
    2019-02-10 14:38 - 2019-01-05 19:17 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\ElevatedDiagnostics
    2019-02-09 01:21 - 2018-11-14 22:49 - 000005735 ____C C:\Users\Cosmos\.bash_history
    2019-02-08 14:35 - 2019-01-16 20:01 - 000000000 ___DC C:\Program Files\CoreFTPServer
    2019-02-07 18:29 - 2017-03-10 12:58 - 000000000 ___DC C:\ProgramData\Package Cache
    2019-02-07 00:48 - 2018-11-16 01:20 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2019-02-07 00:29 - 2019-01-05 21:58 - 000000000 ___DC C:\WINDOWS\SysWOW64\nn-NO
    2019-02-07 00:29 - 2019-01-05 21:58 - 000000000 ___DC C:\WINDOWS\system32\nn-NO
    2019-02-07 00:29 - 2019-01-05 21:47 - 000000000 __RDC C:\WINDOWS\ImmersiveControlPanel
    2019-02-07 00:29 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\oobe
    2019-02-07 00:29 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\PolicyDefinitions
    2019-02-07 00:29 - 2019-01-05 21:47 - 000000000 ___DC C:\Program Files\Windows Photo Viewer
    2019-02-07 00:29 - 2019-01-05 21:47 - 000000000 ___DC C:\Program Files (x86)\Windows Photo Viewer
    2019-02-07 00:08 - 2019-01-13 15:13 - 000000000 ___DC C:\Users\Cosmos\Downloads\Program Downloads
    2019-02-07 00:08 - 2019-01-07 08:56 - 000000000 ___DC C:\Users\Cosmos\Downloads\Antivirus
    2019-02-07 00:08 - 2019-01-05 21:48 - 000000000 ___DC C:\Users\Cosmos\Downloads\Programming
    2019-02-06 18:35 - 2018-12-01 14:16 - 000000000 ___DC C:\Users\Cosmos\Java Projects
    2019-02-05 21:01 - 2019-01-05 19:04 - 000000000 ___DC C:\Program Files\Intel
    2019-02-05 20:57 - 2019-01-05 21:47 - 000000000 ___DC C:\Program Files\Common Files\microsoft shared
    2019-02-05 20:42 - 2019-01-05 21:57 - 000000000 ___DC C:\Program Files\dotnet
    2019-02-05 20:23 - 2019-01-05 21:51 - 000001355 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
    2019-02-05 20:23 - 2019-01-05 21:51 - 000000000 ___DC C:\Program Files (x86)\Microsoft Visual Studio
    2019-02-05 18:00 - 2019-01-15 18:52 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\FileZilla
    2019-02-05 15:36 - 2019-01-15 18:52 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\FileZilla
    2019-02-04 01:13 - 2019-01-05 21:58 - 000000000 ___DC C:\WINDOWS\SysWOW64\XPSViewer
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\SysWOW64\winrm
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\SysWOW64\WCN
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\SysWOW64\slmgr
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\system32\winrm
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\system32\WCN
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\system32\slmgr
    2019-02-04 01:13 - 2019-01-05 21:49 - 000000000 ___DC C:\WINDOWS\system32\Printing_Admin_Scripts
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 __SDC C:\WINDOWS\SysWOW64\DiagSvcs
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 __SDC C:\WINDOWS\system32\DiagSvcs
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\SysWOW64\oobe
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\SysWOW64\MUI
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\SysWOW64\Dism
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\SysWOW64\com
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\WinBioPlugIns
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\Sysprep
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\MUI
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\migwiz
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\Dism
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\system32\com
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\IME
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\WINDOWS\Help
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\Program Files\Common Files\system
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ___DC C:\Program Files (x86)\Windows Defender
    2019-02-04 01:13 - 2019-01-05 21:47 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2019-02-04 01:13 - 2019-01-05 21:42 - 000000000 ____D C:\WINDOWS\servicing
    2019-02-03 23:45 - 2019-01-05 19:15 - 000000000 ___DC C:\Users\Cosmos\AppData\Local\Publishers
    2019-02-03 17:55 - 2019-01-15 18:52 - 000001931 ____C C:\Users\Cosmos\Desktop\FileZilla Client.lnk
    2019-02-03 17:55 - 2019-01-15 18:52 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
    2019-02-03 17:55 - 2019-01-15 18:52 - 000000000 ___DC C:\Program Files\FileZilla FTP Client
    2019-02-02 17:53 - 2019-01-05 21:49 - 000835480 ____C (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2019-02-02 17:53 - 2019-01-05 21:49 - 000179600 ____C (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2019-01-31 15:33 - 2019-01-18 21:53 - 000000000 ___DC C:\Program Files (x86)\Project64 2.3
    2019-01-31 15:33 - 2019-01-07 21:17 - 000000000 ___DC C:\Python27
    2019-01-31 15:31 - 2019-01-13 16:18 - 000000000 ___DC C:\ProgramData\VirtualBox
    2019-01-31 15:31 - 2018-12-07 01:36 - 000000000 ___DC C:\Users\Cosmos\VirtualBox VMs
    2019-01-31 15:31 - 2018-10-29 20:44 - 000000000 ___DC C:\Users\Cosmos\.VirtualBox
    2019-01-31 14:51 - 2018-11-18 23:22 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
    2019-01-28 00:28 - 2019-01-08 01:41 - 000000000 ___DC C:\Users\Cosmos\AppData\Roaming\Atom
    2019-01-25 16:47 - 2019-01-08 13:36 - 000000204 ____C C:\Users\Cosmos\_netrc
    2019-01-23 23:12 - 2017-03-10 12:59 - 000000000 ___DC C:\ProgramData\Intel
    2019-01-23 19:51 - 2017-03-10 12:59 - 000000000 __RDC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2019-01-23 19:50 - 2019-01-05 19:04 - 000000000 ___DC C:\Program Files (x86)\Intel

  6. #21
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I still need the rest of the log and also second log.

