1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Got some malware or somthing

Discussion in 'Malware Removal Help' started by Midnight Sky, Nov 29, 2018.

  1. Midnight Sky

    Midnight Sky

    Joined:
    Nov 29, 2018
    Messages:
    3
    Operating System:
    Windows 10
    I downloaded an item from a popular The Sims website with a clk.sh link. Since then I have been getting popups from clk.sh often. Here is my info. And my question is, what would be the best way to get rid of it? Thank you

    I couldn't get the Farbar Recovery Scan Tool as I got a message saying it could be dangerous and adwcleaner froze my computer. I hope this is all that's needed

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 11/29/18
    Scan Time: 8:34 PM
    Log File: 19bc8bca-f440-11e8-a951-1866da26faad.json

    -Software Information-
    Version: 3.6.1.2711
    Components Version: 1.0.482
    Update Package Version: 1.0.8093
    License: Trial

    -System Information-
    OS: Windows 10 (Build 17134.407)
    CPU: x64
    File System: NTFS
    User: DESKTOP-19NNKLL\cme550

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 323578
    Threats Detected: 17
    Threats Quarantined: 17
    Time Elapsed: 12 min, 42 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 2
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\SecurityService.exe, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\TotalAV.exe, Quarantined, [4592], [503743],1.0.8093

    Module: 2
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\SecurityService.exe, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\TotalAV.exe, Quarantined, [4592], [503743],1.0.8093

    Registry Key: 2
    PUP.Optional.TotalAV, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SecurityService, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.TotalAV, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TotalAV, Quarantined, [4592], [503743],1.0.8093

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 11
    PUP.Optional.TotalAV, C:\USERS\CME550\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\TOTALAV.LNK, Quarantined, [4592], [500322],1.0.8093
    PUP.Optional.TotalAV, C:\USERS\CME550\DESKTOP\TOTALAV.LNK, Quarantined, [4592], [500324],1.0.8093
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\PasswordExtension.Win.exe, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\SecurityService.exe, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\TotalAV.exe, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\uninst.exe, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.TotalAV, C:\PROGRAM FILES (X86)\TOTALAV\Update.Win.exe, Quarantined, [4592], [503743],1.0.8093
    PUP.Optional.ScanGuard, C:\USERS\CME550\DOWNLOADS\SCANGUARD_SETUP (1).EXE, Quarantined, [4574], [503748],1.0.8093
    PUP.Optional.TotalAV, C:\USERS\CME550\DOWNLOADS\TOTALAV_SETUP (1).EXE, Quarantined, [4592], [503750],1.0.8093
    PUP.Optional.ScanGuard, C:\USERS\CME550\DOWNLOADS\SCANGUARD_SETUP.EXE, Quarantined, [4574], [503748],1.0.8093
    PUP.Optional.TotalAV, C:\USERS\CME550\DOWNLOADS\TOTALAV_SETUP.EXE, Quarantined, [4592], [503750],1.0.8093

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)
     
  2. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Midnight Sky

    You can safely ignore the warning about FRST.
    Some security software's don't like it because of how it works.
    It's perfectly safe to use.
     
  3. Midnight Sky

    Midnight Sky

    Joined:
    Nov 29, 2018
    Messages:
    3
    Operating System:
    Windows 10
    Ok, thank you. I got it. The frst file

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29.11.2018 01
    Ran by cme550 (administrator) on DESKTOP-19NNKLL (30-11-2018 15:42:27)
    Running from C:\Users\cme550\Downloads
    Loaded Profiles: cme550 & (Available Profiles: cme550)
    Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe
    () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
    (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
    (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe
    (Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
    (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\pcdrwi.exe
    (Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
    (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
    (Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    (Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\SystemIdleCheck.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe
    (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
    () C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realplay.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
    (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
    (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunes.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\internet explorer\ielowutil.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8848640 2016-02-05] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-02-05] (Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel Corporation)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795704 2015-08-07] (NVIDIA Corporation)
    HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-10] (Realtek Semiconductor Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
    HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Audio Ltd.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-10-22] (Apple Inc.)
    HKLM-x32\...\Run: [RealTray] => C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe [26112 2017-02-10] (RealNetworks, Inc.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
    HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153819980\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
    HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820464\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2017-01-11]
    ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-09-27]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe (McAfee, Inc.)
    GroupPolicy: Restriction ? <==== ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
    Tcpip\..\Interfaces\{90946596-7dab-4669-984b-aab628205c02}: [DhcpNameServer] 209.18.47.61 209.18.47.62
    Tcpip\..\Interfaces\{da430c2c-8b1c-4da5-bdf5-d782fb7090bb}: [DhcpNameServer] 192.168.1.254

