Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.09.2018
Ran by Su (18-09-2018 13:58:50)
Running from C:\Users\Su\Desktop\virus
Windows 10 Pro Version 1803 17134.286 (X64) (2018-08-04 22:26:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3916214333-3310981510-3962207731-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3916214333-3310981510-3962207731-503 - Limited - Disabled)
Guest (S-1-5-21-3916214333-3310981510-3962207731-501 - Limited - Enabled)
sshd (S-1-5-21-3916214333-3310981510-3962207731-1004 - Limited - Enabled)
Su (S-1-5-21-3916214333-3310981510-3962207731-1001 - Administrator - Enabled) => C:\Users\Su
WDAGUtilityAccount (S-1-5-21-3916214333-3310981510-3962207731-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
0patch Agent (HKLM-x32\...\{A2798643-A794-4CE4-848B-1DEC6224347D}) (Version: 0.1 - 0patch)
1Password (HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\{507707B9-C68C-4986-A4AD-F25B24C152FA}_is1) (Version: 7.2.576 - AgileBits Inc.)
AdAwareInstaller (HKLM\...\{D71AA032-DA32-45E0-BF33-B0C1D0B36D63}) (Version: 12.4.930.11587 - adaware) Hidden
AdGuard (HKLM-x32\...\{1d7ee810-0b6a-4cf5-8e22-8905eb4734e1}) (Version: 6.3.1399.4073 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 6.3.1399.4073 - Adguard Software Ltd) Hidden
AntimalwareEngine (HKLM\...\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}) (Version: 3.0.160.0 - adaware) Hidden
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Asus ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus AudioCaptureNotificationConfigurator (HKLM\...\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus NahimicSettingsConfigurator (HKLM\...\{B850C58A-ACF3-4FD3-B72D-8D668D6FEED2}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus ProfileSwitcherCleanup (HKLM\...\{CBBACC80-97A1-421D-8D18-DC4E1CD6C950}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{03578a87-5019-45bd-995a-0f27d579a180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC)
Asus Sonic Studio 3 (HKLM-x32\...\{31ef8b8e-8686-4b42-a8f9-71206319efdf}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC)
Asus SonicMapperConfigurator (HKLM\...\{A37684FD-2AA6-4B0F-BAC3-97E7DFFC6C2E}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Asus SonicRadar3Setup (HKLM\...\{E71A86BF-6EA5-42D2-A735-F41C603FB180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Asus SonicStudio3Setup (HKLM\...\{D027E5BB-DDAE-4CD9-A030-B3C0EF5FB602}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.56.37170 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.8 - The GnuPG Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Gpg4win (3.1.2) (HKLM-x32\...\Gpg4win) (Version: 3.1.2 - The Gpg4win Project)
Hỗ trợ Ứng dụng Apple (32 bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Hỗ trợ Ứng dụng Apple (64 bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
iTunes (HKLM\...\{B3D0D1BD-A6AA-4079-B218-B31036D474F4}) (Version: 12.9.0.167 - Apple Inc.)
LastPass (chỉ gỡ bỏ) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.8.15665 - McAfee, Inc.)
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R12 - McAfee, Inc.)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NiceHash Miner 2 0.2.6 (only current user) (HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.2.6 - NiceHash d.o.o)
NVIDIA 3D Vision Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
qBittorrent 4.1.2 (HKLM-x32\...\qBittorrent) (Version: 4.1.2 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0816.090718 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SRWare Iron version 68.0.3550.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 68.0.3550.0 - SRWare)
VietPN 1.3 (HKLM-x32\...\VietPN) (Version: 1.3 - )
VMware Workstation (HKLM\...\{C59B3A41-789E-42A0-9902-688CFA7F47E3}) (Version: 14.1.0 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2018-06-17] (g10 Code GmbH)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-05-08] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2017-12-15] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2017-12-15] (VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2018-06-17] (g10 Code GmbH)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-05-08] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {15E06AB8-0A5A-4322-A9EF-DBC06862D9E3} - \S-1-5-21-3916214333-3310981510-3962207731-1001\DataSenseLiveTileTask -> No File <==== ATTENTION
Task: {337BA0FA-71CE-4A98-867D-3C2014660322} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-02-28] (McAfee, Inc.)
Task: {3960164D-0404-4735-953F-F12A66A42C1E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3BA6F6AF-C3F5-461D-93C5-0C88566F491A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {3C6A321C-E460-4720-BB8B-A3C6987BF687} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {3C905F18-ECF3-4528-9C50-A66368E82806} - System32\Tasks\McInstruTrack => C:\ProgramData\McAfee\McInstruTrack\McInstruTrack.exe [2018-06-19] (McAfee, Inc.)
Task: {62E94FCA-1223-4802-B89D-C9F28D686B43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7947185D-D761-4131-8344-5F89814C630D} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-05-04] (McAfee, Inc.)
Task: {8330FC45-CDDE-4E55-A9AC-FB588B79D9B0} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A65F02FD-E734-487A-897A-F616A8201CF3} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
Task: {B257C8B4-A437-4E27-920C-AD14875BA8EF} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {C8054577-FC39-449E-8558-F0CA1631DCCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {E361CAE1-6F3D-423E-A7EE-EC43F9356D59} - \SS3svc32Run -> No File <==== ATTENTION
Task: {E62F8D7D-F259-4810-9224-8B23773E0DA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {F2A158B2-13A0-4C5F-BB02-DF8F1115B724} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {F4C7D3D1-5711-4D95-B08E-ADBD2B36C651} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.178\DADUpdater.exe [2018-09-18] (McAfee, Inc.)