  7. #22
    Join Date
    Jan 2019
    Posts
    31
    ==================== Files in the root of some directories =======

    2019-02-07 00:43 - 2019-02-07 00:43 - 000001918 ____C () C:\Users\Cosmos\AppData\Local\1
    2019-02-07 00:42 - 2019-02-07 00:42 - 000015173 ____C () C:\Users\Cosmos\AppData\Local\introcs.ps1
    2019-02-05 15:36 - 2019-02-05 15:36 - 000000600 ____C () C:\Users\Cosmos\AppData\Local\PUTTY.RND
    2019-01-11 22:53 - 2019-01-12 09:03 - 000007607 ____C () C:\Users\Cosmos\AppData\Local\resmon.resmoncfg
    2019-02-07 00:42 - 2019-02-07 00:42 - 000167936 ____C () C:\Users\Cosmos\AppData\Local\unzip.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => MD5 is legit
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => MD5 is legit
    C:\WINDOWS\SysWOW64\userinit.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll
    [2019-01-14 20:00] - [2019-01-01 01:41] - 001159680 _____ (Microsoft Corporation) 2383579559B1EB66C4FA2297119CEDD0

    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\dllhost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2019-01-05 19:03

    ==================== End of FRST.txt ============================

  8. #23
    Join Date
    Jan 2019
    Posts
    31
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.02.2019
    Ran by Cosmos (18-02-2019 22:26:29)
    Running from C:\Users\Cosmos\Downloads\Antivirus\FRST
    Windows 10 Home Version 1803 17134.590 (X64) (2019-01-06 00:11:25)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)


    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
    Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3025 - Acer Incorporated)
    Active Directory Authentication Library for SQL Server (HKLM\...\{52D1FCFD-1052-4D75-B3FB-9906901AFD98}) (Version: 13.1.4001.0 - Microsoft Corporation) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20091 - Adobe Systems Incorporated)
    Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
    Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
    Anki (HKLM-x32\...\Anki) (Version: - )
    Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
    Atom (HKU\S-1-5-21-236146839-932208297-861440787-1001\...\atom) (Version: 1.34.0 - GitHub Inc.)
    Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
    Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.9.20.0 - Canon Inc.)
    Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.9.0.0 - Canon Inc.)
    ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D256A5B9-68DA-4F6C-A447-A93E5639A46D}) (Version: 4.7.03083 - Microsoft Corporation) Hidden
    COMODO Antivirus (HKLM\...\{1FCECDE0-7D34-4FA9-9EA3-03792F8CD585}) (Version: 11.0.0.6744 - COMODO Security Solutions Inc.) Hidden
    COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 11.0.0.6744 - COMODO Security Solutions Inc.)
    Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 70.0.3538.110 - Comodo)
    Core FTP Server(x64) (HKLM-x32\...\CoreFTPServer(x64)) (Version: - )
    DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
    Dolby Audio X2 Windows API SDK (HKLM\...\{AA950AA4-CD9B-4D81-B6C0-BFABB7A24261}) (Version: 0.7.5.65 - Dolby Laboratories, Inc.)
    Dolby Audio X2 Windows APP (HKLM\...\{DBC4388A-9417-41DB-85CF-DF4993B84D5A}) (Version: 0.7.5.67 - Dolby Laboratories, Inc.)
    ELAN FingerPrinter 1.6.5.1_X64_WHQL (HKLM\...\ElanFP) (Version: 1.6.5.1 - ELAN Microelectronic Corp.)
    ELAN HIDI2C Filter Driver X64 13.6.7.2_WHQL (HKLM\...\Elantech) (Version: 13.6.7.2 - ELAN Microelectronic Corp.)
    Entity Framework 6.2.0 Tools for Visual Studio 2017 (HKLM-x32\...\{B843915F-00A1-44B1-994C-1AE0A6400AE3}) (Version: 6.2.61807.0 - Microsoft Corporation) Hidden
    FileZilla Client 3.40.0 (HKLM-x32\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
    Git version 2.20.1 (HKLM\...\Git_is1) (Version: 2.20.1 - The Git Development Community)
    heroku (HKLM-x32\...\heroku) (Version: - Heroku)
    icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
    icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
    icecap_collectionresources (HKLM-x32\...\{1D117EF7-C5DC-45A4-836B-282D8C2C5ADA}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresources (HKLM-x32\...\{4B691388-E031-4268-A096-95173D1E6E0F}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresources (HKLM-x32\...\{9725C7F1-2D22-4FD0-B25F-A0CBDB6B2743}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresources (HKLM-x32\...\{C29CE78F-0FFD-4A53-8DDA-91CDBEC56143}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresources (HKLM-x32\...\{C60AE9CA-7FB1-46CB-9615-524FC2B304AC}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresourcesx64 (HKLM-x32\...\{2CC48522-BEEE-4F86-987F-703C76FF5BFF}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresourcesx64 (HKLM-x32\...\{5A86972C-9DB5-40AA-B4EB-0ACE96AFDF88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresourcesx64 (HKLM-x32\...\{5EBFBBAD-EBA7-4D7B-A121-A6661944E6BD}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresourcesx64 (HKLM-x32\...\{75D686C3-277D-4FAB-AD2C-FC71FE6BDF63}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    icecap_collectionresourcesx64 (HKLM-x32\...\{94387177-969C-437D-8297-1B5D7D058283}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