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
    SearchScopes: HKLM -> DefaultScope {690893C0-04C2-494E-8D4A-9688E110F45A} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {690893C0-04C2-494E-8D4A-9688E110F45A} URL =
    SearchScopes: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001 -> DefaultScope {690893C0-04C2-494E-8D4A-9688E110F45A} URL =
    SearchScopes: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NAV&chn=1000&geo=US&ver=22.11.2.7&locale=en_US&guid=FE537664-A3F6-49CC-B753-785EF066ABAB&doi=2016-09-01&gct=kwd&qsrc=2869
    SearchScopes: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699 -> DefaultScope {690893C0-04C2-494E-8D4A-9688E110F45A} URL =
    SearchScopes: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NAV&chn=1000&geo=US&ver=22.11.2.7&locale=en_US&guid=FE537664-A3F6-49CC-B753-785EF066ABAB&doi=2016-09-01&gct=kwd&qsrc=2869
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-17] (Microsoft Corporation)
    BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2018-11-28] (AO Kaspersky Lab)
    BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02] ()
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-07-15] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-07-15] (Oracle Corporation)
    BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2018-11-28] (AO Kaspersky Lab)
    Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2018-11-28] (AO Kaspersky Lab)
    Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2018-11-28] (AO Kaspersky Lab)
    Toolbar: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Toolbar: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: 3ym8k7pu.default
    FF ProfilePath: C:\Users\cme550\AppData\Roaming\Mozilla\Firefox\Profiles\3ym8k7pu.default [2018-11-29]
    FF Homepage: Mozilla\Firefox\Profiles\3ym8k7pu.default -> hxxp://google.com
    FF NewTab: Mozilla\Firefox\Profiles\3ym8k7pu.default -> about:newtab
    FF Extension: (clean-youtube) - C:\Users\cme550\AppData\Roaming\Mozilla\Firefox\Profiles\3ym8k7pu.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2018-09-07]
    FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
    FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
    FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-11-28]
    FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
    FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-24] ()
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-24] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-07-15] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-07-15] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-16] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-16] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
    FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2003-01-07] ()
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://google.com/"
    CHR NewTab: Default -> Not-active:"chrome-extension://gfoabcdjalmeenbjjngidappmppchblc/homePageRedirect.html"
    CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C214US977D20161009&p={searchTerms}
    CHR DefaultSearchKeyword: Default -> mcafee
    CHR Profile: C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default [2018-11-30]
    CHR Extension: (Slides) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
    CHR Extension: (Kaspersky Protection) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-11-28]
    CHR Extension: (Docs) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
    CHR Extension: (Google Drive) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
    CHR Extension: (YouTube) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-08]
    CHR Extension: (Sheets) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
    CHR Extension: (Norton Home Page for Chrome) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfoabcdjalmeenbjjngidappmppchblc [2017-04-27]
    CHR Extension: (AdBlock) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-18]
    CHR Extension: (Norton Safe) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-04-27]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-08]
    CHR Extension: (Gmail) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-08]
    CHR Extension: (Chrome Media Router) - C:\Users\cme550\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-20]
    CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
    CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
    R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
    R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121048 2015-08-27] ()
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9669920 2018-11-02] (Microsoft Corporation)
    R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc.)
    R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc.)
    R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc.)
    S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
    R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe [1002816 2018-11-04] (PC-Doctor, Inc.)
    R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
    R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
    R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [10083120 2018-11-28] (EnigmaSoft Limited)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19424 2015-11-17] (Intel Corporation)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
    R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
    R2 IRMTService; c:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [182336 2015-09-10] (Intel Corporation)
    S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation)
    S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe [416560 2018-11-28] (AO Kaspersky Lab)
    R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe [405392 2018-09-27] (McAfee, Inc.)
    S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-10-25] (Electronic Arts)
    R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-10-25] (Electronic Arts)
    R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-05] (Realtek Semiconductor)
    R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [536880 2018-11-28] (EnigmaSoft Limited)
    S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
    R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38872 2018-10-25] (Dell Inc.)
    R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2015-12-22] (Waves Audio Ltd.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-11] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-20] (Microsoft Corporation)
    S3 klvssbridge64_18.0.0; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\vssbridge64.exe" [X]
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2018-02-13] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-02-13] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2018-02-13] (Avira Operations GmbH & Co. KG)
    R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
    R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Dell Inc.)
    S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
    R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [71352 2018-11-29] (EnigmaSoft Limited)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)
    R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [33512 2015-09-10] (Intel Corporation)
    R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [73416 2018-10-22] (AO Kaspersky Lab)
    R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [123152 2018-10-22] (AO Kaspersky Lab)
    R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [89168 2018-10-22] (AO Kaspersky Lab)
    S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
    R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [220472 2018-10-22] (AO Kaspersky Lab)
    R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1214752 2018-10-23] (AO Kaspersky Lab)
    R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [190784 2018-11-29] (AO Kaspersky Lab)
    R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1113912 2018-10-22] (AO Kaspersky Lab)
    R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
    R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
    R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
    R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
    S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-22] (AO Kaspersky Lab)
    R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
    R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [238528 2018-11-02] (AO Kaspersky Lab)
    R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [100136 2018-11-14] (AO Kaspersky Lab)
    R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [289856 2018-11-02] (AO Kaspersky Lab)
    R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110640 2018-11-02] (AO Kaspersky Lab)
    R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [193168 2018-11-14] (AO Kaspersky Lab)
    R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
    R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [161080 2018-10-22] (AO Kaspersky Lab)
    R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-11-29] (Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-11-29] (Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-11-29] (Malwarebytes)
    R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-29] (Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-30] (Malwarebytes)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdd.inf_amd64_1c87277d30438bde\nvlddmkm.sys [17538104 2018-06-04] (NVIDIA Corporation)
    R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [602352 2015-08-06] (Realtek Semiconductor Corporation)
    R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2018-04-11] (Realtek Semiconductor Corporation )
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-30 15:42 - 2018-11-30 15:44 - 000032964 _____ C:\Users\cme550\Downloads\FRST.txt
    2018-11-30 15:42 - 2018-11-30 15:42 - 000000000 ____D C:\FRST
    2018-11-30 15:40 - 2018-11-30 15:41 - 002417152 _____ (Farbar) C:\Users\cme550\Downloads\FRST64.exe
    2018-11-29 21:00 - 2018-11-29 21:01 - 000000000 ____D C:\AdwCleaner
    2018-11-29 21:00 - 2018-11-29 21:00 - 007592144 _____ (Malwarebytes) C:\Users\cme550\Downloads\AdwCleaner.exe
    2018-11-29 20:53 - 2018-11-29 20:53 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2018-11-29 20:52 - 2018-11-30 15:38 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2018-11-29 20:52 - 2018-11-29 20:52 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2018-11-29 20:32 - 2018-11-29 20:32 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2018-11-29 20:32 - 2018-11-29 20:32 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2018-11-29 20:31 - 2018-11-29 20:31 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2018-11-29 20:31 - 2018-11-29 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2018-11-29 20:31 - 2018-11-29 20:31 - 000000000 ____D C:\ProgramData\Malwarebytes
    2018-11-29 20:31 - 2018-11-29 20:31 - 000000000 ____D C:\Program Files\Malwarebytes
    2018-11-29 20:31 - 2018-10-18 09:44 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2018-11-29 20:29 - 2018-11-29 20:29 - 080891656 _____ (Malwarebytes ) C:\Users\cme550\Downloads\mb3-setup-54035.54035-3.6.1.2711-1.0.482-1.0.7469 (3).exe
    2018-11-29 20:27 - 2018-11-29 20:28 - 080891656 _____ (Malwarebytes ) C:\Users\cme550\Downloads\mb3-setup-54035.54035-3.6.1.2711-1.0.482-1.0.7469 (2).exe
    2018-11-29 19:56 - 2018-11-29 19:56 - 000000000 ____D C:\Users\cme550\Documents\TotalAV
    2018-11-29 19:56 - 2018-11-29 19:56 - 000000000 ____D C:\Users\cme550\AppData\Roaming\TotalAV
    2018-11-29 19:56 - 2018-11-29 19:56 - 000000000 ____D C:\ProgramData\SecuritySuite
    2018-11-29 19:51 - 2018-11-29 20:52 - 000000000 ____D C:\Program Files (x86)\TotalAV
    2018-11-29 17:12 - 2018-11-29 17:12 - 000000000 ____D C:\Users\cme550\AppData\Roaming\proDAD
    2018-11-29 17:11 - 2018-11-29 17:11 - 000003299 _____ C:\WINDOWS\SysWOW64\adorage-protocol.txt
    2018-11-29 17:03 - 2018-11-29 17:03 - 000003392 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
    2018-11-29 17:02 - 2018-11-29 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
    2018-11-29 17:02 - 2018-11-28 20:55 - 000002152 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
    2018-11-29 16:47 - 2018-11-29 16:47 - 000000025 _____ C:\WINDOWS\wininit.ini
    2018-11-28 19:36 - 2018-11-28 19:36 - 000000000 ____D C:\Users\cme550\AppData\Local\mbamtray
    2018-11-28 19:36 - 2018-11-28 19:36 - 000000000 ____D C:\Users\cme550\AppData\Local\mbam
    2018-11-28 19:33 - 2018-11-28 19:34 - 080891656 _____ (Malwarebytes ) C:\Users\cme550\Downloads\mb3-setup-54035.54035-3.6.1.2711-1.0.482-1.0.7469 (1).exe
    2018-11-28 19:32 - 2018-11-28 19:32 - 080891656 _____ (Malwarebytes ) C:\Users\cme550\Downloads\mb3-setup-54035.54035-3.6.1.2711-1.0.482-1.0.7469.exe
    2018-11-28 16:36 - 2018-11-29 21:17 - 000071352 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
    2018-11-28 16:36 - 2018-11-28 19:44 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
    2018-11-28 16:36 - 2018-11-28 16:36 - 000001057 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
    2018-11-28 16:36 - 2018-11-28 16:36 - 000000000 ____D C:\sh5ldr
    2018-11-28 16:36 - 2018-11-28 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
    2018-11-28 16:35 - 2018-11-28 16:35 - 000000000 ____D C:\Program Files\EnigmaSoft
    2018-11-28 09:39 - 2018-11-28 09:39 - 000077081 _____ C:\Users\cme550\Downloads\MCWoohoo_ScriptAndPackage_5_2_5 (1).zip
    2018-11-28 08:16 - 2018-11-28 08:16 - 001060293 _____ C:\Users\cme550\Downloads\McCmdCenter_AllModules_5_2_5.zip
    2018-11-28 07:24 - 2018-11-28 07:24 - 000941305 _____ C:\Users\cme550\Downloads\MTS_weerbesu_1776591_More_CAS_Columns_(4_Columns)_v1.7.zip
    2018-11-28 07:19 - 2018-11-28 07:19 - 004364390 _____ C:\Users\cme550\Downloads\KCM_GRAYSONHAIR_TM.zip
    2018-11-28 07:14 - 2018-11-28 07:14 - 007185498 _____ C:\Users\cme550\Downloads\[simlishsweetie] folie a deux skinblend.zip
    2018-11-28 07:08 - 2018-11-28 07:08 - 001251164 _____ C:\Users\cme550\Downloads\[madmono]Knight Non-Default.zip
    2018-11-28 07:03 - 2018-11-28 07:03 - 061117304 _____ C:\Users\cme550\Downloads\BlahberryPancake_Lena_Skin.zip
    2018-11-28 07:03 - 2018-11-28 07:03 - 037431691 _____ C:\Users\cme550\Downloads\BlahberryPancake_June_Skin.package
    2018-11-28 07:02 - 2018-11-28 07:02 - 008394711 _____ C:\Users\cme550\Downloads\amoebae - Peggy Skinblend F.7z
    2018-11-28 06:51 - 2018-11-28 06:51 - 000065393 _____ C:\Users\cme550\Downloads\KS - Trait Bundle #1.zip
    2018-11-28 06:48 - 2018-11-28 06:48 - 054759088 _____ C:\Users\cme550\Downloads\[madono]Knight Default.zip
    2018-11-26 20:58 - 2018-11-26 20:58 - 000000000 ____D C:\Users\cme550\Desktop\Lylah_202959592
    2018-11-26 20:38 - 2018-11-26 20:38 - 000015387 _____ C:\Users\cme550\Downloads\ToolUpgradeDeliveryService 1.1.0-2938-1-1-0-1541601915.zip
    2018-11-26 20:37 - 2018-11-26 20:37 - 000022374 _____ C:\Users\cme550\Downloads\BetterQuarry 1.3.1-unofficial.1-link064 (1).zip
    2018-11-26 20:35 - 2018-11-26 20:35 - 000543039 _____ C:\Users\cme550\Downloads\Ui Info Suite-1150-1-7-19-1543263532.zip
    2018-11-26 20:34 - 2018-11-26 20:34 - 000498640 _____ C:\Users\cme550\Downloads\TehsFishingOverhaul 2.1.0-866-2-1-0-1542771093.zip
    2018-11-26 20:34 - 2018-11-26 20:34 - 000013581 _____ C:\Users\cme550\Downloads\SkullCavernElevator-963-1-2-3-1542890119.zip
    2018-11-26 20:33 - 2018-11-26 20:33 - 000206351 _____ C:\Users\cme550\Downloads\NPC Map Locations 2.2.2-239-2-2-2-1542660327.zip
    2018-11-26 20:33 - 2018-11-26 20:33 - 000037230 _____ C:\Users\cme550\Downloads\Skip Intro 1.8.1-533-1-8-1-1542663681.zip
    2018-11-26 20:30 - 2018-11-26 20:30 - 000026947 _____ C:\Users\cme550\Desktop\Happy Birthday 1.7.1-520-1-7-1.zip
    2018-11-26 20:27 - 2018-11-26 20:27 - 001862139 _____ C:\Users\cme550\Downloads\SMAPI-2.8.2-installer.zip
    2018-11-26 20:27 - 2018-11-19 15:30 - 000000000 ____D C:\Users\cme550\Desktop\SMAPI 2.8.2 installer