Task: {FD29F71C-D009-493F-96D0-B3C23AFDD342} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {FE99F354-C807-4B8A-A462-4D0D1C9063AF} - \SS3svc64Run -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Su\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\SRWare Iron.lnk -> C:\Program Files (x86)\SRWare Iron\chrome.exe (SRWare) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2018-08-16 22:59 - 2015-05-08 14:26 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2018-08-22 22:18 - 2018-08-22 22:18 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-09-13 15:26 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-22 21:56 - 2018-06-22 21:56 - 000587832 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareService.exe
2018-06-22 22:00 - 2018-06-22 22:00 - 000125400 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_thread-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000032728 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_system-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000067544 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_date_time-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000147416 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_filesystem-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000790488 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_log-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000526296 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_locale-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000039896 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_chrono-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 011660248 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\rpc_server.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003717592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\RCF.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001024472 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_regex-vc140-mt-1_65_1.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001228760 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareActivation.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 002846680 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareApplicationUpdater.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000861656 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareGamingMode.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000123352 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareReset.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000145368 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareTime.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001049048 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareDefinitionsUpdater.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 000926680 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareDefinitionsUpdaterScheduler.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001466328 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareIgnoreList.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000312792 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareQuarantine.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001732568 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAntiMalwareEngine.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001229272 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareScannerHistory.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001574872 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareScanner.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000039384 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_timer-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001052632 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareScannerScheduler.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001195992 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareRealTimeProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003638744 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareIncompatibles.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001598424 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAntiSpam.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001531864 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAntiPhishing.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003574232 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareParentalControl.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003656152 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareWebProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001683416 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareEmailProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000072664 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_iostreams-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001789912 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareNetworkProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001220568 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwarePromo.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000479192 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareFeedback.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003230168 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareThreatWorkAlliance.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000720344 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwarePinCode.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001221592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareNotice.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001674200 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAvcEngine.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001494488 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareRealTimeProtectionHistory.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000845272 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareStatistics.dll
2018-08-16 22:59 - 2014-04-24 14:29 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-12-15 00:49 - 2017-12-15 00:49 - 014346216 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2018-09-07 17:38 - 2018-09-07 17:38 - 000284400 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
2018-04-06 18:05 - 2018-04-06 18:05 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPMsgBusDLL.dll
2018-09-07 17:49 - 2018-09-07 17:49 - 000302832 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe
2018-09-07 05:49 - 2018-09-07 05:49 - 000450288 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
2018-04-12 06:34 - 2018-04-12 06:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 11:01 - 2017-10-18 11:01 - 000485560 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-16 22:59 - 2017-10-19 02:56 - 000105304 _____ () C:\WINDOWS\SYSTEM32\audioLibVc.dll
2017-10-18 11:17 - 2017-10-18 11:17 - 000175288 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\x64\SonicStudio3SystrayDaemon.dll
2017-10-18 11:11 - 2017-10-18 11:11 - 001697976 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\x64\SonicRadar3SystrayDaemon.dll
2017-10-18 11:01 - 2017-10-18 11:01 - 000285880 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3OSD.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 004749784 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareTray.exe
2018-06-22 22:00 - 2018-06-22 22:00 - 011753944 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\rpc_client.dll
2018-08-13 02:16 - 2018-08-13 02:16 - 025278976 _____ () C:\Program Files\qBittorrent\qbittorrent.exe
2018-08-05 13:52 - 2018-09-18 12:05 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-08-16 22:59 - 2018-09-18 13:53 - 000043816 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2018-08-16 22:59 - 2015-05-08 14:26 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-12-15 00:39 - 2017-12-15 00:39 - 000087016 _____ () C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll
2018-06-21 14:17 - 2018-06-21 14:17 - 002093928 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2018-06-21 14:17 - 2018-06-21 14:17 - 000164200 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2017-03-15 18:08 - 2017-03-15 18:08 - 000732672 _____ () C:\Program Files (x86)\Adguard\brolib32.dll
2017-12-15 00:49 - 2017-12-15 00:49 - 000126952 _____ () C:\Program Files (x86)\VMware\VMware Workstation\expat.dll
2018-09-13 16:18 - 2018-09-07 17:35 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll
2018-09-13 16:18 - 2018-09-07 17:36 - 000179952 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll
2018-09-13 16:19 - 2018-08-01 17:01 - 000206576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativePhilipsHueWrapper.dll
2018-09-13 16:18 - 2018-09-07 17:36 - 000202480 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.PowerPlan.dll
2018-09-13 16:19 - 2018-09-07 05:13 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll
2018-09-13 16:18 - 2018-09-07 17:30 - 000354544 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AudioPlayer.dll