    IIS 10.0 Express (HKLM\...\{4E0AF984-1437-42DC-A8E4-A6EE920DDFAF}) (Version: 10.0.1743 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
    IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
    Intel Extreme Tuning Utility (HKLM-x32\...\{275588D7-6C9D-4FB0-BBAE-2FA3F7C2DADB}) (Version: 6.4.1.25 - Intel Corporation) Hidden
    Intel Extreme Tuning Utility (HKLM-x32\...\{6a0def1c-f6f2-4a5d-81f6-a1b858352c8b}) (Version: 6.4.1.25 - Intel Corporation)
    Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4526 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
    Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
    Intel® Hardware Accelerated Execution Manager (HKLM\...\{22676F90-06C7-4DC0-96C2-FAE79AB306F4}) (Version: 6.2.0 - Intel Corporation)
    IntelliTraceProfilerProxy (HKLM-x32\...\{ACBAA378-519A-441D-9349-C0AAD8DEAD04}) (Version: 15.0.17289.01 - Microsoft Corporation) Hidden
    Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.447691.139 - Comodo)
    Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
    JetBrains PyCharm Community Edition 2018.3.4 (HKU\S-1-5-21-236146839-932208297-861440787-1001\...\PyCharm Community Edition 2018.3.4) (Version: 183.5429.31 - JetBrains s.r.o.)
    Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden
    Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{4DFD6FF3-9A29-4F31-AEE1-D44E016C5AD4}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
    Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
    Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
    Microsoft .NET Core SDK 2.1.502 (x64) (HKLM-x32\...\{6e700b89-6f3c-4dff-b957-44b77c8a4b0e}) (Version: 2.1.502 - Microsoft Corporation)
    Microsoft .NET Core SDK 2.1.503 (x64) (HKLM-x32\...\{ce5280a9-88d6-42e4-90bc-8399a3f94460}) (Version: 2.1.503 - Microsoft Corporation)
    Microsoft .NET Core SDK 2.2.103 (x64) (HKLM-x32\...\{730ee99f-7165-41f7-b107-ced51cbb0c19}) (Version: 2.2.103 - Microsoft Corporation)
    Microsoft Azure Authoring Tools - v2.9.5.3 (HKLM\...\{086C537B-DE1A-4A11-8441-6AAF076174B8}) (Version: 2.9.8699.20 - Microsoft Corporation)
    Microsoft Azure Compute Emulator - v2.9.5.3 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.5.3) (Version: 2.9.8699.20 - Microsoft Corporation)
    Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
    Microsoft Azure Storage Emulator - v5.7 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.7) (Version: 5.7.18218.1723 - Microsoft Corporation)
    Microsoft Identity Extensions (HKLM\...\{F99F24BF-0B90-463E-9658-3FD2EFC3C992}) (Version: 2.0.1459.0 - Microsoft Corporation)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11231.20174 - Microsoft Corporation)
    Microsoft Office 365 - fi-fi (HKLM\...\O365HomePremRetail - fi-fi) (Version: 16.0.11231.20174 - Microsoft Corporation)
    Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-236146839-932208297-861440787-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{1385D3DB-8E80-427B-91D2-B7535862B8E4}) (Version: 11.3.6518.0 - Microsoft Corporation)
    Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27024 (HKLM-x32\...\{5fb2083a-f3cc-4b78-93ff-bd9788b5de01}) (Version: 14.16.27024.1 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1095.110 - Microsoft Corporation)
    Microsoft Web Deploy 4.0 (HKLM\...\{AEA6EBD0-7E59-46C0-8B5E-1715BC58DC45}) (Version: 10.0.1994 - Microsoft Corporation)
    Mozilla Firefox 65.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.1 (x64 en-US)) (Version: 65.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
    MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Node.js (HKLM\...\{662F5082-4F0A-4EC3-A055-00C8AEB514F1}) (Version: 11.6.0 - Node.js Foundation)
    Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.3 - Notepad++ Team)
    NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
    NVIDIA Graphics Driver 369.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 369.32 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040B-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
    Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
    Pakiet zbiorczy funkcji IntelliSense platformy Microsoft .NET Framework Cumulative Intellisense Pack dla programu Visual Studio (Polski) (HKLM-x32\...\{BCCDC1D3-999C-445B-826F-5B5548F19858}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
    Python 3.7.1 (64-bit) (HKU\S-1-5-21-236146839-932208297-861440787-1001\...\{8a84877c-26dd-4b77-8117-80eaec80127c}) (Version: 3.7.1150.0 - Python Software Foundation)
    Python 3.7.1 (Anaconda3 2018.12 64-bit) (HKU\S-1-5-21-236146839-932208297-861440787-1001\...\Python 3.7.1 (Anaconda3 2018.12 64-bit)) (Version: 2018.12 - Anaconda, Inc.)