    2018-11-26 19:43 - 2018-11-26 19:43 - 000007169 _____ C:\Users\cme550\Downloads\Ladder Locator 1.0.1-3094-1-0-1-1543104813.zip
    2018-11-25 16:34 - 2018-11-25 16:34 - 000000000 ____D C:\ProgramData\iWin
    2018-11-25 16:29 - 2018-11-27 07:37 - 000000000 ____D C:\Users\cme550\AppData\Local\GamesManager
    2018-11-25 16:29 - 2018-11-25 16:29 - 000002224 _____ C:\Users\cme550\Desktop\Play Pogo Games.lnk
    2018-11-25 16:29 - 2018-11-25 16:29 - 000000000 ____D C:\Users\cme550\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
    2018-11-25 16:29 - 2018-11-25 16:29 - 000000000 ____D C:\ProgramData\iWin Games
    2018-11-25 16:29 - 2018-11-25 16:29 - 000000000 ____D C:\games
    2018-11-25 16:28 - 2018-11-25 16:28 - 000111224 _____ (iWin inc.) C:\Users\cme550\Downloads\plants-vs-zombies-game-of-the-year-editionSetup.exe
    2018-11-25 12:12 - 2018-11-25 12:12 - 000065479 _____ C:\Users\cme550\Downloads\SXS_tvhebdo_329700_WickedWork_prealpha0-02 (2).zip
    2018-11-25 12:02 - 2018-11-25 12:02 - 000065479 _____ C:\Users\cme550\Downloads\SXS_tvhebdo_329700_WickedWork_prealpha0-02 (1).zip
    2018-11-25 11:51 - 2018-11-25 11:51 - 000065479 _____ C:\Users\cme550\Downloads\SXS_tvhebdo_329700_WickedWork_prealpha0-02.zip
    2018-11-24 07:30 - 2018-11-24 07:30 - 000016343 _____ C:\Users\cme550\Downloads\MTS_claudiasharon_1809233_claudiasharon_fameperksfree.zip
    2018-11-24 07:18 - 2018-11-24 07:18 - 000704645 _____ C:\Users\cme550\Downloads\KS - Slice Of Life Mod (11-23-18) (1).zip
    2018-11-24 07:17 - 2018-11-24 07:17 - 000055671 _____ C:\Users\cme550\Downloads\KS -Better School Mods 11-13-18.zip
    2018-11-24 07:15 - 2018-11-24 07:15 - 000324968 _____ C:\Users\cme550\Downloads\KS - Market Vendor [Job Event].zip
    2018-11-24 07:14 - 2018-11-24 07:14 - 000704645 _____ C:\Users\cme550\Downloads\KS - Slice Of Life Mod (11-23-18).zip
    2018-11-24 07:12 - 2018-11-24 07:12 - 000014957 _____ C:\Users\cme550\Downloads\KS - Birthday Presents Mod.zip
    2018-11-24 07:11 - 2018-11-24 07:11 - 001214043 _____ C:\Users\cme550\Downloads\KS - Speed Dating [Events] (1).zip
    2018-11-24 07:09 - 2018-11-24 07:09 - 001214043 _____ C:\Users\cme550\Downloads\KS - Speed Dating [Events].zip
    2018-11-24 07:06 - 2018-11-24 07:06 - 000881087 _____ C:\Users\cme550\Downloads\KS - Survivor House [Events].zip
    2018-11-24 07:05 - 2018-11-24 07:05 - 013340102 _____ C:\Users\cme550\Downloads\ts4_extremeviolence--mod--_beta-v1.6.2 (1).zip
    2018-11-24 06:58 - 2018-11-24 06:58 - 001324531 _____ C:\Users\cme550\Downloads\KS - Homeschool Mod 11-15-18.zip
    2018-11-22 10:34 - 2018-11-22 10:34 - 000077081 _____ C:\Users\cme550\Downloads\MCWoohoo_ScriptAndPackage_5_2_5.zip
    2018-11-21 19:00 - 2018-11-21 19:00 - 036725697 _____ C:\Users\cme550\Downloads\1432443.zip
    2018-11-21 11:22 - 2018-11-21 11:22 - 000000006 _____ C:\Users\cme550\Documents\insurance confirmation.txt
    2018-11-18 11:18 - 2018-11-18 11:18 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
    2018-11-18 11:18 - 2018-11-18 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2018-11-18 11:18 - 2018-11-18 11:18 - 000000000 ____D C:\Program Files\iPod
    2018-11-18 11:17 - 2018-11-18 11:18 - 000000000 ____D C:\Program Files\iTunes
    2018-11-17 18:48 - 2018-11-17 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
    2018-11-16 14:55 - 2018-11-16 14:55 - 000000000 ____D C:\Program Files\rempl
    2018-11-15 11:45 - 2018-11-15 11:45 - 000088391 _____ C:\Users\cme550\Downloads\Tractor Mod 4.5-1401-4-5.zip
    2018-11-14 18:07 - 2018-11-14 18:07 - 000250788 _____ C:\Users\cme550\Downloads\DeepWoodsMod.1.2-beta.18.zip-2571-1-2-beta-18-1541847262.zip
    2018-11-13 14:35 - 2018-11-01 06:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2018-11-13 14:35 - 2018-11-01 06:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2018-11-13 14:35 - 2018-11-01 06:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2018-11-13 14:35 - 2018-11-01 06:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2018-11-13 14:35 - 2018-11-01 06:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2018-11-13 14:35 - 2018-11-01 06:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2018-11-13 14:35 - 2018-11-01 06:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2018-11-13 14:35 - 2018-11-01 06:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2018-11-13 14:35 - 2018-11-01 06:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2018-11-13 14:35 - 2018-11-01 06:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2018-11-13 14:35 - 2018-11-01 05:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2018-11-13 14:35 - 2018-11-01 04:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2018-11-13 14:35 - 2018-11-01 04:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2018-11-13 14:35 - 2018-11-01 04:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2018-11-13 14:35 - 2018-11-01 04:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2018-11-13 14:35 - 2018-11-01 04:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2018-11-13 14:35 - 2018-11-01 04:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2018-11-13 14:35 - 2018-11-01 02:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2018-11-13 14:35 - 2018-11-01 02:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2018-11-13 14:35 - 2018-11-01 02:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2018-11-13 14:35 - 2018-11-01 02:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2018-11-13 14:35 - 2018-11-01 02:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2018-11-13 14:35 - 2018-11-01 02:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2018-11-13 14:35 - 2018-11-01 02:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2018-11-13 14:35 - 2018-11-01 02:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2018-11-13 14:35 - 2018-11-01 02:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2018-11-13 14:35 - 2018-11-01 02:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2018-11-13 14:35 - 2018-11-01 02:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2018-11-13 14:35 - 2018-11-01 02:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2018-11-13 14:35 - 2018-11-01 02:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2018-11-13 14:35 - 2018-11-01 02:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2018-11-13 14:35 - 2018-11-01 02:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2018-11-13 14:35 - 2018-11-01 02:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2018-11-13 14:35 - 2018-11-01 02:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2018-11-13 14:35 - 2018-11-01 02:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2018-11-13 14:35 - 2018-11-01 02:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2018-11-13 14:35 - 2018-11-01 02:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2018-11-13 14:35 - 2018-11-01 01:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2018-11-13 14:35 - 2018-11-01 01:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2018-11-13 14:35 - 2018-11-01 01:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2018-11-13 14:35 - 2018-11-01 01:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2018-11-13 14:35 - 2018-11-01 01:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
    2018-11-13 14:35 - 2018-11-01 01:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2018-11-13 14:35 - 2018-11-01 01:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2018-11-13 14:35 - 2018-11-01 01:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2018-11-13 14:35 - 2018-11-01 01:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
    2018-11-13 14:35 - 2018-11-01 01:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2018-11-13 14:35 - 2018-11-01 01:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2018-11-13 14:35 - 2018-11-01 01:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2018-11-13 14:35 - 2018-11-01 01:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2018-11-13 14:35 - 2018-11-01 01:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2018-11-13 14:35 - 2018-11-01 01:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2018-11-13 14:35 - 2018-11-01 01:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2018-11-13 14:35 - 2018-11-01 01:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
    2018-11-13 14:35 - 2018-11-01 01:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2018-11-13 14:35 - 2018-11-01 01:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2018-11-13 14:35 - 2018-11-01 01:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2018-11-13 14:35 - 2018-11-01 01:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2018-11-13 14:35 - 2018-11-01 01:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2018-11-13 14:35 - 2018-11-01 01:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2018-11-13 14:35 - 2018-11-01 00:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2018-11-13 14:35 - 2018-10-31 23:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2018-11-13 14:35 - 2018-10-31 23:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2018-11-13 14:35 - 2018-10-31 23:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2018-11-13 14:35 - 2018-10-31 23:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2018-11-13 14:35 - 2018-10-31 23:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2018-11-13 14:35 - 2018-10-31 23:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2018-11-13 14:35 - 2018-10-31 23:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2018-11-13 14:35 - 2018-10-31 23:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2018-11-13 14:35 - 2018-10-31 23:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2018-11-13 14:35 - 2018-10-31 23:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2018-11-13 14:35 - 2018-10-31 23:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2018-11-13 14:35 - 2018-10-31 23:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2018-11-13 14:35 - 2018-10-31 23:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2018-11-13 14:35 - 2018-10-31 23:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2018-11-13 14:35 - 2018-10-31 23:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2018-11-13 14:35 - 2018-10-31 23:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2018-11-13 14:35 - 2018-10-31 23:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2018-11-13 14:35 - 2018-10-31 23:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2018-11-13 14:35 - 2018-10-31 23:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2018-11-13 14:35 - 2018-10-31 23:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2018-11-13 14:35 - 2018-10-31 23:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2018-11-13 14:35 - 2018-10-31 23:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2018-11-13 14:35 - 2018-10-31 23:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2018-11-13 14:35 - 2018-10-31 23:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2018-11-13 14:35 - 2018-10-21 08:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2018-11-13 14:35 - 2018-10-21 08:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2018-11-13 14:35 - 2018-10-21 08:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2018-11-13 14:35 - 2018-10-21 07:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2018-11-13 14:35 - 2018-10-21 07:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2018-11-13 14:35 - 2018-10-21 07:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2018-11-13 14:35 - 2018-10-21 07:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2018-11-13 14:35 - 2018-10-21 06:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2018-11-13 14:35 - 2018-10-21 06:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2018-11-13 14:35 - 2018-10-21 06:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2018-11-13 14:35 - 2018-10-21 02:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2018-11-13 14:35 - 2018-10-21 02:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
    2018-11-13 14:35 - 2018-10-21 02:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2018-11-13 14:35 - 2018-10-21 02:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2018-11-13 14:35 - 2018-10-21 02:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2018-11-13 14:35 - 2018-10-21 02:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2018-11-13 14:35 - 2018-10-21 02:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2018-11-13 14:35 - 2018-10-21 02:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2018-11-13 14:35 - 2018-10-21 02:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2018-11-13 14:35 - 2018-10-21 02:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2018-11-13 14:35 - 2018-10-21 02:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2018-11-13 14:35 - 2018-10-21 02:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
    2018-11-13 14:35 - 2018-10-21 02:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2018-11-13 14:35 - 2018-10-21 02:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2018-11-13 14:35 - 2018-10-21 02:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2018-11-13 14:35 - 2018-10-21 02:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2018-11-13 14:35 - 2018-10-21 02:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2018-11-13 14:35 - 2018-10-21 02:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2018-11-13 14:35 - 2018-10-21 02:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2018-11-13 14:35 - 2018-10-21 02:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2018-11-13 14:35 - 2018-10-21 02:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2018-11-13 14:35 - 2018-10-21 02:14 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2018-11-13 14:35 - 2018-10-21 02:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2018-11-13 14:35 - 2018-10-21 02:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2018-11-13 14:35 - 2018-10-21 02:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2018-11-13 14:35 - 2018-10-21 01:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2018-11-13 14:34 - 2018-11-01 06:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2018-11-13 14:34 - 2018-11-01 06:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2018-11-13 14:34 - 2018-11-01 06:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2018-11-13 14:34 - 2018-11-01 06:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
    2018-11-13 14:34 - 2018-11-01 06:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
    2018-11-13 14:34 - 2018-11-01 06:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
    2018-11-13 14:34 - 2018-11-01 06:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2018-11-13 14:34 - 2018-11-01 06:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2018-11-13 14:34 - 2018-11-01 06:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2018-11-13 14:34 - 2018-11-01 06:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
    2018-11-13 14:34 - 2018-11-01 04:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
    2018-11-13 14:34 - 2018-11-01 04:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
    2018-11-13 14:34 - 2018-11-01 04:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2018-11-13 14:34 - 2018-11-01 04:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
    2018-11-13 14:34 - 2018-11-01 02:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
    2018-11-13 14:34 - 2018-11-01 02:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