2018-09-13 16:18 - 2018-09-07 17:30 - 000135408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll
2018-09-13 16:19 - 2018-09-07 05:13 - 000086256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll
2018-09-13 16:18 - 2018-09-07 05:13 - 000342256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll
2018-09-13 16:19 - 2018-09-07 05:13 - 000258800 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_MappingTypesM.dll
2018-09-13 16:18 - 2018-09-07 17:35 - 002278128 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000300272 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Battery.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000595184 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DeviceStatus.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DriverMode.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Mapping.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000585968 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_MappingBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000548592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_OnboardMem.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000324848 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PollingRate.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000340208 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PowerManagement.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PowerSwitch.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000345840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Sensitivity.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000420592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalPixart.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SwapMouseButtons.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000300272 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Battery.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000595184 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DeviceStatus.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DriverMode.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Mapping.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000585968 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_MappingBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000548592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_OnboardMem.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000324848 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PollingRate.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000340208 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PowerManagement.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PowerSwitch.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000345840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Sensitivity.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000420592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalPixart.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SwapMouseButtons.dll
2018-09-13 16:19 - 2018-07-31 16:04 - 000595184 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DeviceStatus.dll
2018-09-13 16:19 - 2018-07-31 16:04 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DriverMode.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000056048 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_KeyboardKeys.dll
2017-10-18 10:57 - 2017-10-18 10:57 - 000407224 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3DevProps.dll
2018-09-07 17:49 - 2018-09-07 17:49 - 000359664 _____ () C:\Program Files (x86)\Razer\Synapse3\UserProcess\RSy3_AudioAppStreamsWrapper.dll
2018-08-10 17:37 - 2018-08-10 17:37 - 000098544 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_AudioMicPeakMeter.dll
2018-09-07 05:46 - 2018-09-07 05:46 - 000135408 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
2017-10-18 10:55 - 2017-10-18 10:55 - 000171704 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\CheckAPODaemon.dll
2017-10-18 10:57 - 2017-10-18 10:57 - 000367616 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2017-10-18 11:13 - 2017-10-18 11:13 - 000329912 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\DeviceRoutingDaemon.dll
2017-10-18 11:14 - 2017-10-18 11:14 - 000230400 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2017-10-18 11:14 - 2017-10-18 11:14 - 000321720 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\SonicStudio3SystrayDaemon.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001152696 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicCursor3DDaemonModule.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001198776 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicEnhancerDaemonModule.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001303736 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicRadarDaemonModule.dll
2017-10-18 11:05 - 2017-10-18 11:05 - 000489656 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicEnhancerAutomationDaemon.dll
2017-10-18 11:05 - 2017-10-18 11:05 - 000647352 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicSMProfileDaemonModule.dll
2017-10-18 11:06 - 2017-10-18 11:06 - 000619704 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicSMShortcutsDaemonModule.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001856184 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\SonicRadar3SystrayDaemon.dll
2017-10-18 10:57 - 2017-10-18 10:57 - 000246456 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3OSD.dll
2018-08-05 13:52 - 2018-09-18 12:05 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2018-08-05 13:52 - 2018-09-18 12:05 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2018-08-14 17:19 - 2018-08-07 11:11 - 005608848 ____N () C:\Users\Su\AppData\Local\1password\app\7\1password.dll
2018-09-12 19:28 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Su\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-09-12 19:28 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Su\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-09-12 19:28 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Su\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-09-02 13:54 - 2018-08-11 17:17 - 002252288 _____ () C:\Program Files (x86)\SRWare Iron\swiftshader\libglesv2.dll
2018-09-02 13:54 - 2018-08-11 17:16 - 000117248 _____ () C:\Program Files (x86)\SRWare Iron\swiftshader\libegl.dll
2018-09-12 19:29 - 2018-09-12 19:29 - 011321176 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-09-12 19:29 - 2018-09-13 16:17 - 001615704 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-09-12 19:29 - 2018-09-12 19:29 - 001910104 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-09-12 19:29 - 2018-09-12 19:29 - 000422744 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-09-12 19:29 - 2018-09-12 19:29 - 000145240 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-09-12 19:29 - 2018-09-12 19:29 - 000512856 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-09-12 19:29 - 2018-09-12 19:29 - 001641304 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-09-12 19:29 - 2018-09-12 19:29 - 001743704 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-09-12 19:29 - 2018-09-12 19:29 - 002722648 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-09-12 19:39 - 2018-09-13 08:16 - 001257816 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-09-12 19:39 - 2018-09-18 12:04 - 021754712 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-09-12 19:39 - 2018-09-12 19:39 - 002760536 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-09-12 19:39 - 2018-09-12 19:39 - 001249112 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [122]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12815280.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\20375942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12815280.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\20375942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-13 17:54 - 2018-09-18 13:12 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\Control Panel\Desktop\\Wallpaper -> d:\pm\wall os x\19170_en_1.jpg
DNS Servers: 176.103.130.130 - 176.103.130.131
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "errorlog.txt"
HKLM\...\StartupApproved\Run: => "vksts"
HKLM\...\StartupApproved\Run: => "HarmonyUserStartup"
HKLM\...\StartupApproved\Run: => "CsrHCRPServer"
HKLM\...\StartupApproved\Run: => "CsrAudioguiCtrl"
HKLM\...\StartupApproved\Run: => "CsrSyncMLServer"
HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "USB-Set"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe
FirewallRules: [TCP Query User{14B0F5C7-E454-45D5-8194-D4533AB2E33F}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{EE8BFDEF-700B-48A0-B3E4-CC495147405A}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
==================== Restore Points =========================
16-09-2018 00:18:12 Windows Modules Installer
16-09-2018 16:07:50 Checkpoint by HitmanPro
17-09-2018 01:55:35 Windows Modules Installer
17-09-2018 17:37:41 AA11
17-09-2018 17:51:42 McAfee Vulnerability Scanner
18-09-2018 13:22:27 Removed AdAwareUpdater.