  9. #24
    Join Date
    Jan 2019
    Posts
    31
    Python 3.7.1 Add to Path (64-bit) (HKLM\...\{6846E653-89AC-47BC-8E11-FB9991EC90AA}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Core Interpreter (64-bit debug) (HKLM\...\{CB1033C4-D22C-4448-AC3B-42AAAE2EDDF1}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Core Interpreter (64-bit symbols) (HKLM\...\{E4F701CA-F776-4664-9C9E-34C018C1011F}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Core Interpreter (64-bit) (HKLM\...\{3CDB402E-5970-4DCB-8EE8-D50517AB55AE}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Development Libraries (64-bit debug) (HKLM\...\{7576F61D-0D5A-4DF4-82D2-0185AD2D897B}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Development Libraries (64-bit) (HKLM\...\{61D00EE1-616D-4782-A8C5-EDD436BE9766}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Documentation (64-bit) (HKLM\...\{C66332A3-9916-4CA0-89B3-88E4F0789207}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Executables (64-bit debug) (HKLM\...\{3C0EF30A-F618-47A4-81B5-AA011D8AEFB3}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Executables (64-bit symbols) (HKLM\...\{C4F72D80-B361-40E9-A93A-34016B272E8B}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Executables (64-bit) (HKLM\...\{C3B089F9-4BA6-45A6-91A2-C5938F8702F8}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 pip Bootstrap (64-bit) (HKLM\...\{ED677B31-8BF6-49FA-9B99-A63CD45D316A}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Standard Library (64-bit debug) (HKLM\...\{493D405E-30BD-441B-8280-3E2873738177}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Standard Library (64-bit symbols) (HKLM\...\{F9FF5FDE-DFF4-48AE-B9E6-0940E0F37FA3}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Standard Library (64-bit) (HKLM\...\{7627B8B4-82DD-4BD2-B33B-465E41693F0D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Tcl/Tk Support (64-bit debug) (HKLM\...\{10C3C9C5-29B0-4D4B-861B-99EC3C5D63FA}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Tcl/Tk Support (64-bit symbols) (HKLM\...\{D27E5799-8F28-4823-B4BB-C841CA8BEC6D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Tcl/Tk Support (64-bit) (HKLM\...\{00FB4D96-77D4-4043-950E-8FA816BCAD7D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Test Suite (64-bit debug) (HKLM\...\{FFB7B7F3-47C3-4B39-A020-45F06D2A74B5}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Test Suite (64-bit symbols) (HKLM\...\{3FCFD9C6-8FE8-41AF-A952-27BBA93DC9B9}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Test Suite (64-bit) (HKLM\...\{A1CFED46-5F31-4813-A494-681BBB2B6E23}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python 3.7.1 Utility Scripts (64-bit) (HKLM\...\{96DEF82E-CD26-4AB5-A7FB-81E1B6D1DE91}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
    Python Launcher (HKLM-x32\...\{C3A1C6B1-9096-47A7-AB5C-09114002A996}) (Version: 3.7.6501.0 - Python Software Foundation)
    Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10393 - Qualcomm Atheros)
    Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.281 - Qualcomm Atheros)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7977 - Realtek Semiconductor Corp.)
    RogueKiller version 13.1.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.1.4.0 - Adlice Software)
    SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
    sptools_Microsoft.VisualStudio.OfficeDeveloperTools.Msi (HKLM-x32\...\{72BA31CD-9667-422B-A8A4-65C248E06222}) (Version: 15.0.26501 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi (HKLM-x32\...\{97C50C96-8106-490D-B81F-768753C39B56}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{05830493-65CA-41E3-8A0F-BDFC531F99FE}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{1322D9E4-4DFA-4AB0-A24F-33E6DB089C60}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{17172919-AC0E-414E-A9F0-BD568DDCADDF}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{438AE7AE-E30E-4680-BF81-D6A0CBAB212C}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{74E057FF-92C8-4DD0-AF43-B220CD100733}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{E244D430-2740-46E6-8998-156213B3B63E}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    sptools_Microsoft.VisualStudio.Vsto.Msi.x64 (HKLM-x32\...\{C83DFAD5-FF26-4ED8-B284-944463FA0E30}) (Version: 15.0.27207 - Microsoft Corporation) Hidden
    SQL Server vNext CTP1.6 用 Microsoft System CLR Types (HKLM\...\{AB624C7B-A7AF-42F0-A49F-C804305DDFDA}) (Version: 15.0.600.33 - Microsoft Corporation)
    SQL Server vNext CTP1.6 用 Microsoft System CLR Types (HKLM-x32\...\{07DB40AF-A6A1-41FF-9C0E-58E72F820351}) (Version: 15.0.600.33 - Microsoft Corporation)
    Storage Backup Software (HKLM-x32\...\{DE033B8F-24D8-4E97-B6EE-3CFC7A0E0637}) (Version: 1.21.7820 - Toshiba Electronic Devices & Storage Corporation)
    Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
    Symbility Mobile Claims (HKLM-x32\...\{04B8E460-7E0B-4BD8-89A8-DAC7E2242D8F}) (Version: 6.2.30 - Symbility Solutions Inc.)
    TypeScript SDK (HKLM-x32\...\{3CBDDAE8-99AE-4168-BDA7-8352BF15BE73}) (Version: 3.1.2.0 - Microsoft Corporation) Hidden
    Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
    Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
    uTorrent Web (HKU\S-1-5-21-236146839-932208297-861440787-1001\...\utweb) (Version: 0.21.0 - BitTorrent, Inc.)
    vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
    vcpp_crt.redist.clickonce (HKLM-x32\...\{3073DDA2-99E5-47A6-9AFA-3F6CA9C44BB5}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
    vcpp_crt.redist.clickonce (HKLM-x32\...\{543CB640-A910-4AF4-BC48-9345AC92B68D}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
    vcpp_crt.redist.clickonce (HKLM-x32\...\{77B667B9-36B3-4712-AD45-28EA1A278D8B}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
    vcpp_crt.redist.clickonce (HKLM-x32\...\{BC5378F6-57FC-41B3-90AA-B893FB79568A}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
    vcpp_crt.redist.clickonce (HKLM-x32\...\{F38A24D5-EC2F-4F7C-8632-AEE11B2075A2}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
    Visual Studio Build Tools 2017 (2) (HKLM-x32\...\9ceefa81) (Version: 15.9.28307.222 - Microsoft Corporation)
    Visual Studio Community 2017 (3) (HKLM-x32\...\d3e461ca) (Version: 15.9.28307.344 - Microsoft Corporation)
    Visual Studio Enterprise 2017 (HKLM-x32\...\32fd9a58) (Version: 15.9.28307.222 - Microsoft Corporation)
    VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
    VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
    VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
    VS WCF Debugging (HKLM\...\{14AF842C-675E-4268-B493-EB76D9B465A8}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
    vs_BlendMsi (HKLM-x32\...\{C5D83E0F-12E7-4BA3-98E6-DAE0E73B5BF9}) (Version: 15.0.27205 - Microsoft Corporation) Hidden
    vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_codecoveragemsi (HKLM-x32\...\{B2DB38F7-4225-4EA6-A7B2-F9A0E089DD89}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_codeduitestframeworkmsi (HKLM-x32\...\{4379D9C7-B16D-486C-BC6D-43550A4C55EE}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
    vs_communitymsires (HKLM-x32\...\{0C4329B3-294C-4143-8BA9-8FA8F5C7E0C4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_communitymsires (HKLM-x32\...\{5297D80E-CD92-48D8-9DB0-301AB3205772}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_communitymsires (HKLM-x32\...\{C1A2852D-7FED-42BC-BE13-402E6D4942E5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_communitymsires (HKLM-x32\...\{CEF65212-694E-4F0B-ADB5-17CE0C2AE213}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_communitymsires (HKLM-x32\...\{F1AD1FA8-F605-4E03-A837-89CB3EA8309A}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_cuitcommoncoremsi (HKLM-x32\...\{060D7518-16AC-41F1-9956-38CA636FCF7B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_cuitextensionmsi (HKLM-x32\...\{88484E59-774D-4947-AF0E-4524D6C3147D}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