    2018-11-13 14:34 - 2018-11-01 02:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2018-11-13 14:34 - 2018-11-01 02:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2018-11-13 14:34 - 2018-11-01 02:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2018-11-13 14:34 - 2018-11-01 02:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2018-11-13 14:34 - 2018-11-01 02:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2018-11-13 14:34 - 2018-11-01 02:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2018-11-13 14:34 - 2018-11-01 02:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2018-11-13 14:34 - 2018-11-01 02:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2018-11-13 14:34 - 2018-11-01 02:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2018-11-13 14:34 - 2018-11-01 02:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2018-11-13 14:34 - 2018-11-01 02:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2018-11-13 14:34 - 2018-11-01 02:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2018-11-13 14:34 - 2018-11-01 02:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
    2018-11-13 14:34 - 2018-11-01 02:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2018-11-13 14:34 - 2018-11-01 02:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2018-11-13 14:34 - 2018-11-01 02:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
    2018-11-13 14:34 - 2018-11-01 02:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2018-11-13 14:34 - 2018-11-01 02:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2018-11-13 14:34 - 2018-11-01 02:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
    2018-11-13 14:34 - 2018-11-01 02:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
    2018-11-13 14:34 - 2018-11-01 02:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
    2018-11-13 14:34 - 2018-11-01 02:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2018-11-13 14:34 - 2018-11-01 02:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2018-11-13 14:34 - 2018-11-01 01:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2018-11-13 14:34 - 2018-11-01 01:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2018-11-13 14:34 - 2018-11-01 01:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
    2018-11-13 14:34 - 2018-11-01 01:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
    2018-11-13 14:34 - 2018-11-01 01:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
    2018-11-13 14:34 - 2018-11-01 01:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2018-11-13 14:34 - 2018-11-01 01:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2018-11-13 14:34 - 2018-11-01 01:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2018-11-13 14:34 - 2018-11-01 01:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2018-11-13 14:34 - 2018-11-01 01:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2018-11-13 14:34 - 2018-11-01 01:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2018-11-13 14:34 - 2018-11-01 01:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2018-11-13 14:34 - 2018-11-01 01:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2018-11-13 14:34 - 2018-11-01 01:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2018-11-13 14:34 - 2018-11-01 01:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2018-11-13 14:34 - 2018-11-01 01:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2018-11-13 14:34 - 2018-11-01 01:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2018-11-13 14:34 - 2018-11-01 01:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2018-11-13 14:34 - 2018-11-01 01:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2018-11-13 14:34 - 2018-11-01 01:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2018-11-13 14:34 - 2018-11-01 00:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
    2018-11-13 14:34 - 2018-10-31 23:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2018-11-13 14:34 - 2018-10-31 23:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2018-11-13 14:34 - 2018-10-31 23:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
    2018-11-13 14:34 - 2018-10-31 23:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2018-11-13 14:34 - 2018-10-31 23:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2018-11-13 14:34 - 2018-10-31 23:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2018-11-13 14:34 - 2018-10-31 23:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2018-11-13 14:34 - 2018-10-31 23:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2018-11-13 14:34 - 2018-10-31 23:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2018-11-13 14:34 - 2018-10-31 23:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2018-11-13 14:34 - 2018-10-31 23:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2018-11-13 14:34 - 2018-10-31 23:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2018-11-13 14:34 - 2018-10-31 23:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
    2018-11-13 14:34 - 2018-10-31 23:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
    2018-11-13 14:34 - 2018-10-31 23:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2018-11-13 14:34 - 2018-10-31 23:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2018-11-13 14:34 - 2018-10-31 23:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
    2018-11-13 14:34 - 2018-10-31 23:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
    2018-11-13 14:34 - 2018-10-31 23:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2018-11-13 14:34 - 2018-10-31 23:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2018-11-13 14:34 - 2018-10-31 23:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2018-11-13 14:34 - 2018-10-31 23:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
    2018-11-13 14:34 - 2018-10-31 23:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2018-11-13 14:34 - 2018-10-31 23:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2018-11-13 14:34 - 2018-10-31 23:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2018-11-13 14:34 - 2018-10-31 23:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2018-11-13 14:34 - 2018-10-21 08:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2018-11-13 14:34 - 2018-10-21 08:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2018-11-13 14:34 - 2018-10-21 07:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
    2018-11-13 14:34 - 2018-10-21 07:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2018-11-13 14:34 - 2018-10-21 07:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2018-11-13 14:34 - 2018-10-21 07:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
    2018-11-13 14:34 - 2018-10-21 07:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
    2018-11-13 14:34 - 2018-10-21 07:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2018-11-13 14:34 - 2018-10-21 07:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
    2018-11-13 14:34 - 2018-10-21 07:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
    2018-11-13 14:34 - 2018-10-21 07:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2018-11-13 14:34 - 2018-10-21 07:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
    2018-11-13 14:34 - 2018-10-21 07:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
    2018-11-13 14:34 - 2018-10-21 06:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2018-11-13 14:34 - 2018-10-21 06:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
    2018-11-13 14:34 - 2018-10-21 06:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
    2018-11-13 14:34 - 2018-10-21 06:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2018-11-13 14:34 - 2018-10-21 06:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
    2018-11-13 14:34 - 2018-10-21 06:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2018-11-13 14:34 - 2018-10-21 06:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
    2018-11-13 14:34 - 2018-10-21 06:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2018-11-13 14:34 - 2018-10-21 06:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
    2018-11-13 14:34 - 2018-10-21 04:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2018-11-13 14:34 - 2018-10-21 03:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2018-11-13 14:34 - 2018-10-21 02:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
    2018-11-13 14:34 - 2018-10-21 02:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
    2018-11-13 14:34 - 2018-10-21 02:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2018-11-13 14:34 - 2018-10-21 02:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2018-11-13 14:34 - 2018-10-21 02:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2018-11-13 14:34 - 2018-10-21 02:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
    2018-11-13 14:34 - 2018-10-21 02:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2018-11-13 14:34 - 2018-10-21 02:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2018-11-13 14:34 - 2018-10-21 02:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2018-11-13 14:34 - 2018-10-21 02:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2018-11-13 14:34 - 2018-10-21 02:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2018-11-13 14:34 - 2018-10-21 02:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2018-11-13 14:34 - 2018-10-21 02:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
    2018-11-13 14:34 - 2018-10-21 02:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2018-11-13 14:34 - 2018-10-21 02:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
    2018-11-13 14:34 - 2018-10-21 02:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
    2018-11-13 14:34 - 2018-10-21 02:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
    2018-11-13 14:34 - 2018-10-21 02:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
    2018-11-13 14:34 - 2018-10-21 02:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
    2018-11-13 14:34 - 2018-10-21 02:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2018-11-13 14:34 - 2018-10-21 02:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2018-11-13 14:34 - 2018-10-21 02:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2018-11-13 14:34 - 2018-10-21 02:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2018-11-13 14:34 - 2018-10-21 02:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2018-11-13 14:34 - 2018-10-21 02:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
    2018-11-13 14:34 - 2018-10-21 02:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2018-11-13 14:34 - 2018-10-21 02:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
    2018-11-13 14:34 - 2018-10-21 02:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
    2018-11-13 14:34 - 2018-10-21 02:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
    2018-11-13 14:34 - 2018-10-21 02:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
    2018-11-13 14:34 - 2018-10-21 02:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
    2018-11-13 14:34 - 2018-10-21 02:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2018-11-13 14:34 - 2018-10-21 02:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
    2018-11-13 14:34 - 2018-10-21 02:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
    2018-11-13 14:34 - 2018-10-21 02:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
    2018-11-13 14:34 - 2018-10-21 02:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
    2018-11-13 14:34 - 2018-10-21 02:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
    2018-11-13 14:34 - 2018-10-21 02:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
    2018-11-13 14:34 - 2018-10-21 02:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2018-11-13 14:34 - 2018-10-21 02:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2018-11-13 14:34 - 2018-10-21 02:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
    2018-11-13 14:34 - 2018-10-21 02:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
    2018-11-13 14:34 - 2018-10-21 02:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2018-11-13 14:34 - 2018-10-21 02:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
    2018-11-13 14:34 - 2018-10-21 02:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2018-11-13 14:34 - 2018-10-21 02:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
    2018-11-13 14:34 - 2018-10-21 02:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2018-11-13 14:34 - 2018-10-21 02:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2018-11-13 14:34 - 2018-10-21 02:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2018-11-13 14:34 - 2018-10-21 02:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
    2018-11-13 14:34 - 2018-10-21 02:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2018-11-13 14:34 - 2018-10-21 02:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
    2018-11-13 14:34 - 2018-10-21 02:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2018-11-13 14:34 - 2018-10-21 02:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
    2018-11-13 14:34 - 2018-10-21 02:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
    2018-11-13 14:34 - 2018-10-21 01:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2018-11-13 14:34 - 2018-10-21 01:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
    2018-11-13 14:34 - 2018-10-21 01:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2018-11-13 14:34 - 2018-10-21 01:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2018-11-13 14:34 - 2018-10-21 00:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
    2018-11-13 14:34 - 2018-10-21 00:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
    2018-11-13 14:34 - 2018-04-27 23:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2018-11-13 13:15 - 2018-11-13 13:15 - 000000000 ____D C:\Users\cme550\Documents\mc challenges
    2018-11-09 14:34 - 2018-11-14 20:37 - 000100136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
    2018-11-07 18:07 - 2018-11-07 18:07 - 002793311 _____ C:\Users\cme550\Downloads\Lemonade 1.13 (v1.01).zip
    2018-11-07 18:05 - 2018-11-07 18:05 - 024182381 _____ C:\Users\cme550\Downloads\Beyond+the+Lands.zip
    2018-11-07 18:04 - 2018-11-07 18:04 - 012664484 _____ C:\Users\cme550\Downloads\Clarity 1.13.zip
    2018-11-07 18:04 - 2018-11-07 18:04 - 008554534 _____ C:\Users\cme550\Downloads\NaturalRealism 1.13.zip
    2018-11-07 18:03 - 2018-11-07 18:03 - 063709380 _____ C:\Users\cme550\Downloads\TrappedChest 128x MC1131.zip
    2018-11-07 18:02 - 2018-11-07 18:02 - 081296136 _____ C:\Users\cme550\Downloads\ChromaHills-128x-1.13-v1.zip
    2018-11-07 18:01 - 2018-11-07 18:02 - 014917282 _____ C:\Users\cme550\Downloads\farbenlehre-v2-2-0-1540090257.zip
    2018-11-07 18:01 - 2018-11-07 18:01 - 083752837 _____ C:\Users\cme550\Downloads\WizardingWorld 1.13 SPOOKY UPDATE.zip
    2018-11-07 18:00 - 2018-11-07 18:00 - 020451125 _____ C:\Users\cme550\Downloads\Trance [256x].rar
    2018-11-07 17:59 - 2018-11-07 17:59 - 008678672 _____ C:\Users\cme550\Downloads\CoterieCraftRebirthWIPv0s63.zip
    2018-11-07 17:55 - 2018-11-07 17:55 - 014441662 _____ C:\Users\cme550\Downloads\LureStone.zip
    2018-11-07 17:54 - 2018-11-07 17:54 - 007147078 _____ C:\Users\cme550\Downloads\tantum-16x-1541584841.zip
    2018-11-07 17:53 - 2018-11-07 17:54 - 094236784 _____ C:\Users\cme550\Downloads\Madoku+Craft+(Version+28.0).zip
    2018-11-07 17:52 - 2018-11-07 17:52 - 004462532 _____ C:\Users\cme550\Downloads\jehkoba-s-fantasy-1541550169.zip
    2018-11-07 17:51 - 2018-11-07 17:51 - 005283963 _____ C:\Users\cme550\Downloads\Mizunos 16 Craft_1.13.1.zip
    2018-11-05 10:39 - 2018-11-05 10:39 - 077908820 _____ C:\Users\cme550\Downloads\Harry Potter in Minecraft - By the Floo Network.zip
    2018-11-04 19:13 - 2018-11-04 19:13 - 001095369 _____ C:\Users\cme550\Downloads\ts4_life-sdrama--mod--v-1.03-a.zip
    2018-11-02 20:21 - 2018-11-02 20:21 - 000289856 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
    2018-11-02 20:20 - 2018-11-14 20:37 - 000193168 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
    2018-11-02 20:20 - 2018-11-02 20:20 - 000238528 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
    2018-11-02 20:20 - 2018-11-02 20:20 - 000110640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
    2018-11-01 15:20 - 2018-11-01 15:20 - 000034845 _____ C:\Users\cme550\Downloads\Skip Intro 1.8-533-1-8.zip
    2018-11-01 15:01 - 2018-11-01 15:01 - 000000006 _____ C:\Users\cme550\Documents\mo.txt
    2018-10-31 09:39 - 2018-10-31 09:39 - 000000036 _____ C:\Users\cme550\Documents\med bill.txt