18-09-2018 13:22:56 Removed AdAwareInstaller.
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: TAP-Windows Adapter V9 #2
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth Device (RFCOMM Protocol TDI) #2
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2018 01:29:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program msiexec.exe version 5.0.17134.228 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 544
Start Time: 01d44f18091a68a4
Termination Time: 4294967295
Application Path: C:\Windows\System32\msiexec.exe
Report Id: 0118904c-f917-4dd9-b22f-a4ccbc9ab235
Faulting package full name:
Faulting package-relative application ID:
Error: (09/18/2018 01:29:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.17134.165 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 304
Start Time: 01d44f18cbf2761b
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: c09a9f2d-2542-48d7-8959-3f3064f7cdf7
Faulting package full name:
Faulting package-relative application ID:
Error: (09/18/2018 01:28:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.17134.165 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4cf4
Start Time: 01d44f1830bd04aa
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 841d8a3c-6fc0-4f55-b520-09a961aa7d6f
Faulting package full name:
Faulting package-relative application ID:
Error: (09/18/2018 01:28:25 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-RHM3AKI)
Description: Product: AdAwareInstaller -- Error 1922. Service adaware antivirus service (adawareantivirusservice) could not be deleted. Verify that you have sufficient privileges to remove system services.
Error: (09/18/2018 01:24:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-RHM3AKI)
Description: Application or service 'Windows Explorer' could not be shut down.
Error: (09/18/2018 01:23:32 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-RHM3AKI)
Description: Application or service 'adaware antivirus service' could not be shut down.
Error: (09/18/2018 01:12:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (09/18/2018 01:12:10 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {e3b10041-b560-4278-ae99-0f4c63b9b4cb}
System errors:
=============
Error: (09/18/2018 01:55:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/18/2018 01:54:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-RHM3AKI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-RHM3AKI\Su SID (S-1-5-21-3916214333-3310981510-3962207731-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/18/2018 01:53:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-09-17 02:16:47.421
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1E2ED711-4DC3-43F5-B8D3-11A9A3453725}
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2018-09-16 17:23:52.821
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {517C0D27-4945-4D51-A0FF-5993A3B9D2AF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-16 14:51:13.617
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BA3924CA-15F4-4E0F-A68B-46465077E6D1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-14 22:57:45.429
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7ACB870C-3EFA-40BB-83C0-96F48DEA3896}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-12 20:20:21.723
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.B!cl&threatid=2147718514&enterprise=0
Name: Trojan:Win32/Fuery.B!cl
ID: 2147718514
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Su\AppData\Local\Temp\33A9.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Su\AppData\Roaming\ZHP\ZHPFix2.exe
Signature Version: AV: 1.275.1108.0, AS: 1.275.1108.0, NIS: 1.275.1108.0
Engine Version: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-17 02:26:17.011
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2018-09-16 00:28:49.851
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.1276.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070643
Error description: Fatal error during installation.
Date: 2018-09-07 17:17:40.007
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.852.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-08-25 22:30:24.874
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.155.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Date: 2018-08-25 22:20:23.544
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===================================
Date: 2018-09-18 13:56:03.703
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:56:03.700
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:55:26.494
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoaderX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-09-18 13:55:26.239
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoaderX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-09-18 13:53:48.728
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:53:48.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:53:48.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:53:47.810
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 16322.45 MB
Available physical RAM: 9369.87 MB
Total Virtual: 26562.45 MB
Available Virtual: 17430.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.34 GB) (Free:123 GB) NTFS
Drive d: (Data) (Fixed) (Total:3726.02 GB) (Free:1686.8 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:930.91 GB) (Free:129.22 GB) NTFS
Drive f: (AIO_UEFI) (Removable) (Total:29.42 GB) (Free:17.84 GB) FAT32
\\?\Volume{b3023c52-9b54-46d0-ab62-a884f62576c6}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
\\?\Volume{60d1b2c3-e230-4f46-b624-8ad7de3aca7e}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{f4b178aa-e594-4c27-9193-a1d6bd1bbab5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 078C078C)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 88A2E294)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 9CE9E907)
Partition: GPT.
========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 29.4 GB) (Disk ID: 78CCE934)
Partition 1: (Active) - (Size=29.4 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by Su (18-09-2018 13:58:50)
Running from C:\Users\Su\Desktop\virus
Windows 10 Pro Version 1803 17134.286 (X64) (2018-08-04 22:26:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3916214333-3310981510-3962207731-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3916214333-3310981510-3962207731-503 - Limited - Disabled)
Guest (S-1-5-21-3916214333-3310981510-3962207731-501 - Limited - Enabled)
sshd (S-1-5-21-3916214333-3310981510-3962207731-1004 - Limited - Enabled)
Su (S-1-5-21-3916214333-3310981510-3962207731-1001 - Administrator - Enabled) => C:\Users\Su
WDAGUtilityAccount (S-1-5-21-3916214333-3310981510-3962207731-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
0patch Agent (HKLM-x32\...\{A2798643-A794-4CE4-848B-1DEC6224347D}) (Version: 0.1 - 0patch)
1Password (HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\{507707B9-C68C-4986-A4AD-F25B24C152FA}_is1) (Version: 7.2.576 - AgileBits Inc.)