    vs_cuitextensionmsi_x64 (HKLM-x32\...\{184D5702-3AD2-4F0D-95E6-11E1C75A9298}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_enterprisemsi (HKLM-x32\...\{6E0FB913-0E76-44B5-B0D4-2B71A7984BD2}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
    vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
    vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
    vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
    vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
    vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
    vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
    vs_minshellmsires (HKLM-x32\...\{0D3A6730-43CE-4AF6-BDF7-4D0660296C60}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_minshellmsires (HKLM-x32\...\{284D88E1-21B6-4FA2-A606-4E49412F74E8}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_minshellmsires (HKLM-x32\...\{871BE104-8114-4C84-9809-D3F2DAB18E06}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_minshellmsires (HKLM-x32\...\{F9101D24-E2B7-44A6-B4E6-2121D7FF6461}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_minshellmsires (HKLM-x32\...\{FA276C24-AD78-43FE-A70B-86715B5C5C46}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_networkemulationmsi_x64 (HKLM-x32\...\{674BB892-7904-4B94-8077-9DA3D2CBFC70}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
    vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
    Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
    WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
    Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
    WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
    WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
    Wireshark 2.6.6 64-bit (HKLM-x32\...\Wireshark) (Version: 2.6.6 - The Wireshark developer community, hxxps://www.wireshark.org)
    Workflow Manager Client 1.0 (HKLM\...\{69CD1F2D-DF68-4E23-9108-1B70783F2855}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden
    Workflow Manager Client 1.0 (HKLM\...\{831D3854-30D1-4A11-927C-8E94B8091949}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden
    Workflow Manager Client 1.0 (HKLM\...\{B0290897-30B9-4938-9241-FC2CD5960B7C}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden
    Workflow Manager Client 1.0 (HKLM\...\{D3A2C0A9-7709-4E97-AFC6-48895E902F28}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{232B4812-B522-4AD5-9AE2-86176D045CE3}) (Version: 2.1.11218.0 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{9B4F2C44-56AC-4350-8A1F-C3AA5713102A}) (Version: 2.1.11218.0 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{DD83B36A-ED10-4514-98E7-1EBD53D167D8}) (Version: 2.1.11218.0 - Microsoft Corporation) Hidden
    Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{FA24E637-426B-4FE5-9423-CC89455DBAD3}) (Version: 2.1.11218.0 - Microsoft Corporation) Hidden
    Xamarin PCL Profiles v1.0.9 (HKLM-x32\...\{5E6844AB-A867-419C-A376-B12B574AA5F7}) (Version: 1.0.9.0 - Xamarin) Hidden
    Xamarin Remoted iOS Simulator (HKLM-x32\...\{5DE98E3F-9A5C-48B7-B039-8E0FB2D68AEA}) (Version: 1.3.0.8 - Xamarin) Hidden
    Накопительный пакет обновления Microsoft .NET Framework Intellisense для Visual Studio (Русский) (HKLM-x32\...\{694ED65F-4C12-4339-B86D-F9C829D2265A}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
    Пакет SDK Microsoft .NET Framework 4.6.1 (Русский) (HKLM-x32\...\{76380480-8AA4-454B-B063-3EB82302CFEE}) (Version: 4.6.01055 - Microsoft Corporation) Hidden
    Пакет SDK для Microsoft .NET Framework 4.7.2 (Русский) (HKLM-x32\...\{50BC45B5-FDC0-461D-B588-F05BBA4B3755}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
    Языковой пакет Microsoft Visual Studio 2010 Tools для среды выполнения Office (x64) - RUS (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - RUS) (Version: 10.0.50903 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
    ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_140ca414b7e07d19\igfxDTCM.dll [2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-12] (AVAST Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0632831C-CDB7-4641-91F6-37559E7EF00C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
    Task: {067AF1F1-217E-410F-895B-4037B28F0832} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\WINDOWS\system32\spaceman.exe (Microsoft Corporation) [File not signed]
    Task: {06997F4F-70FC-4D2E-9583-78F2F5EB99DC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {1205FE87-4158-4F50-9221-C298DE0830D6} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe (Acer Incorporated -> )
    Task: {1A0C4240-96AC-4DCC-AD68-09AB150BD30B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {1E2564F0-DA56-42E9-B233-971132101FF1} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe (Microsoft Corporation) [File not signed]
    Task: {1FEEAE4A-04DC-49E4-BCF1-02D6C4C3B70D} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe (Microsoft Corporation) [File not signed]
    Task: {203D1865-1648-49B4-81EF-66560BFA1AF4} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
    Task: {23D7470C-6F38-4F03-8F01-4F4942302623} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\WINDOWS\system32\dmclient.exe (Microsoft Corporation) [File not signed]
    Task: {2A722BE2-A106-4E48-8D2F-60AD9D4944F6} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe (Microsoft Corporation) [File not signed]
    Task: {2EA13A09-5D95-40C4-9E85-2924853C372B} - System32\Tasks\CareCenter\SunJavaUpdateSched_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation)
    Task: {3492B577-79BF-4147-B071-194100E5ADAA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe (Microsoft Corporation) [File not signed]
    Task: {34D7339F-A001-4CCA-A117-523BE5D8B02D} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\WINDOWS\system32\lpremove.exe (Microsoft Corporation) [File not signed]
    Task: {391C1958-E3D6-4209-9262-4DBAC9D4FF3E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {3FD0BCA6-8B63-41C0-A47F-19D1562984BF} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Comodo Security Solutions, Inc. -> COMODO)
    Task: {44458B33-D507-4136-80BE-2AAD19FAF2E3} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe () [File not signed]
    Task: {477B58BD-2B2C-4CD8-BF20-F10132881E4B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe (Acer Incorporated -> Acer Incorporated)
    Task: {477FE246-AEF6-4203-9056-A61873A73079} - System32\Tasks\S-1-5-21-236146839-932208297-861440787-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Corporation) [File not signed]
    Task: {48AB4008-A15C-41A8-A1A3-4AE34F9E3E73} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
    Task: {4BBECDDD-B654-4117-8BC5-85A0D859A9E1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => C:\WINDOWS\system32\MusNotification.exe (Microsoft Corporation) [File not signed]
    Task: {4FA3B6C8-5029-485C-95E6-8ECC05F55010} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe (Microsoft Corporation) [File not signed]
    Task: {517BAD90-B027-49FB-B944-56EECF5673C1} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe (Microsoft Corporation) [File not signed]
    Task: {520E01C0-15AF-4DEE-B05D-52C31C1FFA50} - System32\Tasks\CareCenter\AvastUI.exe_Reg_HKLMWow6432Run => C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software s.r.o. -> AVAST Software)
    Task: {5AA1A68A-0D84-4851-9DFF-5806B915D193} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\WINDOWS\system32\RAServer.exe (Microsoft Corporation) [File not signed]
    Task: {5B4B930F-8D2D-4C24-97FE-8FE41986F532} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Microsoft Corporation) [File not signed]
    Task: {5DBB553C-6787-4C44-B5A4-797D757ED013} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe (Microsoft Corporation) [File not signed]
    Task: {606EF5CD-2EF2-4358-B0E7-4410FF1721C9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe (Microsoft Corporation) [File not signed]