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-11-30 15:41 - 2018-05-18 22:16 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E09A4668-9658-4DC3-9A81-C2D1507A4B57}
    2018-11-30 15:39 - 2018-02-20 06:47 - 000000000 ____D C:\ProgramData\Kaspersky Lab
    2018-11-30 15:39 - 2016-10-18 17:18 - 000000000 ____D C:\Program Files (x86)\Steam
    2018-11-30 15:37 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2018-11-30 15:36 - 2017-07-21 03:33 - 000000000 ____D C:\ProgramData\NVIDIA
    2018-11-29 22:30 - 2018-05-18 21:48 - 000000000 ____D C:\Users\cme550
    2018-11-29 21:20 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
    2018-11-29 21:16 - 2018-05-18 22:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2018-11-29 21:16 - 2018-05-18 21:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2018-11-29 20:55 - 2017-02-13 10:17 - 000000000 ____D C:\Users\cme550\AppData\Local\Adobe
    2018-11-29 20:53 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2018-11-29 20:52 - 2016-10-09 07:49 - 000000000 ____D C:\Program Files\Common Files\AV
    2018-11-29 20:51 - 2018-04-11 16:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2018-11-29 20:11 - 2017-08-16 18:17 - 000000000 ____D C:\Users\cme550\AppData\LocalLow\Mozilla
    2018-11-29 17:11 - 2018-08-09 19:17 - 000000000 ____D C:\Program Files (x86)\Jasc Software Inc
    2018-11-29 17:11 - 2016-10-11 20:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2018-11-29 17:10 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-11-29 17:10 - 2016-08-29 17:59 - 000000000 ____D C:\Program Files\NewBlue
    2018-11-29 17:04 - 2016-11-22 19:13 - 000000000 ____D C:\Users\cme550\AppData\Roaming\DVDVideoSoft
    2018-11-29 17:02 - 2018-02-20 06:47 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
    2018-11-29 16:53 - 2016-10-08 22:09 - 000000000 ____D C:\ProgramData\Origin
    2018-11-29 16:53 - 2016-08-29 17:38 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2018-11-29 16:52 - 2016-08-29 17:57 - 000000000 ____D C:\ProgramData\Temp
    2018-11-29 16:52 - 2016-08-29 17:57 - 000000000 ____D C:\ProgramData\SUPPORTDIR
    2018-11-29 16:52 - 2016-08-29 17:57 - 000000000 ____D C:\ProgramData\CLSK
    2018-11-29 16:52 - 2016-08-29 17:57 - 000000000 ____D C:\Program Files (x86)\CyberLink
    2018-11-29 16:51 - 2018-06-21 08:22 - 000000000 ____D C:\Users\cme550\Documents\CyberLink
    2018-11-29 16:51 - 2018-06-21 08:22 - 000000000 ____D C:\Users\cme550\AppData\Local\CyberLink
    2018-11-29 16:51 - 2016-08-29 17:57 - 000000000 ____D C:\ProgramData\CyberLink
    2018-11-29 16:13 - 2016-10-08 22:36 - 000000000 ____D C:\Program Files (x86)\Origin Games
    2018-11-29 16:13 - 2016-10-08 22:35 - 000000000 ____D C:\Users\cme550\AppData\Roaming\Origin
    2018-11-29 15:19 - 2018-05-18 22:16 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1624968266-3523912505-4001706718-1001
    2018-11-29 15:19 - 2018-05-18 21:48 - 000002372 _____ C:\Users\cme550\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2018-11-29 15:19 - 2018-04-11 16:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2018-11-29 15:19 - 2016-10-08 21:44 - 000000000 ___RD C:\Users\cme550\OneDrive
    2018-11-28 21:24 - 2016-10-10 19:37 - 000001274 _____ C:\Users\cme550\Desktop\nativelog.txt
    2018-11-28 20:54 - 2018-04-11 18:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2018-11-28 20:27 - 2016-10-09 08:10 - 000000000 ____D C:\Users\cme550\AppData\Roaming\.minecraft
    2018-11-28 20:21 - 2018-05-18 21:58 - 000840376 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2018-11-28 20:17 - 2017-10-03 04:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
    2018-11-28 20:17 - 2016-11-03 18:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2018-11-27 17:59 - 2016-10-08 21:52 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-11-27 17:59 - 2016-10-08 21:52 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2018-11-27 07:47 - 2017-12-22 07:40 - 000000000 ____D C:\Users\cme550\AppData\Roaming\StardewValley
    2018-11-27 07:14 - 2018-01-09 23:02 - 000000000 ____D C:\Users\cme550\AppData\Local\Packages
    2018-11-25 16:48 - 2018-05-18 22:16 - 000004236 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2018-11-20 18:11 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2018-11-20 15:18 - 2016-10-10 17:10 - 000001425 _____ C:\Users\Public\Desktop\The Sims 4.lnk
    2018-11-17 18:48 - 2018-10-11 13:04 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
    2018-11-17 18:48 - 2018-10-11 13:04 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
    2018-11-17 18:48 - 2018-10-11 13:04 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
    2018-11-17 18:48 - 2018-10-11 13:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
    2018-11-17 18:48 - 2018-10-11 13:04 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
    2018-11-17 18:48 - 2018-10-11 13:04 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
    2018-11-17 18:48 - 2018-10-11 13:04 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
    2018-11-17 18:48 - 2016-08-29 17:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2018-11-16 18:00 - 2018-04-11 18:41 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2018-11-16 18:00 - 2018-04-11 18:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2018-11-15 08:55 - 2018-01-14 15:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2018-11-15 04:09 - 2018-01-10 04:31 - 000000000 ___RD C:\Users\cme550\3D Objects
    2018-11-15 04:09 - 2016-04-25 15:36 - 000000000 __RHD C:\Users\Public\AccountPictures
    2018-11-15 04:08 - 2018-05-18 21:42 - 000421840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2018-11-14 20:50 - 2018-04-11 18:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2018-11-14 20:50 - 2018-04-11 18:38 - 000000000 ___SD C:\WINDOWS\system32\F12
    2018-11-14 20:50 - 2018-04-11 18:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2018-11-14 20:50 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
    2018-11-14 20:50 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
    2018-11-14 20:50 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2018-11-14 20:50 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
    2018-11-13 14:55 - 2016-10-09 22:20 - 000000000 ____D C:\WINDOWS\system32\MRT
    2018-11-13 14:52 - 2016-10-09 22:20 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2018-11-08 15:44 - 2018-09-27 14:43 - 000000000 ____D C:\ProgramData\McAfee Security Scan
    2018-11-06 16:23 - 2016-10-08 22:35 - 000000000 ____D C:\Program Files (x86)\Origin
    2018-11-05 16:07 - 2016-08-29 17:45 - 000000000 ____D C:\ProgramData\PCDr
    2018-11-04 16:47 - 2016-08-29 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
    2018-11-04 16:45 - 2017-06-24 15:01 - 000000000 ____D C:\ProgramData\SupportAssist