AdAwareInstaller (HKLM\...\{D71AA032-DA32-45E0-BF33-B0C1D0B36D63}) (Version: 12.4.930.11587 - adaware) Hidden
AdGuard (HKLM-x32\...\{1d7ee810-0b6a-4cf5-8e22-8905eb4734e1}) (Version: 6.3.1399.4073 - Adguard Software Ltd)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 6.3.1399.4073 - Adguard Software Ltd) Hidden
AntimalwareEngine (HKLM\...\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}) (Version: 3.0.160.0 - adaware) Hidden
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Asus ApoDispatchConfigurator (HKLM\...\{4FEB3307-A0EF-4385-9C8F-4B4C1503311C}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus AudioCaptureNotificationConfigurator (HKLM\...\{04C5CE55-7F32-4D2D-AEA2-FDC03E8F65CC}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus DeviceRoutingConfigurator (HKLM\...\{AC306567-A1B7-4208-8FED-97CF535050BC}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus NahimicSettingsConfigurator (HKLM\...\{B850C58A-ACF3-4FD3-B72D-8D668D6FEED2}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.2001 - ASUSTeK COMPUTER INC) Hidden
Asus ProfileSwitcherCleanup (HKLM\...\{CBBACC80-97A1-421D-8D18-DC4E1CD6C950}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{03578a87-5019-45bd-995a-0f27d579a180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC)
Asus Sonic Studio 3 (HKLM-x32\...\{31ef8b8e-8686-4b42-a8f9-71206319efdf}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC)
Asus SonicMapperConfigurator (HKLM\...\{A37684FD-2AA6-4B0F-BAC3-97E7DFFC6C2E}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Asus SonicRadar3Setup (HKLM\...\{E71A86BF-6EA5-42D2-A735-F41C603FB180}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Asus SonicStudio3Setup (HKLM\...\{D027E5BB-DDAE-4CD9-A030-B3C0EF5FB602}) (Version: 3.6.20.45572 - ASUSTeK COMPUTER INC) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.56.37170 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.8 - The GnuPG Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Gpg4win (3.1.2) (HKLM-x32\...\Gpg4win) (Version: 3.1.2 - The Gpg4win Project)
Hỗ trợ Ứng dụng Apple (32 bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Hỗ trợ Ứng dụng Apple (64 bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
iTunes (HKLM\...\{B3D0D1BD-A6AA-4079-B218-B31036D474F4}) (Version: 12.9.0.167 - Apple Inc.)
LastPass (chỉ gỡ bỏ) (HKLM-x32\...\LastPass) (Version: - LastPass)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.8.15665 - McAfee, Inc.)
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R12 - McAfee, Inc.)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NiceHash Miner 2 0.2.6 (only current user) (HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\08059810-bc78-5c10-942c-2092eebb5ec8) (Version: 0.2.6 - NiceHash d.o.o)
NVIDIA 3D Vision Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
qBittorrent 4.1.2 (HKLM-x32\...\qBittorrent) (Version: 4.1.2 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.3.0816.090718 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8273 - Realtek Semiconductor Corp.)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SRWare Iron version 68.0.3550.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 68.0.3550.0 - SRWare)
VietPN 1.3 (HKLM-x32\...\VietPN) (Version: 1.3 - )
VMware Workstation (HKLM\...\{C59B3A41-789E-42A0-9902-688CFA7F47E3}) (Version: 14.1.0 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2018-06-17] (g10 Code GmbH)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-05-08] (McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2017-12-15] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2017-12-15] (VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2018-06-17] (g10 Code GmbH)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-05-08] (McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {15E06AB8-0A5A-4322-A9EF-DBC06862D9E3} - \S-1-5-21-3916214333-3310981510-3962207731-1001\DataSenseLiveTileTask -> No File <==== ATTENTION
Task: {337BA0FA-71CE-4A98-867D-3C2014660322} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2018-02-28] (McAfee, Inc.)
Task: {3960164D-0404-4735-953F-F12A66A42C1E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3BA6F6AF-C3F5-461D-93C5-0C88566F491A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {3C6A321C-E460-4720-BB8B-A3C6987BF687} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {3C905F18-ECF3-4528-9C50-A66368E82806} - System32\Tasks\McInstruTrack => C:\ProgramData\McAfee\McInstruTrack\McInstruTrack.exe [2018-06-19] (McAfee, Inc.)
Task: {62E94FCA-1223-4802-B89D-C9F28D686B43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7947185D-D761-4131-8344-5F89814C630D} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-05-04] (McAfee, Inc.)
Task: {8330FC45-CDDE-4E55-A9AC-FB588B79D9B0} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A65F02FD-E734-487A-897A-F616A8201CF3} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
Task: {B257C8B4-A437-4E27-920C-AD14875BA8EF} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {C8054577-FC39-449E-8558-F0CA1631DCCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {E361CAE1-6F3D-423E-A7EE-EC43F9356D59} - \SS3svc32Run -> No File <==== ATTENTION
Task: {E62F8D7D-F259-4810-9224-8B23773E0DA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {F2A158B2-13A0-4C5F-BB02-DF8F1115B724} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-05] (Microsoft Corporation)
Task: {F4C7D3D1-5711-4D95-B08E-ADBD2B36C651} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.178\DADUpdater.exe [2018-09-18] (McAfee, Inc.)