    Task: {60F85A8A-DC43-44AC-8493-E3F684C0DB45} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\WINDOWS\system32\cleanmgr.exe (Microsoft Corporation) [File not signed]
    Task: {654FF27F-7FA2-4CD6-A4FB-EDA4DCE80F32} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\WINDOWS\System32\XblGameSaveTask.exe (Microsoft Corporation) [File not signed]
    Task: {66C39AF7-FE62-4DB3-9782-3E4437B8DA76} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\WINDOWS\system32\disksnapshot.exe (Microsoft Corporation) [File not signed]
    Task: {6ABAD0E3-128F-48D3-9CD5-C32609A95705} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {6EC73586-EB3A-43BB-BE2B-2433D829202F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Comodo Security Solutions, Inc. -> COMODO)
    Task: {702BA948-C430-4B6A-A86C-50709C207A32} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\WINDOWS\system32\appidcertstorecheck.exe (Microsoft Corporation) [File not signed]
    Task: {7185B9AE-F34A-49E7-99AB-AD9A0E9BADC4} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\WINDOWS\System32\WindowsActionDialog.exe (Microsoft Corporation) [File not signed]
    Task: {72D74B2C-A3F0-40B1-8040-66342366F64D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Retry Scan => C:\WINDOWS\system32\usoclient.exe (Microsoft Corporation) [File not signed]
    Task: {795F1622-0575-492F-8C1E-2763CEA1E45C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\WINDOWS\system32\MDMAgent.exe (Microsoft Corporation) [File not signed]
    Task: {79D3F6C7-001A-48FB-845A-8C3DEE0C65C4} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe (Acer Incorporated -> )
    Task: {79F7D7FD-4A13-48FE-84E1-3086638E6A92} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {7D397028-DED3-489D-B124-9698555655AC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\WINDOWS\System32\sihclient.exe (Microsoft Corporation) [File not signed]
    Task: {81EE4693-C88D-4B47-8F28-9C43977CBC6D} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe (Microsoft Corporation) [File not signed]
    Task: {86443143-BDFD-4E81-AD57-F4A54513452C} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software -> Intel Corporation)
    Task: {87FB609E-674A-4922-A106-7202FDD4C934} - System32\Tasks\Study Anki => C:\Program Files\Anki\anki.exe (Ankitects Pty Ltd -> )
    Task: {8BC787A9-27D8-4EEC-A76F-5D16D5F69DF8} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
    Task: {8D917383-5314-430F-B4EC-6A2A87782560} - System32\Tasks\CareCenter\DAX2_APP_Reg_HKLMRun => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Dolby Laboratories, Inc. -> )
    Task: {8FEE4E97-F844-484E-8ACC-6BF8993A38CB} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
    Task: {93EB807C-5DA9-4607-A5E3-BE9C2AB4F75B} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Cellular => C:\WINDOWS\system32\ProvTool.exe (Microsoft Corporation) [File not signed]
    Task: {96320278-5E30-417E-B908-72C54D05B4F7} - System32\Tasks\CareCenter\RtHDVBg_Dolby_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    Task: {978B1C52-D865-4B63-8B11-E3E34113F13D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {9A557BF8-3E9D-4C02-B6FD-28D2605DB456} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\WINDOWS\system32\ProvTool.exe (Microsoft Corporation) [File not signed]
    Task: {9B24222D-1003-4974-A293-AB96F8423CA9} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization => C:\WINDOWS\system32\defrag.exe (Microsoft Corp.) [File not signed]
    Task: {9CDE652B-EE0E-4E98-BF6F-86A033D71EF7} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> )
    Task: {A16E30FD-CFA2-485E-B9CA-CFD289CB2BA1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe (Microsoft Corporation) [File not signed]
    Task: {ACD9EF4F-5407-4A90-874A-E14C7BC9AECB} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\WINDOWS\system32\dstokenclean.exe (Microsoft Corporation) [File not signed]
    Task: {ADB687BD-B239-4565-9B04-60B9428E7D7A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
    Task: {AEDD848E-37B3-458A-8C1F-1C43C1092882} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {AF8DFFA3-D74B-4F19-A4CF-765128E220C3} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe (Acer Incorporated -> Acer Incorporated)
    Task: {BAB66C11-6441-47C8-A833-71DCA4A51582} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\WINDOWS\system32\usoclient.exe (Microsoft Corporation) [File not signed]
    Task: {BB7DA029-0161-403A-84B0-BE4C44DA4AF4} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\WINDOWS\system32\speech_onecore\common\SpeechModelDownload.exe (Microsoft Corporation) [File not signed]
    Task: {BE676CF7-8255-4447-90DD-4B4BE87593A4} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\WINDOWS\system32\DFDWiz.exe (Microsoft Corporation) [File not signed]
    Task: {BF86A750-4419-4470-9B4D-4D3E45624800} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\WINDOWS\system32\srtasks.exe (Microsoft Corporation) [File not signed]
    Task: {C158DE52-BFF0-4698-8DAA-4756F4A39F96} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\WINDOWS\System32\drvinst.exe (Microsoft Corporation) [File not signed]
    Task: {C37BF197-105B-4041-A9E5-A9B42AE89D75} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\WINDOWS\system32\defrag.exe (Microsoft Corp.) [File not signed]
    Task: {C582DC9E-8BB4-478F-A486-4131D8136729} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    Task: {C6DC1157-80AA-451B-A66D-041824BA4E05} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe (Microsoft Corporation) [File not signed]
    Task: {C9FD7F92-F0E3-4765-928F-6A7A6C38E3EE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\WINDOWS\System32\dsregcmd.exe (Microsoft Corporation) [File not signed]
    Task: {CA61BF83-0799-4500-A25E-350C6D2EF357} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe (Johannes Schindelin -> The Git Development Community)
    Task: {CA7FE756-D393-41BC-A26F-A8B8118FB3D8} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\WINDOWS\System32\dusmtask.exe (Microsoft Corporation) [File not signed]
    Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\WINDOWS\System32\XblGameSaveTask.exe (Microsoft Corporation) [File not signed]
    Task: {CF0BD376-C6B9-44A4-B22D-A434F1DEE453} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\WINDOWS\system32\tzsync.exe (Microsoft Corporation) [File not signed]
    Task: {D7F97C90-F881-48F7-9A6D-225B311BAA0E} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\WINDOWS\System32\wsqmcons.exe (Microsoft Corporation) [File not signed]
    Task: {DD67C229-8118-4943-B1B3-7A67F6D837EA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
    Task: {E40F7419-3704-495F-AD2B-4689783941CD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe (Comodo Security Solutions, Inc. -> COMODO)
    Task: {E5AD2D4C-AFBA-4760-8069-E1E59A9E2223} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\WINDOWS\system32\AppHostRegistrationVerifier.exe (Microsoft Corporation) [File not signed]
    Task: {E613A8EB-4AE3-4A0F-BA05-CF64EC3F06A8} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\WINDOWS\system32\SpaceAgent.exe (Microsoft Corporation) [File not signed]
    Task: {EA0F0D87-C32E-4C4D-9270-078C8FECCD76} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {EAA91EEC-7BF7-4AAB-99F1-71BB5BA02D6E} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe (Microsoft Corporation) [File not signed]
    Task: {EB2D6D65-BE15-471F-A6C1-7B3104E71E5F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    Task: {EB3F393F-629B-4690-8ADE-1FF5090F6DE9} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\WINDOWS\system32\appidpolicyconverter.exe (Microsoft Corporation) [File not signed]
    Task: {F103F416-6170-4745-8D1D-8251DD2B95DB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {F2FF65F2-D870-4113-AE71-9F7A32FE7D2D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) [File not signed]
    Task: {FB66066A-5ED5-4BC7-AB64-9F62C8DB7FFF} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe (Acer Incorporated -> )