    ==================== Files in the root of some directories =======

    2017-01-04 00:07 - 2017-01-23 00:07 - 000000260 _____ () C:\Users\cme550\AppData\Roaming\WB.CFG
    2016-10-08 21:41 - 2018-11-30 15:37 - 000904507 _____ () C:\Users\cme550\AppData\Local\BTServer.log
    2018-09-26 13:34 - 2018-09-26 13:34 - 000000000 _____ () C:\Users\cme550\AppData\Local\oobelibMkey.log
    2018-08-11 13:20 - 2018-08-11 13:20 - 000001606 _____ () C:\Users\cme550\AppData\Local\recently-used.xbel

    Files to move or delete:
    ====================
    C:\Windows\Tasks\{825C9C6F-F84F-4BC2-A466-2D6EDDE66441}.job


    Some files in TEMP:
    ====================
    2018-11-29 17:11 - 2016-04-27 20:24 - 000974872 _____ (proDAD GmbH) C:\Users\cme550\AppData\Local\Temp\uninstall.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-05-18 21:42

    ==================== End of FRST.txt ============================

    The Addition txt

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29.11.2018 01
    Ran by cme550 (30-11-2018 15:45:47)
    Running from C:\Users\cme550\Downloads
    Windows 10 Home Version 1803 17134.407 (X64) (2018-05-19 03:18:15)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1624968266-3523912505-4001706718-500 - Administrator - Disabled)
    cme550 (S-1-5-21-1624968266-3523912505-4001706718-1001 - Administrator - Enabled) => C:\Users\cme550
    DefaultAccount (S-1-5-21-1624968266-3523912505-4001706718-503 - Limited - Disabled)
    Guest (S-1-5-21-1624968266-3523912505-4001706718-501 - Limited - Disabled)
    WDAGUtilityAccount (S-1-5-21-1624968266-3523912505-4001706718-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AV: Kaspersky Anti-Virus (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
    AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
    Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
    Alcor Micro USB Card Reader Driver (HKLM-x32\...\{2282AFD7-5074-4BC6-B1F7-205AAC8F6AC9}) (Version: 18.6.1844.34416 - Alcor Micro Corp.) Hidden
    Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{2282AFD7-5074-4BC6-B1F7-205AAC8F6AC9}) (Version: 18.6.1844.34416 - Alcor Micro Corp.)
    Amazon Kindle (HKU\S-1-5-21-1624968266-3523912505-4001706718-1001\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)
    Amazon Kindle (HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)
    Apple Application Support (32-bit) (HKLM-x32\...\{49F7DD82-FC83-48BF-86C6-CFE6E1E233E1}) (Version: 7.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{1FA68E27-2951-42E8-9F57-1A7F6581B4FD}) (Version: 7.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
    Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
    Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
    Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
    Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
    Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
    Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
    Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
    Dell SupportAssist (HKLM\...\{5A18ABE3-52D1-4CA5-9169-25EC7E789582}) (Version: 3.0.2.48 - Dell Inc.)
    Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
    Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
    Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
    Fairway™ (HKLM-x32\...\BFG-Fairway) (Version: - )
    Games Manager (HKU\S-1-5-21-1624968266-3523912505-4001706718-1001\...\GamesManager) (Version: 2.16.2.1015 - iWin Inc.)
    Games Manager (HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699\...\GamesManager) (Version: 2.16.2.1015 - iWin Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
    Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
    Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation)
    Intel(R) Ready Mode Technology (HKLM\...\{7331913F-E841-469A-B151-1046F1889E7B}) (Version: 1.1.70.518 - Intel Corporation)
    Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
    iTunes (HKLM\...\{3F702C1B-628F-46FB-A094-56D5404CEE63}) (Version: 12.9.1.4 - Apple Inc.)
    Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
    Kaspersky Anti-Virus (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
    Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
    Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
    Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
    Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
    Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.812.1 - McAfee, Inc.)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11001.20108 - Microsoft Corporation)
    Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1624968266-3523912505-4001706718-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
    Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
    NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.25 - NVIDIA Corporation)
    NVIDIA Graphics Driver 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.25 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
    Picket Fences™ (HKLM-x32\...\BFG-Picket Fences) (Version: - )
    Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
    RealPlayer Basic (HKLM-x32\...\RealPlayer 6.0) (Version: - )
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7737 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{6BFBB929-C278-42B3-8065-FF1178E071B8}) (Version: 13.221.243 - REALTEK Semiconductor Corp.)
    SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.1 - Electronic Arts)
    The Sims Medieval Pirates and Nobles (HKLM-x32\...\{0CC21836-A5D6-4641-B4AE-6FA01D021E41}) (Version: 2.0.109 - Electronic Arts)
    The Sims(tm) Medieval (HKLM-x32\...\{D3F66B94-DF84-4686-832E-D5761B478BF0}) (Version: 2.0.113.00107 - Electronic Arts)
    The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
    The Sims™ 3 Ambitions (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Diesel Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Diesel Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Generations (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Generations) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Into the Future (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Into the Future) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Island Paradise (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Island Paradise) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Master Suite Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Outdoor Living Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Pets (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Pets) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Seasons (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Seasons) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Showtime (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Showtime) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Supernatural (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Supernatural) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 Town Life Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Town Life Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 University Life (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 University Life) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 3 World Adventures (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
    The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.47.51.1020 - Electronic Arts Inc.)
    The Sims™ Life Stories (HKLM-x32\...\{DA932D71-E52A-43D5-009E-395A1AEC1474}) (Version: - )
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
    Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - )
    Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
    WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
    Zombie Solitaire (HKLM-x32\...\BFG-Zombie Solitaire) (Version: - )
    Zombie Solitaire 2: Chapter 2 (HKLM-x32\...\BFG-Zombie Solitaire 2 - Chapter 2) (Version: - )
    Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
    Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
    Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
    CustomCLSID: HKU\S-1-5-21-1624968266-3523912505-4001706718-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corporation)
    ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2018-11-28] (AO Kaspersky Lab)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
    ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2018-11-28] (AO Kaspersky Lab)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
    ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2018-11-28] (AO Kaspersky Lab)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation)
    ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
    ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\ShellEx.dll [2018-11-28] (AO Kaspersky Lab)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {06BFDB60-D3F3-4946-A2DC-D58AE35CD620} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-08] (Google Inc.)
    Task: {1CD450E0-D4D1-4ACC-A67D-4797DA4F97A4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-17] (Microsoft Corporation)
    Task: {2009C16A-938F-4C9B-B0A7-0B3672DF378C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-08] (Google Inc.)
    Task: {2E42C3CA-54A4-4B4F-B118-B194D5E6455E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
    Task: {405B7428-DA2C-4D39-9A84-7F5EBB94B4EA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
    Task: {5E5DEC1F-F002-4D44-928D-3D8292D862FD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-17] (Microsoft Corporation)
    Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
    Task: {AE7856D3-A92F-47A9-8F0D-42103727A708} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {B810D8DD-628C-495F-AB9C-B7D448541FA4} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-19NNKLL-cme550 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
    Task: {C2E1C2C1-5467-40E3-B87E-540A3EDFB0A8} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
    Task: {C5096460-24CA-4232-AEF3-B35D84C23D92} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-17] (Microsoft Corporation)
    Task: {E8ED0D03-C999-4C7C-8799-A1A321FAA4B7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-10-25] (Dell Inc.)
    Task: {F05D122F-6AC1-459F-BC32-5AF6030095CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
    Task: {F68FFD66-0DC2-4048-BF4C-E8BC9BEE19F8} - System32\Tasks\{F7217761-78F1-49ED-8DBE-7871BBF99C10} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\aolshare\Aolunins_us.exe"
    Task: {F95B5542-A655-42CC-BDC1-7B226C9326F2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-17] (Microsoft Corporation)
    Task: {FB40DB1F-5549-4982-8C09-F0494817EAAD} - System32\Tasks\{825C9C6F-F84F-4BC2-A466-2D6EDDE66441} => C:\Users\cme550\AppData\Roaming\7E6803~1\SyncTask.exe <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP DESKTOP 19NNKLL 01
    Task: C:\WINDOWS\Tasks\{825C9C6F-F84F-4BC2-A466-2D6EDDE66441}.job => C:\Users\cme550\AppData\Roaming\7E6803~1\SyncTask.exe <==== ATTENTION

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ShortcutWithArgument: C:\Users\cme550\Desktop\Play Pogo Games.lnk -> C:\Users\cme550\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000002 -config.uri=hxxp://gm/iwin/index.html
    ShortcutWithArgument: C:\Users\cme550\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games\Play Pogo Games.lnk -> C:\Users\cme550\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000002 -config.uri=hxxp://gm/iwin/index.html
    ShortcutWithArgument: C:\Users\cme550\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games\Games\Launch - Plants Vs Zombies Game of the Year Edition.lnk -> C:\Users\cme550\AppData\Local\GamesManager\GamesManager.exe (iWin Inc) -> -config.channel=00000002 -config.sku=2459317476552981425 -config.uri=hxxp://gm/iwin/index.html