Task: {FD29F71C-D009-493F-96D0-B3C23AFDD342} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {FE99F354-C807-4B8A-A462-4D0D1C9063AF} - \SS3svc64Run -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Su\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\SRWare Iron.lnk -> C:\Program Files (x86)\SRWare Iron\chrome.exe (SRWare) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2018-08-16 22:59 - 2015-05-08 14:26 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2018-08-22 22:18 - 2018-08-22 22:18 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-09-13 15:26 - 2018-07-24 12:32 - 002681424 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-22 21:56 - 2018-06-22 21:56 - 000587832 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareService.exe
2018-06-22 22:00 - 2018-06-22 22:00 - 000125400 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_thread-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000032728 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_system-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000067544 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_date_time-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000147416 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_filesystem-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000790488 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_log-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000526296 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_locale-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000039896 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_chrono-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 011660248 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\rpc_server.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003717592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\RCF.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001024472 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_regex-vc140-mt-1_65_1.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001228760 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareActivation.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 002846680 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareApplicationUpdater.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000861656 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareGamingMode.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000123352 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareReset.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000145368 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareTime.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001049048 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareDefinitionsUpdater.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 000926680 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareDefinitionsUpdaterScheduler.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001466328 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareIgnoreList.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000312792 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareQuarantine.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001732568 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAntiMalwareEngine.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001229272 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareScannerHistory.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001574872 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareScanner.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000039384 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_timer-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001052632 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareScannerScheduler.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001195992 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareRealTimeProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003638744 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareIncompatibles.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001598424 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAntiSpam.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001531864 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAntiPhishing.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003574232 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareParentalControl.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003656152 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareWebProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001683416 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareEmailProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000072664 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\boost_iostreams-vc140-mt-1_65_1.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001789912 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareNetworkProtection.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001220568 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwarePromo.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000479192 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareFeedback.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 003230168 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareThreatWorkAlliance.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000720344 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwarePinCode.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001221592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareNotice.dll
2018-06-22 21:59 - 2018-06-22 21:59 - 001674200 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareAvcEngine.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 001494488 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareRealTimeProtectionHistory.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 000845272 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareStatistics.dll
2018-08-16 22:59 - 2014-04-24 14:29 - 001360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-12-15 00:49 - 2017-12-15 00:49 - 014346216 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2018-09-07 17:38 - 2018-09-07 17:38 - 000284400 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
2018-04-06 18:05 - 2018-04-06 18:05 - 000896136 _____ () C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPMsgBusDLL.dll
2018-09-07 17:49 - 2018-09-07 17:49 - 000302832 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\..\UserProcess\Razer Synapse Service Process.exe
2018-09-07 05:49 - 2018-09-07 05:49 - 000450288 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
2018-04-12 06:34 - 2018-04-12 06:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 11:01 - 2017-10-18 11:01 - 000485560 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3DevProps.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 06:34 - 2018-04-12 06:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-16 22:59 - 2017-10-19 02:56 - 000105304 _____ () C:\WINDOWS\SYSTEM32\audioLibVc.dll
2017-10-18 11:17 - 2017-10-18 11:17 - 000175288 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\x64\SonicStudio3SystrayDaemon.dll
2017-10-18 11:11 - 2017-10-18 11:11 - 001697976 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\x64\SonicRadar3SystrayDaemon.dll
2017-10-18 11:01 - 2017-10-18 11:01 - 000285880 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3OSD.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-06-22 22:00 - 2018-06-22 22:00 - 004749784 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\AdAwareTray.exe
2018-06-22 22:00 - 2018-06-22 22:00 - 011753944 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.4.930.11587\rpc_client.dll
2018-08-13 02:16 - 2018-08-13 02:16 - 025278976 _____ () C:\Program Files\qBittorrent\qbittorrent.exe
2018-08-05 13:52 - 2018-09-18 12:05 - 000021824 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2018-08-16 22:59 - 2018-09-18 13:53 - 000043816 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2018-08-16 22:59 - 2015-05-08 14:26 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-12-15 00:39 - 2017-12-15 00:39 - 000087016 _____ () C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll
2018-06-21 14:17 - 2018-06-21 14:17 - 002093928 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2018-06-21 14:17 - 2018-06-21 14:17 - 000164200 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2017-03-15 18:08 - 2017-03-15 18:08 - 000732672 _____ () C:\Program Files (x86)\Adguard\brolib32.dll
2017-12-15 00:49 - 2017-12-15 00:49 - 000126952 _____ () C:\Program Files (x86)\VMware\VMware Workstation\expat.dll
2018-09-13 16:18 - 2018-09-07 17:35 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll
2018-09-13 16:18 - 2018-09-07 17:36 - 000179952 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll
2018-09-13 16:19 - 2018-08-01 17:01 - 000206576 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativePhilipsHueWrapper.dll
2018-09-13 16:18 - 2018-09-07 17:36 - 000202480 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.PowerPlan.dll
2018-09-13 16:19 - 2018-09-07 05:13 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll
2018-09-13 16:18 - 2018-09-07 17:30 - 000354544 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AudioPlayer.dll
2018-09-13 16:18 - 2018-09-07 17:30 - 000135408 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll
2018-09-13 16:19 - 2018-09-07 05:13 - 000086256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll
2018-09-13 16:18 - 2018-09-07 05:13 - 000342256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll
2018-09-13 16:19 - 2018-09-07 05:13 - 000258800 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_MappingTypesM.dll
2018-09-13 16:18 - 2018-09-07 17:35 - 002278128 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000300272 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Battery.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000595184 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DeviceStatus.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_DriverMode.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Mapping.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000585968 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_MappingBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000548592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_OnboardMem.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000324848 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PollingRate.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000340208 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PowerManagement.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_PowerSwitch.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000345840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_Sensitivity.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000420592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SurfaceCalPixart.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_SwapMouseButtons.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000300272 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Battery.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000595184 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DeviceStatus.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_DriverMode.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000150768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Mapping.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000585968 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_MappingBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000548592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_OnboardMem.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000324848 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PollingRate.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000340208 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PowerManagement.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_PowerSwitch.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000345840 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_Sensitivity.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000420592 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalBaseM.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000086768 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SurfaceCalPixart.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000301808 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\AtherisBLE\Bin\RSy3_SwapMouseButtons.dll
2018-09-13 16:19 - 2018-07-31 16:04 - 000595184 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DeviceStatus.dll
2018-09-13 16:19 - 2018-07-31 16:04 - 000299760 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Philips Hue\Bin\RSy3_DriverMode.dll
2018-09-13 16:19 - 2018-08-06 23:01 - 000056048 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Devices\Atheris\Bin\RSy3_KeyboardKeys.dll
2017-10-18 10:57 - 2017-10-18 10:57 - 000407224 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3DevProps.dll
2018-09-07 17:49 - 2018-09-07 17:49 - 000359664 _____ () C:\Program Files (x86)\Razer\Synapse3\UserProcess\RSy3_AudioAppStreamsWrapper.dll
2018-08-10 17:37 - 2018-08-10 17:37 - 000098544 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_AudioMicPeakMeter.dll
2018-09-07 05:46 - 2018-09-07 05:46 - 000135408 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2018-07-28 07:29 - 2018-07-28 07:31 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
2017-10-18 10:55 - 2017-10-18 10:55 - 000171704 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\CheckAPODaemon.dll
2017-10-18 10:57 - 2017-10-18 10:57 - 000367616 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2017-10-18 11:13 - 2017-10-18 11:13 - 000329912 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\DeviceRoutingDaemon.dll
2017-10-18 11:14 - 2017-10-18 11:14 - 000230400 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2017-10-18 11:14 - 2017-10-18 11:14 - 000321720 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\SonicStudio3SystrayDaemon.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001152696 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicCursor3DDaemonModule.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001198776 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicEnhancerDaemonModule.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001303736 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicRadarDaemonModule.dll
2017-10-18 11:05 - 2017-10-18 11:05 - 000489656 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicEnhancerAutomationDaemon.dll
2017-10-18 11:05 - 2017-10-18 11:05 - 000647352 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicSMProfileDaemonModule.dll
2017-10-18 11:06 - 2017-10-18 11:06 - 000619704 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\DynamicSMShortcutsDaemonModule.dll
2017-10-18 11:07 - 2017-10-18 11:07 - 001856184 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Radar 3\SonicRadar3SystrayDaemon.dll
2017-10-18 10:57 - 2017-10-18 10:57 - 000246456 _____ () C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3OSD.dll
2018-08-05 13:52 - 2018-09-18 12:05 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2018-08-05 13:52 - 2018-09-18 12:05 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2018-08-14 17:19 - 2018-08-07 11:11 - 005608848 ____N () C:\Users\Su\AppData\Local\1password\app\7\1password.dll
2018-09-12 19:28 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Su\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-09-12 19:28 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Su\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-09-12 19:28 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Su\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-09-02 13:54 - 2018-08-11 17:17 - 002252288 _____ () C:\Program Files (x86)\SRWare Iron\swiftshader\libglesv2.dll
2018-09-02 13:54 - 2018-08-11 17:16 - 000117248 _____ () C:\Program Files (x86)\SRWare Iron\swiftshader\libegl.dll
2018-09-12 19:29 - 2018-09-12 19:29 - 011321176 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-09-12 19:29 - 2018-09-13 16:17 - 001615704 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-09-12 19:29 - 2018-09-12 19:29 - 001910104 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-09-12 19:29 - 2018-09-12 19:29 - 000422744 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-09-12 19:29 - 2018-09-12 19:29 - 000145240 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-09-12 19:29 - 2018-09-12 19:29 - 000512856 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-09-12 19:29 - 2018-09-12 19:29 - 001641304 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-09-12 19:29 - 2018-09-12 19:29 - 001743704 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-09-12 19:29 - 2018-09-12 19:29 - 002722648 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-09-12 19:39 - 2018-09-13 08:16 - 001257816 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-09-12 19:39 - 2018-09-18 12:04 - 021754712 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-09-12 19:39 - 2018-09-12 19:39 - 002760536 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-09-12 19:39 - 2018-09-12 19:39 - 001249112 _____ () \\?\C:\Users\Su\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [122]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12815280.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\20375942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12815280.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\20375942.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-13 17:54 - 2018-09-18 13:12 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3916214333-3310981510-3962207731-1001\Control Panel\Desktop\\Wallpaper -> d:\pm\wall os x\19170_en_1.jpg
DNS Servers: 176.103.130.130 - 176.103.130.131
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "errorlog.txt"
HKLM\...\StartupApproved\Run: => "vksts"
HKLM\...\StartupApproved\Run: => "HarmonyUserStartup"
HKLM\...\StartupApproved\Run: => "CsrHCRPServer"
HKLM\...\StartupApproved\Run: => "CsrAudioguiCtrl"
HKLM\...\StartupApproved\Run: => "CsrSyncMLServer"
HKLM\...\StartupApproved\Run: => "CSRHarmonySkypePlugin"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "USB-Set"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe
FirewallRules: [TCP Query User{14B0F5C7-E454-45D5-8194-D4533AB2E33F}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{EE8BFDEF-700B-48A0-B3E4-CC495147405A}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
==================== Restore Points =========================
16-09-2018 00:18:12 Windows Modules Installer
16-09-2018 16:07:50 Checkpoint by HitmanPro
17-09-2018 01:55:35 Windows Modules Installer
17-09-2018 17:37:41 AA11
17-09-2018 17:51:42 McAfee Vulnerability Scanner
18-09-2018 13:22:27 Removed AdAwareUpdater.
18-09-2018 13:22:56 Removed AdAwareInstaller.
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: TAP-Windows Adapter V9 #2
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth Device (RFCOMM Protocol TDI) #2
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2018 01:29:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program msiexec.exe version 5.0.17134.228 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 544
Start Time: 01d44f18091a68a4
Termination Time: 4294967295
Application Path: C:\Windows\System32\msiexec.exe
Report Id: 0118904c-f917-4dd9-b22f-a4ccbc9ab235
Faulting package full name:
Faulting package-relative application ID:
Error: (09/18/2018 01:29:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.17134.165 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 304
Start Time: 01d44f18cbf2761b
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: c09a9f2d-2542-48d7-8959-3f3064f7cdf7
Faulting package full name:
Faulting package-relative application ID:
Error: (09/18/2018 01:28:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.17134.165 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4cf4
Start Time: 01d44f1830bd04aa
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 841d8a3c-6fc0-4f55-b520-09a961aa7d6f
Faulting package full name:
Faulting package-relative application ID:
Error: (09/18/2018 01:28:25 PM) (Source: MsiInstaller) (EventID: 11922) (User: DESKTOP-RHM3AKI)
Description: Product: AdAwareInstaller -- Error 1922. Service adaware antivirus service (adawareantivirusservice) could not be deleted. Verify that you have sufficient privileges to remove system services.
Error: (09/18/2018 01:24:07 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-RHM3AKI)
Description: Application or service 'Windows Explorer' could not be shut down.
Error: (09/18/2018 01:23:32 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-RHM3AKI)
Description: Application or service 'adaware antivirus service' could not be shut down.
Error: (09/18/2018 01:12:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (09/18/2018 01:12:10 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {e3b10041-b560-4278-ae99-0f4c63b9b4cb}
System errors:
=============
Error: (09/18/2018 01:55:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/18/2018 01:54:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-RHM3AKI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-RHM3AKI\Su SID (S-1-5-21-3916214333-3310981510-3962207731-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/18/2018 01:53:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:33 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Error: (09/18/2018 01:53:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RHM3AKI)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-09-17 02:16:47.421
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1E2ED711-4DC3-43F5-B8D3-11A9A3453725}
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2018-09-16 17:23:52.821
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {517C0D27-4945-4D51-A0FF-5993A3B9D2AF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-16 14:51:13.617
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BA3924CA-15F4-4E0F-A68B-46465077E6D1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-14 22:57:45.429
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7ACB870C-3EFA-40BB-83C0-96F48DEA3896}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-12 20:20:21.723
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Fuery.B!cl&threatid=2147718514&enterprise=0
Name: Trojan:Win32/Fuery.B!cl
ID: 2147718514
Severity: Severe
Category: Trojan
Path: file:_C:\Users\Su\AppData\Local\Temp\33A9.tmp
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\Su\AppData\Roaming\ZHP\ZHPFix2.exe
Signature Version: AV: 1.275.1108.0, AS: 1.275.1108.0, NIS: 1.275.1108.0
Engine Version: AM: 1.1.15200.1, NIS: 1.1.15200.1
Date: 2018-09-17 02:26:17.011
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2018-09-16 00:28:49.851
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.1276.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070643
Error description: Fatal error during installation.
Date: 2018-09-07 17:17:40.007
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.852.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-08-25 22:30:24.874
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.155.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Date: 2018-08-25 22:20:23.544
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
CodeIntegrity:
===================================
Date: 2018-09-18 13:56:03.703
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:56:03.700
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume8\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:55:26.494
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoaderX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-09-18 13:55:26.239
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoaderX64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-09-18 13:53:48.728
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:53:48.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:53:48.198
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
Date: 2018-09-18 13:53:47.810
Description:
Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume8\Program Files (x86)\0patch\Agent\0patchLoader.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 16322.45 MB
Available physical RAM: 9369.87 MB
Total Virtual: 26562.45 MB
Available Virtual: 17430.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.34 GB) (Free:123 GB) NTFS
Drive d: (Data) (Fixed) (Total:3726.02 GB) (Free:1686.8 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:930.91 GB) (Free:129.22 GB) NTFS
Drive f: (AIO_UEFI) (Removable) (Total:29.42 GB) (Free:17.84 GB) FAT32
\\?\Volume{b3023c52-9b54-46d0-ab62-a884f62576c6}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS
\\?\Volume{60d1b2c3-e230-4f46-b624-8ad7de3aca7e}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{f4b178aa-e594-4c27-9193-a1d6bd1bbab5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 078C078C)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 88A2E294)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 9CE9E907)
Partition: GPT.
========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 29.4 GB) (Disk ID: 78CCE934)
Partition 1: (Active) - (Size=29.4 GB) - (Type=0C)
==================== End of Addition.txt ============================