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ShortcutWithArgument: C:\Users\Cosmos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Cosmos\Anaconda3\Scripts\activate.bat C:\Users\Cosmos\Anaconda3

    ==================== Loaded Modules (Whitelisted) ==============

    2016-09-19 11:53 - 2016-09-19 11:53 - 001299920 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2.dll
    2019-02-12 15:56 - 2019-02-12 15:56 - 000654216 _____ () c:\program files\avast software\avast\streamback.dll
    2019-02-12 15:56 - 2019-02-12 15:56 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
    2019-01-13 15:26 - 2018-11-15 11:01 - 002712432 ____C () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2018-12-17 10:58 - 2018-12-17 10:58 - 000246464 ____C () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
    2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 ____N () C:\Windows\System32\InputHost.dll
    2019-01-25 08:34 - 2019-01-25 08:34 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
    2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 ____N () C:\Windows\ShellExperiences\TileControl.dll
    2018-12-12 19:16 - 2018-11-08 21:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
    2019-02-13 15:47 - 2019-02-05 21:25 - 002185728 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2019-02-12 15:46 - 2019-02-12 15:46 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
    2019-02-06 22:28 - 2019-02-06 22:28 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
    2018-04-12 04:24 - 2018-04-12 04:24 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
    2019-01-15 13:58 - 2019-01-15 13:58 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2019-02-06 22:28 - 2019-02-06 22:28 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
    2019-02-06 22:28 - 2019-02-06 22:28 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
    2018-12-17 10:59 - 2018-12-17 10:59 - 000159424 ____C () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
    2017-03-10 14:02 - 2015-05-14 02:10 - 000030976 ____C () C:\OEM\Preload\FUBService\FUBService.exe
    2016-09-19 04:02 - 2016-09-19 04:02 - 000163336 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
    2016-09-19 07:13 - 2016-09-19 07:13 - 000849928 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
    2018-05-28 20:00 - 2018-05-28 20:00 - 004696880 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
    2019-01-08 01:25 - 2019-01-08 01:25 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2018-12-17 10:57 - 2018-12-17 10:57 - 000107200 ____C () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
    2017-09-07 08:39 - 2017-09-07 08:39 - 000073920 ____C () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
    2018-04-12 04:22 - 2018-04-12 04:22 - 000948736 ____N () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
    2019-01-06 20:09 - 2019-01-06 20:09 - 002974888 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
    2019-01-06 20:09 - 2019-01-06 20:09 - 000355840 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
    2018-04-12 04:23 - 2018-04-12 04:23 - 000631296 ____N () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
    2019-01-06 20:09 - 2019-01-06 20:09 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.1.46.0_x64__8wekyb3d8bbwe\Microsoft.Notes.DesktopBridge.exe
    2016-08-30 03:19 - 2016-08-30 03:19 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2017-03-10 12:45 - 2019-02-04 21:19 - 001074776 ____C () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-236146839-932208297-861440787-1001\...\localhost -> localhost

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2016-07-16 06:47 - 2016-07-16 06:45 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts


    2019-02-12 18:42 - 2019-02-13 03:21 - 000000444 ____C C:\WINDOWS\system32\drivers\etc\hosts.ics



    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Users\Cosmos\introcs\java\bin;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\nodejs\;C:\ProgramData\chocolatey\bin;C:\Program Files\Git\cmd
    HKU\S-1-5-21-236146839-932208297-861440787-1001\Control Panel\Desktop\\Wallpaper -> E:\Second HDD\Photos\Random Photos\Rayann-Elzein-IMG_9231_1420409331_lg.jpg
    DNS Servers: 209.18.47.63 - 209.18.47.61
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
    mpsdrv => Firewall Service is not running.
    MpsSvc => Firewall Service is not running.
    bfe => Firewall Service is not running.

    ==================== MSCONFIG/TASK MANAGER disabled items ==
    ===

  10. #25
    Join Date
    Jan 2019
    Posts
    31
    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: CmdAgent => 2
    MSCONFIG\Services: cmdvirth => 3
    MSCONFIG\Services: DragonUpdater => 2
    MSCONFIG\Services: isesrv => 2
    HKLM\...\StartupApproved\Run: => "ShadowPlay"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe ()
    FirewallRules: [{424C96A8-D73A-4237-9A0C-A756417DA3C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{A52E2A55-DC99-467E-8358-543B4D8260C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{430B4723-50D3-4B4C-945D-FD8A45A90693}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{F08B9643-C2EC-46E3-B50C-DFA89F1B7487}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{16CDBD14-5A1D-469D-93B7-DDA7DDA8CD07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{96C4747E-43AA-46C6-9C1C-6CCC7F6A9389}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{CBA2F644-F0B2-4E3E-8942-B0CA4938BE21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{06E5BFAA-D5C7-4196-9BCB-DFF8C9356389}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{4F4BF54C-0CB3-4A4A-974F-18A82C286CF0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{B0028E51-5E4A-4ADA-A2D5-301AE42F9D14}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
    FirewallRules: [UDP Query User{749405AF-0A77-4732-ABE7-99BFD81D26EB}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
    FirewallRules: [{67352F15-A428-403E-95B0-5A34E725BC79}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{AE212A2D-31D0-47AB-BC8F-F792E642C251}] => (Allow) LPort=12292
    FirewallRules: [{CC34F753-BFBD-429F-9241-38515E3CB885}] => (Allow) C:\Program Files (x86)\TOSHIBA\Storage Backup Software\TosHDDBkupSvc.exe (Toshiba Electronic Devices & Storage Corporation -> Toshiba Electronic Devices & Storage Corporation)
    FirewallRules: [{24BBCEF2-2237-4302-BAC9-9D4A9131C6B8}] => (Allow) C:\Program Files (x86)\TOSHIBA\Storage Backup Software\TosHDDBkup.exe (Toshiba Electronic Devices & Storage Corporation -> Toshiba Electronic Devices & Storage Corporation)
    FirewallRules: [{352615CC-5A06-424E-B338-3DAE89AC7E18}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{9C0C74B5-2CE7-4E64-A472-CE528F1094C1}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{076D0156-66D1-4F61-B1ED-48D06D18D1F7}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
    FirewallRules: [{66C59C54-233C-4844-8C9F-4CCBC62BBD12}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)

    ==================== Restore Points =========================

    Could not list restore points
    Check "winmgmt" service or repair WMI.


    ==================== Faulty Device Manager Devices =============

    Could not list Devices. Check "winmgmt" service or repair WMI.


    ==================== Event log errors: =========================

    Could not start eventlog service, could not read events.

    System error 123 has occurred.

    The filename, directory name, or volume label syntax is incorrect.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
    Percentage of memory in use: 64%
    Total physical RAM: 12156.13 MB
    Available physical RAM: 4322.99 MB
    Total Virtual: 33660.13 MB
    Available Virtual: 25527.66 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:101.21 GB) NTFS
    Drive d: (EOS_DIGITAL) (Removable) (Total:59.45 GB) (Free:49.17 GB) exFAT
    Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:548.31 GB) NTFS
    Drive g: () (Removable) (Total:3.74 GB) (Free:3.68 GB) FAT32

    \\?\Volume{e96ac4ba-4f7e-4ae9-ad2f-807f58b3dd67}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
    \\?\Volume{9a045f29-b0cc-48d7-9fae-1a0b7661c5be}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 238.5 GB) (Disk ID: 65034BF4)

    Partition: GPT.

    ========================================================
    Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A9E8F1B8)
    Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 3.8 GB) (Disk ID: 52E90559)
    Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B)

    ========================================================
    Disk: 3 (Protective MBR) (Size: 59.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==================== End of Addition.txt =========================

  11. #26
    Join Date
    Jan 2019
    Posts
    31
    If an entry is included in the fixlist, it will be removed.