    ==================== Loaded Modules (Whitelisted) ==============

    2016-08-29 17:44 - 2015-08-27 16:22 - 000121048 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
    2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2018-10-21 02:17 - 2018-10-21 02:17 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2018-11-29 20:31 - 2018-10-18 09:44 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2018-11-29 20:31 - 2018-10-18 09:44 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
    2018-11-04 16:47 - 2018-11-04 16:47 - 002587976 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\libprotobuf.dll
    2017-08-14 02:48 - 2017-08-14 02:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
    2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
    2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
    2018-11-13 14:35 - 2018-11-01 01:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-08-29 17:44 - 2014-07-03 11:22 - 000277720 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe
    2018-10-09 06:35 - 2018-10-09 06:35 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
    2018-03-28 07:04 - 2018-03-28 07:04 - 004734464 _____ () C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18065.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll
    2018-11-12 21:19 - 2018-11-12 21:19 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
    2018-11-06 15:03 - 2018-11-06 15:03 - 000070144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
    2018-11-06 15:03 - 2018-11-06 15:03 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
    2018-10-04 15:39 - 2018-10-04 15:39 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
    2018-11-12 21:19 - 2018-11-12 21:19 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
    2018-08-16 12:34 - 2018-08-16 12:34 - 016545280 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.26.12153.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
    2018-10-22 18:20 - 2018-10-22 18:20 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
    2018-10-22 18:20 - 2018-10-22 18:20 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
    2018-10-22 18:20 - 2018-10-22 18:20 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
    2017-09-26 11:43 - 2017-09-26 11:43 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
    2018-10-22 18:20 - 2018-10-22 18:20 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
    2018-10-22 13:59 - 2018-10-22 13:59 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
    2018-10-22 13:59 - 2018-10-22 13:59 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
    2017-08-14 02:48 - 2017-08-14 02:48 - 034865232 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
    2018-11-27 17:59 - 2018-11-16 00:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
    2018-11-27 17:59 - 2018-11-16 00:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
    2018-10-22 13:58 - 2018-10-22 13:58 - 000235832 _____ () C:\Program Files\iTunes\libxslt.dll
    2015-06-23 18:26 - 2015-06-23 18:26 - 000155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
    2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
    2015-09-04 22:34 - 2015-09-04 22:34 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2017-07-13 08:50 - 2017-07-13 08:50 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
    2017-06-22 17:56 - 2017-06-22 17:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
    2017-06-22 17:56 - 2017-06-22 17:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
    2017-06-22 17:55 - 2017-06-22 17:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
    2017-06-22 17:56 - 2017-06-22 17:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
    2017-07-13 09:12 - 2017-07-13 09:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
    2017-06-22 17:56 - 2017-06-22 17:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
    2018-10-21 02:17 - 2018-10-21 02:17 - 001042744 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-12-08 01:49 - 2017-12-08 01:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:02548DB5 [132]
    AlternateDataStreams: C:\ProgramData\Temp:046E04CC [146]
    AlternateDataStreams: C:\ProgramData\Temp:075D2CC6 [126]
    AlternateDataStreams: C:\ProgramData\Temp:07C99568 [211]
    AlternateDataStreams: C:\ProgramData\Temp:0860D6D6 [211]
    AlternateDataStreams: C:\ProgramData\Temp:095794FC [125]
    AlternateDataStreams: C:\ProgramData\Temp:0BC47617 [122]
    AlternateDataStreams: C:\ProgramData\Temp:0C28CE09 [239]
    AlternateDataStreams: C:\ProgramData\Temp:0EFDD299 [242]
    AlternateDataStreams: C:\ProgramData\Temp:0FE3297C [249]
    AlternateDataStreams: C:\ProgramData\Temp:112C5E58 [134]
    AlternateDataStreams: C:\ProgramData\Temp:1309637A [242]
    AlternateDataStreams: C:\ProgramData\Temp:18A7DB0C [124]
    AlternateDataStreams: C:\ProgramData\Temp:1ACA8A2F [131]
    AlternateDataStreams: C:\ProgramData\Temp:24BD0413 [118]
    AlternateDataStreams: C:\ProgramData\Temp:2A26624E [474]
    AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
    AlternateDataStreams: C:\ProgramData\Temp:2CC32B31 [223]
    AlternateDataStreams: C:\ProgramData\Temp:36E7847A [119]
    AlternateDataStreams: C:\ProgramData\Temp:393F7B1E [211]
    AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4 [226]
    AlternateDataStreams: C:\ProgramData\Temp:3ED7FDE3 [138]
    AlternateDataStreams: C:\ProgramData\Temp:4907CB2A [240]
    AlternateDataStreams: C:\ProgramData\Temp:4A471456 [149]
    AlternateDataStreams: C:\ProgramData\Temp:4D62BACD [229]
    AlternateDataStreams: C:\ProgramData\Temp:4DD67118 [252]
    AlternateDataStreams: C:\ProgramData\Temp:4EDA5C13 [244]
    AlternateDataStreams: C:\ProgramData\Temp:5539129F [240]
    AlternateDataStreams: C:\ProgramData\Temp:56FBA78D [244]
    AlternateDataStreams: C:\ProgramData\Temp:574B5728 [506]
    AlternateDataStreams: C:\ProgramData\Temp:5776162D [127]
    AlternateDataStreams: C:\ProgramData\Temp:57B68D62 [131]
    AlternateDataStreams: C:\ProgramData\Temp:5947DD20 [129]
    AlternateDataStreams: C:\ProgramData\Temp:5A750E35 [128]
    AlternateDataStreams: C:\ProgramData\Temp:5BC46BB5 [138]
    AlternateDataStreams: C:\ProgramData\Temp:5C6EBC69 [115]
    AlternateDataStreams: C:\ProgramData\Temp:5CD028A5 [132]
    AlternateDataStreams: C:\ProgramData\Temp:65CD5230 [138]
    AlternateDataStreams: C:\ProgramData\Temp:6697207C [146]
    AlternateDataStreams: C:\ProgramData\Temp:669AB5E1 [230]
    AlternateDataStreams: C:\ProgramData\Temp:66F5C47C [286]
    AlternateDataStreams: C:\ProgramData\Temp:675703C8 [143]
    AlternateDataStreams: C:\ProgramData\Temp:677E1DC2 [286]
    AlternateDataStreams: C:\ProgramData\Temp:68A1594E [147]
    AlternateDataStreams: C:\ProgramData\Temp:68D45CE5 [129]
    AlternateDataStreams: C:\ProgramData\Temp:6A058877 [251]
    AlternateDataStreams: C:\ProgramData\Temp:6BB32FFE [286]
    AlternateDataStreams: C:\ProgramData\Temp:737DFBE4 [257]
    AlternateDataStreams: C:\ProgramData\Temp:78ADFF54 [203]
    AlternateDataStreams: C:\ProgramData\Temp:79C203BC [140]
    AlternateDataStreams: C:\ProgramData\Temp:80547BBA [146]
    AlternateDataStreams: C:\ProgramData\Temp:84DC07A0 [248]
    AlternateDataStreams: C:\ProgramData\Temp:86725A4F [242]
    AlternateDataStreams: C:\ProgramData\Temp:87E3D720 [248]
    AlternateDataStreams: C:\ProgramData\Temp:88AFFAC5 [135]
    AlternateDataStreams: C:\ProgramData\Temp:8C1B2B7B [239]
    AlternateDataStreams: C:\ProgramData\Temp:8CA49893 [123]
    AlternateDataStreams: C:\ProgramData\Temp:8E5EA40F [436]
    AlternateDataStreams: C:\ProgramData\Temp:91D94DDC [128]
    AlternateDataStreams: C:\ProgramData\Temp:936009A2 [120]
    AlternateDataStreams: C:\ProgramData\Temp:9A40C0E0 [227]
    AlternateDataStreams: C:\ProgramData\Temp:9CD8FF2A [132]
    AlternateDataStreams: C:\ProgramData\Temp:9F1F9BAE [236]
    AlternateDataStreams: C:\ProgramData\Temp:A2B3764A [478]
    AlternateDataStreams: C:\ProgramData\Temp:A2D0518D [144]
    AlternateDataStreams: C:\ProgramData\Temp:A5241382 [224]
    AlternateDataStreams: C:\ProgramData\Temp:A543EB0F [144]
    AlternateDataStreams: C:\ProgramData\Temp:A688EF17 [193]
    AlternateDataStreams: C:\ProgramData\Temp:A6D6E537 [436]
    AlternateDataStreams: C:\ProgramData\Temp:A86D5AC1 [0]
    AlternateDataStreams: C:\ProgramData\Temp:A9F13D2D [245]
    AlternateDataStreams: C:\ProgramData\Temp:A9FE17E9 [137]
    AlternateDataStreams: C:\ProgramData\Temp:ABC6E061 [141]
    AlternateDataStreams: C:\ProgramData\Temp:AD661BBD [270]
    AlternateDataStreams: C:\ProgramData\Temp:B3196E8D [228]
    AlternateDataStreams: C:\ProgramData\Temp:B3606FCC [245]
    AlternateDataStreams: C:\ProgramData\Temp:B799049C [235]
    AlternateDataStreams: C:\ProgramData\Temp:BA24E689 [230]
    AlternateDataStreams: C:\ProgramData\Temp:BBCB4421 [227]
    AlternateDataStreams: C:\ProgramData\Temp:BD7D604C [137]
    AlternateDataStreams: C:\ProgramData\Temp:C22674B6 [204]
    AlternateDataStreams: C:\ProgramData\Temp:C43C957E [225]
    AlternateDataStreams: C:\ProgramData\Temp:C571CBCB [123]
    AlternateDataStreams: C:\ProgramData\Temp:C671025C [130]
    AlternateDataStreams: C:\ProgramData\Temp:C98828D3 [514]
    AlternateDataStreams: C:\ProgramData\Temp:C9AE9C42 [508]
    AlternateDataStreams: C:\ProgramData\Temp:CCEBA76D [486]
    AlternateDataStreams: C:\ProgramData\Temp:CFF478CD [255]
    AlternateDataStreams: C:\ProgramData\Temp:DCB8068C [247]
    AlternateDataStreams: C:\ProgramData\Temp:E1F13C78 [197]
    AlternateDataStreams: C:\ProgramData\Temp:E2E09709 [131]
    AlternateDataStreams: C:\ProgramData\Temp:E6ECD578 [240]
    AlternateDataStreams: C:\ProgramData\Temp:E7E78B84 [143]
    AlternateDataStreams: C:\ProgramData\Temp:EB1EABB1 [118]
    AlternateDataStreams: C:\ProgramData\Temp:EB5BDBB0 [242]
    AlternateDataStreams: C:\ProgramData\Temp:EC73630C [136]
    AlternateDataStreams: C:\ProgramData\Temp:F33D9A4A [256]
    AlternateDataStreams: C:\ProgramData\Temp:F5D01D7C [220]
    AlternateDataStreams: C:\ProgramData\Temp:F9AB910D [118]
    AlternateDataStreams: C:\ProgramData\Temp:FAFEC4B9 [219]
    AlternateDataStreams: C:\ProgramData\Temp:FBBECDB0 [231]
    AlternateDataStreams: C:\ProgramData\Temp:FBE06E1D [232]
    AlternateDataStreams: C:\ProgramData\Temp:FD33BA64 [136]
    AlternateDataStreams: C:\ProgramData\Temp:FDD86FAF [125]
    AlternateDataStreams: C:\ProgramData\Temp:FF869361 [248]
    AlternateDataStreams: C:\Users\cme550\Cookies:8Pcp6etuU9KIkMKfW6ZIYsO [2102]
    AlternateDataStreams: C:\Users\cme550\AppData\Local\cCzeqfYt:1E1KqDqf73WPNMJoNYV [2224]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2015-10-30 02:24 - 2018-09-27 14:43 - 000000097 _____ C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1 localhost
    0.0.0.1 mssplus.mcafee.com

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153819980\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
    HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820464\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cme550\Documents\pm-pride-Hufflepuff-Desktop-Wallpaper-1024-x-768-px.png
    HKU\S-1-5-21-1624968266-3523912505-4001706718-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11302018153820699\Control Panel\Desktop\\Wallpaper -> C:\Users\cme550\Documents\pm-pride-Hufflepuff-Desktop-Wallpaper-1024-x-768-px.png
    DNS Servers: 209.18.47.61 - 209.18.47.62
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    If an entry is included in the fixlist, it will be removed.


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{6D4D1381-6FF0-452B-BCB2-FF6325F023FA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [{2C4E53CA-6090-4613-B63B-DF3D324982C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{A2A86D60-A2B4-488C-BFA2-A8CD598165F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
    FirewallRules: [{65D3EEE5-FBC0-4B8D-84F6-0D2E70BF7E40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [UDP Query User{A47BF937-D6C6-425D-B99F-76AF6170DB98}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [TCP Query User{647E47E6-4C45-48E4-806A-D5773903977F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
    FirewallRules: [{64AD1FDB-4B97-4446-8F94-AC36F131FFD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe
    FirewallRules: [{F9925E47-C5BF-45F6-8A39-D092EF064C4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Stanley Parable\stanley.exe
    FirewallRules: [{6E4C6101-6888-463D-B74D-0E2DDE30D7E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Novelist\The Novelist.exe
    FirewallRules: [{B6213255-6CC9-472E-A35B-7CB89D962574}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Novelist\The Novelist.exe
    FirewallRules: [{7BC7CBAF-78E9-47BF-9261-7669E65AA260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kitty Powers Matchmaker\matchmaker.exe
    FirewallRules: [{2D4DDB16-345D-4E61-83E2-B7B4C24A1EC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kitty Powers Matchmaker\matchmaker.exe
    FirewallRules: [{6D6DD1D6-05CF-46AA-8F71-15BE6FA3FB89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{9C736A05-0437-4387-8DDC-9B3B58654E28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{DCA6F7D1-216C-437F-9D90-E66A6E862BBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe
    FirewallRules: [{70EE1D7A-2B4C-4EFE-A5D4-5A443F81AA43}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe
    FirewallRules: [TCP Query User{BC8A3844-B828-4D07-A96E-2CD88BBBA070}C:\program files\coreftp\coreftp.exe] => (Block) C:\program files\coreftp\coreftp.exe
    FirewallRules: [UDP Query User{CE605781-D9E4-4BDB-91BA-7C4A4C68C254}C:\program files\coreftp\coreftp.exe] => (Block) C:\program files\coreftp\coreftp.exe
    FirewallRules: [{D00F8421-701F-4D58-82DC-E1E651194401}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{DE4DEF52-65CB-4E0D-A9EA-F44088A8F8E8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
    FirewallRules: [{5F287CE2-42EE-40D6-B630-3092E4F7353C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
    FirewallRules: [{788DB547-5113-4FE8-B905-FBE7E2F8C954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
    FirewallRules: [{9D93C56A-2BFA-47D7-889B-FF281F968402}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
    FirewallRules: [{156E3DF7-F229-4130-ADD8-CCDE34DFEB62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{971240B7-08DF-483C-9952-6CB15B2F0A14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
    FirewallRules: [{4D8ECA11-6A05-4020-B372-90EC4ECACD57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe
    FirewallRules: [{BEF744B4-300B-460F-895A-02A107D8264F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe
    FirewallRules: [TCP Query User{6EA744F2-EDD6-48AB-B343-970829077B11}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
    FirewallRules: [UDP Query User{B3E4861B-4F68-49BE-BEE6-85699000D0CC}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
    FirewallRules: [{D3C444E5-A462-4008-AE33-F22D6EAC0CEE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    FirewallRules: [{FFDB7CB6-2CBE-4B1E-8846-7CA7E48CA443}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
    FirewallRules: [{EE1596B6-5F8B-4515-96D6-1E556A5938DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{82780B7E-D0B5-47A5-9702-DE9B4F90595D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kitty Powers Love Life\lovelife.exe
    FirewallRules: [{4F8AA968-F71E-40C9-A3E6-3AD34AB99E31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kitty Powers Love Life\lovelife.exe
    FirewallRules: [{1A4DC3AF-E86B-47D4-8C08-A49766764781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gone Home\GoneHome.exe
    FirewallRules: [{F710C909-7EAA-433D-B13D-B85FA77925A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gone Home\GoneHome.exe
    FirewallRules: [{1684CB43-98EC-4C68-B823-BB0DA9645EBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe
    FirewallRules: [{C2F709D1-FADB-494A-AB22-916BFF906B54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe
    FirewallRules: [{3B2F5A52-75F5-4A92-9D64-1388C2BF4330}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{EB97ACBD-0993-4CE5-9B26-38603B3DA016}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{8AC5FCD5-D0AA-4CCB-AAF8-2CA38D97B0FE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{7924A46B-30E2-4659-9F87-DC799E6BFF88}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
    FirewallRules: [{15BF61D6-F3D4-4270-9C05-33CED7AA9DBC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
    FirewallRules: [{F4B57017-5FAA-4B2D-83E9-201C6531F92A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    28-11-2018 14:09:58 Scheduled Checkpoint
    29-11-2018 16:43:52 Removed Affinity Photo Trial

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/29/2018 09:20:08 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DCCService.exe, version: 1.4.15.0, time stamp: 0x585aac69
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x065e28a8
    Faulting process id: 0x2518
    Faulting application start time: 0x01d488532dae1da0
    Faulting application path: C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
    Faulting module path: unknown
    Report Id: 9c531ab2-0545-4130-8dd8-5caa15364ab9
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/29/2018 09:20:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: DCCService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.NullReferenceException
    at OTBSurvey.UserlessSettingsProviderPersistent.SetValue(System.Configuration.SettingsPropertyValue)
    at OTBSurvey.UserlessSettingsProviderPersistent.SetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyValueCollection)
    at System.Configuration.SettingsBase.SaveCore()
    at System.Configuration.SettingsBase.Save()
    at System.Configuration.ApplicationSettingsBase.Save()
    at OTBSurvey.Controller.CheckForUpgradeAndSurveyReady()
    at OTBSurvey.Controller.SurveyRequestTimerExpired(System.Object)
    at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.TimerQueueTimer.CallCallback()
    at System.Threading.TimerQueueTimer.Fire()
    at System.Threading.TimerQueue.FireNextTimers()
    at System.Threading.TimerQueue.AppDomainTimerCallback()

    Error: (11/29/2018 08:56:22 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DCCService.exe, version: 1.4.15.0, time stamp: 0x585aac69
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x069328a8
    Faulting process id: 0x1c50
    Faulting application start time: 0x01d4884fd1256302
    Faulting application path: C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
    Faulting module path: unknown
    Report Id: 9c3c0334-3d74-4fa3-bb98-27412b62f344
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/29/2018 08:56:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: DCCService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.NullReferenceException
    at OTBSurvey.UserlessSettingsProviderPersistent.SetValue(System.Configuration.SettingsPropertyValue)
    at OTBSurvey.UserlessSettingsProviderPersistent.SetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyValueCollection)
    at System.Configuration.SettingsBase.SaveCore()
    at System.Configuration.SettingsBase.Save()
    at System.Configuration.ApplicationSettingsBase.Save()
    at OTBSurvey.Controller.CheckForUpgradeAndSurveyReady()
    at OTBSurvey.Controller.SurveyRequestTimerExpired(System.Object)
    at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.TimerQueueTimer.CallCallback()
    at System.Threading.TimerQueueTimer.Fire()
    at System.Threading.TimerQueue.FireNextTimers()
    at System.Threading.TimerQueue.AppDomainTimerCallback()

    Error: (11/29/2018 08:17:13 PM) (Source: SecurityCenter) (EventID: 16) (User: )
    Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

    Error: (11/29/2018 04:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: DCCService.exe, version: 1.4.15.0, time stamp: 0x585aac69
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x05d32bb8
    Faulting process id: 0x2550
    Faulting application start time: 0x01d4882ea8619db9
    Faulting application path: C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
    Faulting module path: unknown
    Report Id: a6c51ada-9b58-45a4-8607-e9d80dcf502b
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (11/29/2018 04:59:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
    Description: Application: DCCService.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.NullReferenceException
    at OTBSurvey.UserlessSettingsProviderPersistent.SetValue(System.Configuration.SettingsPropertyValue)
    at OTBSurvey.UserlessSettingsProviderPersistent.SetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyValueCollection)
    at System.Configuration.SettingsBase.SaveCore()
    at System.Configuration.SettingsBase.Save()
    at System.Configuration.ApplicationSettingsBase.Save()
    at OTBSurvey.Controller.CheckForUpgradeAndSurveyReady()
    at OTBSurvey.Controller.SurveyRequestTimerExpired(System.Object)
    at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
    at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
    at System.Threading.TimerQueueTimer.CallCallback()
    at System.Threading.TimerQueueTimer.Fire()
    at System.Threading.TimerQueue.FireNextTimers()
    at System.Threading.TimerQueue.AppDomainTimerCallback()

    Error: (11/29/2018 04:58:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program SkypeApp.exe version 8.34.0.81 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 1b64

    Start Time: 01d4882e55bdfac8

    Termination Time: 4294967295

    Application Path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe

    Report Id: 69a37d94-1ef7-421f-ae13-088e4d2249ce

    Faulting package full name: Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c

    Faulting package-relative application ID: App


    System errors:
    =============
    Error: (11/30/2018 03:39:55 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-19NNKLL)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-19NNKLL\cme550 SID (S-1-5-21-1624968266-3523912505-4001706718-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/30/2018 03:39:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-19NNKLL)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-19NNKLL\cme550 SID (S-1-5-21-1624968266-3523912505-4001706718-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/30/2018 03:37:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-19NNKLL)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    and APPID
    {8BC3F05E-D86B-11D0-A075-00C04FB68820}
    to the user DESKTOP-19NNKLL\cme550 SID (S-1-5-21-1624968266-3523912505-4001706718-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

    Error: (11/30/2018 03:37:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/30/2018 03:37:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/29/2018 10:12:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-19NNKLL)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-19NNKLL\cme550 SID (S-1-5-21-1624968266-3523912505-4001706718-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (11/29/2018 09:20:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Dell Customer Connect service terminated unexpectedly. It has done this 1 time(s).

    Error: (11/29/2018 09:19:47 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-19NNKLL)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user DESKTOP-19NNKLL\cme550 SID (S-1-5-21-1624968266-3523912505-4001706718-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
    Percentage of memory in use: 31%
    Total physical RAM: 16322.83 MB
    Available physical RAM: 11151.27 MB
    Total Virtual: 18754.83 MB
    Available Virtual: 12955.04 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:917.4 GB) (Free:482.12 GB) NTFS

    \\?\Volume{5df507b5-9366-49f8-99c6-76bd8901be37}\ (WINRETOOLS) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
    \\?\Volume{326b3caf-d8fe-42f2-8666-db6f08408fdf}\ (Image) (Fixed) (Total:13.06 GB) (Free:0.63 GB) NTFS
    \\?\Volume{791ce95f-afb5-413a-a82e-2aa65d9cd74f}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: 519DD016)

    Partition: GPT.

    ==================== End of Addition.txt =======================

    ADWCLEANER

    # -------------------------------
    # Malwarebytes AdwCleaner 7.2.4.0
    # -------------------------------
    # Build: 09-25-2018
    # Database: 2018-11-26.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Scan
    # -------------------------------
    # Start: 11-29-2018
    # Duration: 00:00:17
    # OS: Windows 10 Home
    # Scanned: 32143
    # Detected: 27


    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    PUP.Optional.Legacy C:\Program Files (x86)\TotalAV
    PUP.Optional.Legacy C:\Users\cme550\AppData\Roaming\TotalAV
    PUP.Optional.Legacy C:\Users\cme550\Documents\TotalAV
    PUP.Optional.Legacy C:\Users\cme550\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
    PUP.Optional.Legacy C:\Program Files (x86)\Viewpoint
    PUP.Optional.Legacy C:\ProgramData\iWin
    PUP.Optional.Legacy C:\ProgramData\iwin games

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    PUP.Optional.ByteFence HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
    PUP.Optional.InstallCore HKCU\Software\csastats
    PUP.Optional.Legacy HKCU\Software\PogoDGC
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\PogoDGC
    PUP.Optional.Legacy HKLM\Software\PogoDGC
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\Viewpoint
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\MetaStream
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
    PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{4F7D1B07-6203-41F0-947B-A29CC9ECD9B0}
    PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{4F7D1B07-6203-41F0-947B-A29CC9ECD9B0}
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
    PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
    PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries found.

    ***** [ Chromium URLs ] *****

    PUP.Optional.Legacy Ask
    PUP.Optional.Legacy AOL

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries found.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs found.



    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
     
  4. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Midnight Sky,

    Please take note of the following:

    1. Please do not run any other tools unless instructed.
    2. Please don't install or uninstall anything unless asked.
    3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
    4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
    5. Please reply to this thread. Do not start a new topic.
    6. Please follow steps in the correct order.

    Thanks for those reports.
    Ok, a little bit of work to do here so let's make a start.....

    Step 1
    Recommended programs to remove.


    McAfee Security Scan Plus

    McAfee Security Scan is what we in the know like to call “bloatware” or “junkware” or “crapware”.
    It’s not antivirus, nor does it really protect your computer from anything.
    It won’t even remove any malware should it find any.
    It’s a halfhearted pseudo-security solution that’s used as an excuse to put McAfee products in front of your eyes.

    Step 2
    Please download the attached fixlist.txt file (bottom of this post) and save it to C:\Users\cme550\Downloads.
    NOTE.
    It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system


    Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

    46aaca3dcbbefa74c3f4dc5740a24b68.png

    The tool will make a log in the Download folder (Fixlog.txt). Please post this in your next reply.

    ---------
    There are a couple of other things we need to address, but we'll move on to those later.

    In your next reply, please submit:
    Fixlog.txt

    Also give me an update on how the system is running now.


    Thanks.
     

    Attached Files:

  5. Midnight Sky

    Midnight Sky

    Joined:
    Nov 29, 2018
    Messages:
    3
    Operating System:
    Windows 10
    Thank you so much, I'm heading off to work now but I will do those steps when I get home. Another thing I want to show you are what the popups look like...there are random topics and they all say Google Chrome...clk.sh
     

    Attached Files:

    • ads.png
      ads.png
      File size:
      176.4 KB
      Views:
      24
  6. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    No problem, just run the fix whenever you have the time.
     

Share This Page