    MSCONFIG\Services: CmdAgent => 2
    MSCONFIG\Services: cmdvirth => 3
    MSCONFIG\Services: DragonUpdater => 2
    MSCONFIG\Services: isesrv => 2
    HKLM\...\StartupApproved\Run: => "ShadowPlay"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe ()
    FirewallRules: [{424C96A8-D73A-4237-9A0C-A756417DA3C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{A52E2A55-DC99-467E-8358-543B4D8260C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{430B4723-50D3-4B4C-945D-FD8A45A90693}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{F08B9643-C2EC-46E3-B50C-DFA89F1B7487}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{16CDBD14-5A1D-469D-93B7-DDA7DDA8CD07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{96C4747E-43AA-46C6-9C1C-6CCC7F6A9389}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{CBA2F644-F0B2-4E3E-8942-B0CA4938BE21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
    FirewallRules: [{06E5BFAA-D5C7-4196-9BCB-DFF8C9356389}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{4F4BF54C-0CB3-4A4A-974F-18A82C286CF0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{B0028E51-5E4A-4ADA-A2D5-301AE42F9D14}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
    FirewallRules: [UDP Query User{749405AF-0A77-4732-ABE7-99BFD81D26EB}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js)
    FirewallRules: [{67352F15-A428-403E-95B0-5A34E725BC79}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{AE212A2D-31D0-47AB-BC8F-F792E642C251}] => (Allow) LPort=12292
    FirewallRules: [{CC34F753-BFBD-429F-9241-38515E3CB885}] => (Allow) C:\Program Files (x86)\TOSHIBA\Storage Backup Software\TosHDDBkupSvc.exe (Toshiba Electronic Devices & Storage Corporation -> Toshiba Electronic Devices & Storage Corporation)
    FirewallRules: [{24BBCEF2-2237-4302-BAC9-9D4A9131C6B8}] => (Allow) C:\Program Files (x86)\TOSHIBA\Storage Backup Software\TosHDDBkup.exe (Toshiba Electronic Devices & Storage Corporation -> Toshiba Electronic Devices & Storage Corporation)
    FirewallRules: [{352615CC-5A06-424E-B338-3DAE89AC7E18}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{9C0C74B5-2CE7-4E64-A472-CE528F1094C1}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
    FirewallRules: [{076D0156-66D1-4F61-B1ED-48D06D18D1F7}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
    FirewallRules: [{66C59C54-233C-4844-8C9F-4CCBC62BBD12}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)

    ==================== Restore Points =========================

    Could not list restore points
    Check "winmgmt" service or repair WMI.


    ==================== Faulty Device Manager Devices =============

    Could not list Devices. Check "winmgmt" service or repair WMI.


    ==================== Event log errors: =========================

    Could not start eventlog service, could not read events.

    System error 123 has occurred.

    The filename, directory name, or volume label syntax is incorrect.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
    Percentage of memory in use: 64%
    Total physical RAM: 12156.13 MB
    Available physical RAM: 4322.99 MB
    Total Virtual: 33660.13 MB
    Available Virtual: 25527.66 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:237.36 GB) (Free:101.21 GB) NTFS
    Drive d: (EOS_DIGITAL) (Removable) (Total:59.45 GB) (Free:49.17 GB) exFAT
    Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:548.31 GB) NTFS
    Drive g: () (Removable) (Total:3.74 GB) (Free:3.68 GB) FAT32

    \\?\Volume{e96ac4ba-4f7e-4ae9-ad2f-807f58b3dd67}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
    \\?\Volume{9a045f29-b0cc-48d7-9fae-1a0b7661c5be}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 238.5 GB) (Disk ID: 65034BF4)

    Partition: GPT.

    ========================================================
    Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A9E8F1B8)
    Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 3.8 GB) (Disk ID: 52E90559)
    Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B)

    ========================================================
    Disk: 3 (Protective MBR) (Size: 59.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==================== End of Addition.txt =========================

  12. #27
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Those are clean.

    Last scans...

    Download Security Check from here or here and save it to your Desktop.

    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



    NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
    NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
    NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


    Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services



    Press "Scan".
    It will create a log (FSS.txt) in the same directory the tool is run.
    Please copy and paste the log to your reply.


    Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.




    Download Sophos Free Virus Removal Tool and save it to your desktop.

    • Double click the icon and select Run
    • Click Next
    • Select I accept the terms in this license agreement, then click Next twice
    • Click Install
    • Click Finish to launch the program
    • Once the virus database has been updated click Start Scanning
    • If any threats are found click Details, then View log file... (bottom left hand corner)
    • Copy and paste the results in your reply
    • Close the Notepad document, close the Threat Details screen, then click Start cleanup
    • Click Exit to close the program

  13. #28
    Join Date
    Jan 2019
    Posts
    31
    Results of screen317's Security Check version 1.014 --- 12/23/15
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    COMODO Antivirus
    Avast Antivirus
    Windows Defender
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Java 8 Update 201
    Java version 32-bit out of Date!
    ````````Process Check: objlist.exe by Laurent````````
    Malwarebytes Anti-Malware mbamservice.exe
    Comodo Firewall cmdagent.exe
    Malwarebytes Anti-Malware mbamtray.exe
    Common Files Oracle Java javapath\AvastSvc.exe -?-
    avast software avast afwserv.exe
    AVAST Software Avast AvastUI.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````

  14. #29
    Join Date
    Jan 2019
    Posts
    31
    Farbar Service Scanner Version: 27-01-2016
    Ran by Cosmos (administrator) on 20-02-2019 at 22:50:58
    Running from "C:\Users\Cosmos\Downloads"
    Microsoft Windows 10 Home (X64)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================


    System Restore:
    ============

    System Restore Policy:
    ========================


    Security Center:
    ============


    Windows Update:
    ============
    wuauserv Service is not running. Checking service configuration:
    The start type of wuauserv service is set to Demand. The default start type is Auto.
    The ImagePath of wuauserv: "%systemroot%\system32\svchost.exe -k netsvcs -p".
    The ServiceDll of wuauserv service is OK.


    Windows Autoupdate Disabled Policy:
    ============================


    Windows Defender:
    ==============
    WinDefend Service is not running. Checking service configuration:
    The start type of WinDefend service is set to Demand. The default start type is Auto.
    The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe"".


    Windows Defender Disabled Policy:
    ==========================
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=DWORD:1


    Other Services:
    ==============


    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed


    **** End of log ****

  15. #30
    Join Date
    Jan 2019
    Posts
    31
    Hey! I'm working on the last scan, it's taking a long time to finish so I've been stopping it and starting it again

Thread Information

Users Browsing this Thread

There are currently 9 users browsing this thread. (0 members and 9 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •