Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021 Ran by mike (01-09-2021 15:34:47) Running from C:\Users\mikem\Desktop Windows 10 Pro Version 21H1 19043.1165 (X64) (2020-12-18 17:56:15) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) admin (S-1-5-21-3200273941-2670340362-4195434088-1003 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-3200273941-2670340362-4195434088-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3200273941-2670340362-4195434088-503 - Limited - Disabled) Guest (S-1-5-21-3200273941-2670340362-4195434088-501 - Limited - Disabled) Kerstin (S-1-5-21-3200273941-2670340362-4195434088-1013 - Limited - Enabled) mikem (S-1-5-21-3200273941-2670340362-4195434088-1000 - Administrator - Enabled) mpmm (S-1-5-21-3200273941-2670340362-4195434088-1005 - Administrator - Enabled) => C:\Users\mpmm mpmm_a21rhkv (S-1-5-21-3200273941-2670340362-4195434088-1014 - Administrator - Enabled) => C:\Users\mpmm_a21rhkv WDAGUtilityAccount (S-1-5-21-3200273941-2670340362-4195434088-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acronis True Image for Western Digital (HKLM-x32\...\{1E085CBE-D1B4-48E2-BCDE-7DB45886E7B1}) (Version: 24.0.34190 - Acronis) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) AO Tennis 2 (HKLM-x32\...\{DDCF1227-1C1A-4931-B467-E62E3078A091}) (Version: 1.0.0.31 - Bigben Interactive) Apple Application Support (32-bit) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) Bode Miller Alpine Skiing (HKLM-x32\...\{94FC1D16-0D5D-4FA6-A3D8-61B503F67A7A}) (Version: 1.0.0.0 - Masque Publishing) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden Brother IPPoverUSB Driver (HKLM-x32\...\{36DAA671-6347-495C-B816-6FB782430D8A}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden Brother Printer Driver (HKLM-x32\...\{6D33FF09-043C-45A6-A3E5-5DDBF686AC4E}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden Cisco Webex Meetings (HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\ActiveTouchMeetingClient) (Version: 40.10.3 - Cisco Webex LLC) Client Connector for Windows Server Essentials (HKLM\...\{563CB0AF-E0B5-42B1-AB42-8E6964349900}) (Version: 6.2.9805.10 - Microsoft Corporation) Convertilla 0.7 (HKLM-x32\...\Convertilla_is1) (Version: 0.7.1.37 - Convertilla) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Direct Key (HKLM-x32\...\{71A234EA-4CBA-46E7-B81D-4C2AF8BCD6E2}) (Version: 1.6.3 - Dell) Dell OS Recovery Tool (HKLM-x32\...\{1d0f6ac3-7e12-43a6-9e10-42f0104b36fb}) (Version: 2.3.6056 - Dell Inc.) Dell OS Recovery Tool (HKLM-x32\...\{683CBC26-004C-41FA-ADBC-81C3FDD2E0F2}) (Version: 2.3.6056.0 - Dell) Hidden Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Electrum (HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\Electrum) (Version: 4.1.4 - Electrum Technologies GmbH) ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - ) FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.57.57320 - Electronic Arts) FIFA 20 (HKLM-x32\...\{9EC414D8-8C49-4310-BCC7-C72AB0776F4C}) (Version: 1.0.66.8249 - Electronic Arts) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 50.0.11.0 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Icecream Screen Recorder version 6.21 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 6.21 - Icecream Apps) iCloud Outlook (HKLM\...\{696A65CA-2720-4D0D-A255-78123E9AC856}) (Version: 11.2.0.18 - Apple Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.6.60 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{3fa11c9d-9f7f-4020-bcef-dbf9c9fe309f}) (Version: 20.7.26.7 - Intel) Intel® Driver & Support Assistant (HKLM-x32\...\{41112465-3c4f-42bb-9a61-39f7f509f8f8}) (Version: 20.4.17.5 - Intel) Intel® Driver & Support Assistant (HKLM-x32\...\{6f8c45f4-0319-451f-a65b-8efccc93e4db}) (Version: 20.8.30.5 - Intel) iTunes (HKLM\...\{298FB192-1160-4551-BB70-1D2442DA9777}) (Version: 12.11.4.15 - Apple Inc.) Madden NFL 08 (HKLM-x32\...\{A3BC1DBD-64D6-4EBC-0091-24C811662D40}) (Version: - Electronic Arts) Madden NFL 20 (HKLM-x32\...\{1f42e79a-26a2-4462-9254-fdc0b56f1443}) (Version: 1.0.53.61468 - Electronic Arts) Madden NFL 21 (HKLM-x32\...\{01022C15-AD1D-4808-8137-16CB9ADB6530}) (Version: 1.0.56.40921 - Electronic Arts) Madden NFL 22 (HKLM-x32\...\{02CDEE4B-868F-429E-80F8-48C204727DF4}) (Version: 1.0.59.14349 - Electronic Arts) Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.84 - Microsoft Corporation) Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3200273941-2670340362-4195434088-1014\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Power Query for Excel (HKLM-x32\...\{188A72BC-39E4-4FFE-923A-31C5A7647350}) (Version: 2.50.4859.281 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation) Microsoft Virtual Machine Converter (HKLM\...\{332C1E78-1D2F-4A64-B718-68095DC6254B}) (Version: 3.1.0.0 - Microsoft Corporation) Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{85317F07-8719-36EF-B19E-B196F383D0F3}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 91.0.2 (x64 en-US)) (Version: 91.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla) Neon 2.2.1 (only current user) (HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 2.2.1 - Ethan Fast) NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 471.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.96 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.103.48818 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden paint.net (HKLM\...\{1A59F8A6-6AB4-4522-9340-F420B9155A31}) (Version: 4.2.16 - dotPDN LLC) PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.72.410.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8899.1 - Realtek Semiconductor Corp.) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.9.0 - Electronic Arts, Inc.) STAR WARS Jedi: Fallen Order™ Deluxe Upgrade (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}_SWJFODeluxe) (Version: 1.0.0.0 - Electronic Arts, Inc.) StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft) UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden Virtualdub FFMpeg Input Plugin (HKLM-x32\...\{F26A7CD7-C187-45DB-A790-C1C103A03C2F}_is1) (Version: 1.9.0.4 - Karl Pritchett) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) WD Backup (HKLM-x32\...\{2d518703-86c4-46c8-99c1-f3789dd3ecd0}) (Version: 1.9.7435.38388 - Western Digital Technologies, Inc.) WD Backup (HKLM-x32\...\{5491B486-8812-4202-AB8C-865AB636ACF0}) (Version: 1.9.7435.38388 - Western Digital Technologies, Inc) Hidden WD Desktop App 2.1.0.322 (HKLM-x32\...\{9478cae3-730b-4ffe-b22b-ae8b7787f5d5}) (Version: 2.1.0.322 - Western Digital Corporation) Hidden WD Desktop App 2.1.0.322 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.322 - Western Digital Corporation) Hidden WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.3.336 - Western Digital Technologies, Inc.) WD Drive Utilities (HKLM-x32\...\{3CF15262-0E5C-4BFE-AA93-D611E8F18D71}) (Version: 2.0.0.76 - Western Digital Technologies, Inc.) Hidden WD Drive Utilities (HKLM-x32\...\{f7fe19a0-12b9-4318-95fd-0579f21114f0}) (Version: 2.0.0.76 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{4EA8640B-DEB6-478F-BDAC-F4BCBEEFAFAB}) (Version: 2.4.21.1 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{327CA54B-8D15-4BE2-A4D2-868194BF7B97}) (Version: 2.0.0.76 - Western Digital Technologies, Inc.) Hidden WD Security (HKLM-x32\...\{9629d8ce-7cc4-4142-b7f8-2c003f1c6613}) (Version: 2.0.0.76 - Western Digital Technologies, Inc.) WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden WD SmartWare (HKLM\...\{798354C0-D5F2-4A43-ADEE-3DA9B1725ECC}) (Version: 2.4.21.1 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{5be946d0-7ba1-41b6-808a-0e7f2b7cb4a8}) (Version: 2.4.21.1 - Western Digital Technologies, Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA) WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) Packages: ========= Dropbox for S mode -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96 [2020-08-03] (Dropbox Inc.) HEVC Video Extensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_1.0.41531.0_x64__8wekyb3d8bbwe [2021-06-30] (Microsoft Corporation) Hitting the Road -> C:\Program Files\WindowsApps\Microsoft.HittingtheRoad_1.0.0.0_neutral__8wekyb3d8bbwe [2021-08-28] (Microsoft Corporation) iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa [2021-08-19] (Apple Inc.) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-11] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-07] (Microsoft Studios) [MS Ad] MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-31] (NVIDIA Corp.) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-16] (Microsoft Corporation) Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2107.16004.0_x64__8wekyb3d8bbwe [2021-08-13] (Microsoft Corporation) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-08-21] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-413578968-4127535815-2662069183-1116_Classes\CLSID\{6E880369-27C7-43B7-BF91-C9F9E18A2870} -> [iCloud Drive] => C:\Users\mikem\iCloudDrive [2020-07-23 04:29] SSODL: WDFSMountNotificator-wdfsconnect2017 - {F624FB69-FC91-4FC7-91FD-F7F78364CA8B} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed] SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {F624FB69-FC91-4FC7-91FD-F7F78364CA8B} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed] ShellServiceObjects: Virtual Storage Mount Notification -> {F624FB69-FC91-4FC7-91FD-F7F78364CA8B} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed] ShellServiceObjects-x32: Virtual Storage Mount Notification -> {F624FB69-FC91-4FC7-91FD-F7F78364CA8B} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed] ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_0_34190.dll [2020-11-20] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_0_34190.dll [2020-11-20] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_0_34190.dll [2020-11-20] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_0_34190.dll [2020-11-20] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2018-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) ContextMenuHandlers1: [WDDesktopContextMenu] -> {f351d8c9-ff13-3519-92fa-763cce46b27b} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2018-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-25] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [WDDesktopContextMenu] -> {f351d8c9-ff13-3519-92fa-763cce46b27b} => C:\Program Files\WD Desktop App\kda.DLL [2021-07-26] (Western Digital Technologies, Inc. -> Western Digital Corporation) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b8346c359fcd6093\nvshext.dll [2021-08-28] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-25] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2018-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [File not signed] ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [255488 2011-05-30] () [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2014-09-29] () [File not signed] HKLM\...\Drivers32: [vidc.x264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () [File not signed] HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\mikem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Facebook.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=celnaknmndcdcjcagffhbhciignkeokb ShortcutWithArgument: C:\Users\mikem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2004-08-24 14:55 - 2004-08-24 14:55 - 000126976 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\asneu.dll 2005-03-22 03:29 - 2005-03-22 03:29 - 003366912 _____ (Adobe Systems Incorporated) [File not signed] [File is in use] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\Adobe Photoshop Only\Automate\ScriptingSupport.8li 2005-03-16 18:16 - 2005-03-16 18:16 - 004313088 _____ (Adobe Systems Incorporated) [File not signed] [File is in use] C:\Program Files (x86)\Common Files\Adobe\Plug-Ins\CS2\File Formats\Camera Raw.8BI 2005-03-09 03:07 - 2005-03-09 03:07 - 000630784 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\ACE.dll 2005-03-03 14:39 - 2005-03-03 14:39 - 000425984 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\AdobeUpdater.dll 2005-03-09 03:17 - 2005-03-09 03:17 - 000475136 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\AdobeXMP.dll 2005-03-13 11:01 - 2005-03-13 11:01 - 001805824 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\AGM.dll 2005-03-09 03:32 - 2005-03-09 03:32 - 000151552 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\AXE8SharedExpat.dll 2005-03-09 03:07 - 2005-03-09 03:07 - 000180224 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\BIB.dll 2005-03-09 03:07 - 2005-03-09 03:07 - 000217088 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\BIBUtils.dll 2005-03-09 03:07 - 2005-03-09 03:07 - 002162688 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\CoolType.dll 2005-01-18 11:31 - 2005-01-18 11:31 - 000114688 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\epic_pers.dll 2005-01-19 13:31 - 2005-01-19 13:31 - 000155648 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\epic_regs.dll 2005-01-12 13:23 - 2005-01-12 13:23 - 000180224 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\pdfsettings.dll 2005-02-23 11:32 - 2005-02-23 11:32 - 001327104 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Required\ADMPlugin.apl 2004-06-16 13:45 - 2004-06-16 13:45 - 000147456 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Required\ASDataStream.apl 2004-06-16 13:50 - 2004-06-16 13:50 - 000069632 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Required\PNGIcons.apl 2005-03-22 02:16 - 2005-03-22 02:16 - 000035840 _____ (Adobe Systems, Incorporated) [File not signed] [File is in use] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\Extensions\FastCore.8BX 2005-03-22 02:18 - 2005-03-22 02:18 - 000212992 _____ (Adobe Systems, Incorporated) [File not signed] [File is in use] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\Extensions\MMXCore.8BX 2005-03-22 02:20 - 2005-03-22 02:20 - 000204800 _____ (Adobe Systems, Incorporated) [File not signed] [File is in use] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\Extensions\MultiProcessor Support.8BX 2005-03-22 02:48 - 2005-03-22 02:48 - 001323008 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.dll 2005-03-22 02:13 - 2005-03-22 02:13 - 000041984 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\PLUGIN.dll 2005-03-22 02:48 - 2005-03-22 02:48 - 002142208 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\PSArt.dll 2005-03-22 02:48 - 2005-03-22 02:48 - 001748992 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\PSViews.dll 2005-03-22 02:43 - 2005-03-22 02:43 - 000011776 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Tw10122.dat 2005-03-08 06:23 - 2005-03-08 06:23 - 004153344 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\VersionCue.dll 2005-03-08 06:23 - 2005-03-08 06:23 - 003170304 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\versioncueui.dll 2009-07-13 20:20 - 2009-07-13 20:40 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL 2018-10-29 17:33 - 2009-07-13 20:40 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL 2020-04-23 23:12 - 2016-02-26 11:13 - 001845760 _____ (Intel) [File not signed] [File is in use] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\IntelTextureWorks.8bi 2003-05-08 17:34 - 2003-05-08 17:34 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\MSVCP71.dll 2003-05-08 17:32 - 2003-05-08 17:32 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\MSVCR71.dll 2020-04-23 17:07 - 2013-01-09 17:49 - 000803840 _____ (NVIDIA) [File not signed] [File is in use] C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Plug-Ins\File Formats\dds_old.8bi 2018-05-23 11:02 - 2018-05-23 11:02 - 001006080 ____R (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll 2021-09-01 13:20 - 2020-05-06 14:53 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-09-01 13:20 - 2020-05-06 14:54 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2021-09-01 13:20 - 2020-05-06 14:53 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-09-01 13:20 - 2020-05-06 14:54 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-09-01 13:20 - 2020-05-06 14:54 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-09-01 13:20 - 2020-05-06 14:54 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-09-01 13:20 - 2020-05-06 14:54 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-09-01 13:20 - 2020-05-06 14:54 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-09-01 13:20 - 2020-05-06 14:54 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll 2019-12-10 17:33 - 2019-09-23 22:51 - 000255488 _____ (www.startisback.com) [File not signed] C:\OldNewExplorer\OldNewExplorer32.dll 2019-12-10 17:33 - 2019-09-23 22:51 - 000261632 _____ (www.startisback.com) [File not signed] C:\OldNewExplorer\OldNewExplorer64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-413578968-4127535815-2662069183-1116\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => scrfile ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3200273941-2670340362-4195434088-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKU\S-1-5-21-3200273941-2670340362-4195434088-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us HKU\S-1-5-21-413578968-4127535815-2662069183-1116\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ HKU\S-1-5-21-413578968-4127535815-2662069183-1116\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-3200273941-2670340362-4195434088-1005 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [File not signed] BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\OldNewExplorer\OldNewExplorer32.dll [2019-09-23] (www.startisback.com) [File not signed] (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\download.microsoft.com -> hxxp://download.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\download.windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\download.windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\ntservicepack.microsoft.com -> hxxp://ntservicepack.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\update.microsoft.com -> hxxp://update.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\update.microsoft.com -> hxxps://update.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\windows.com -> hxxp://wustat.windows.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\windowsupdate.com -> hxxp://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\windowsupdate.com -> hxxps://download.windowsupdate.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\ws.microsoft.com -> hxxp://ws.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\ws.microsoft.com -> hxxps://ws.microsoft.com IE trusted site: HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\wustat.windows.com -> hxxp://wustat.windows.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2021-08-26 21:16 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts 2020-05-04 19:44 - 2021-09-01 15:15 - 000000495 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.20.48.1 MPMM1.mshome.net # 2026 8 1 31 20 15 58 588 10.125 unbuntu.mshome.net # 2020 5 2 12 4 14 44 897 ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Adobe\AGL;C:\Program Files\RogueKiller;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\mikem\AppData\Roaming\npm;C:\adb;C:\android-studio;C:\platform-tools;C:\Program Files (x86)\NVIDIA Corporation\DDS Utilities;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\ HKU\S-1-5-21-3200273941-2670340362-4195434088-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-3200273941-2670340362-4195434088-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-3200273941-2670340362-4195434088-1014\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-413578968-4127535815-2662069183-1116\Control Panel\Desktop\\Wallpaper -> C:\Users\mikem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AeLookupSvc => 3 MSCONFIG\Services: AERTFilters => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: AxInstSV => 3 MSCONFIG\Services: BDESVC => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: CertPropSvc => 3 MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2 MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2 MSCONFIG\Services: COMSysApp => 3 MSCONFIG\Services: CVPND => 2 MSCONFIG\Services: Dell Hardware Support => 3 MSCONFIG\Services: DellClientManagementService => 3 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: PCPrintProvider => 3 MSCONFIG\Services: RtkAudioService => 2 MSCONFIG\Services: ss_conn_service => 3 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: WsAppService => 3 MSCONFIG\Services: WsAppService3 => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ScpToolkit Tray Notifications.lnk => C:\Windows\pss\ScpToolkit Tray Notifications.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup MSCONFIG\startupreg: Acrobat Assistant 7.0 => MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: Chromium => MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => MSCONFIG\startupreg: iTunesHelper => MSCONFIG\startupreg: Persistence => MSCONFIG\startupreg: Wargaming.net Game Center => HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Onboard" HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run32: => "WDDiscovery" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\StartupApproved\StartupFolder: => "DS4Windows.lnk" HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\StartupApproved\Run: => "GoogleDriveFS" HKU\S-1-5-21-413578968-4127535815-2662069183-1116\...\StartupApproved\Run: => "CiscoMeetingDaemon" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{32AE3A79-1F03-4CC3-8EDE-77C38CE818E3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.84\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{72127B79-6E04-453D-95FA-4D786846C81B}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) ==================== Restore Points ========================= 26-08-2021 06:17:40 AdwCleaner_BeforeCleaning_26/08/2021_06:17:21 26-08-2021 19:42:57 AdwCleaner_BeforeCleaning_26/08/2021_19:42:56 26-08-2021 20:29:26 AdwCleaner_BeforeCleaning_26/08/2021_20:29:18 27-08-2021 05:10:20 Removed Avast Update Helper 31-08-2021 23:47:32 Windows Update ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (09/01/2021 03:14:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname MPMM1.local already in use; will try MPMM1-2.local instead Error: (09/01/2021 03:14:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 MPMM1.local. Addr 192.168.1.90 Error: (09/01/2021 03:14:16 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.90:5353 16 MPMM1.local. AAAA 2600:1700:4050:DEA0:0000:0000:0000:0045 Error: (09/01/2021 02:44:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname MPMM1.local already in use; will try MPMM1-2.local instead Error: (09/01/2021 02:44:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 MPMM1.local. Addr 192.168.1.90 Error: (09/01/2021 02:44:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.90:5353 16 MPMM1.local. AAAA 2600:1700:4050:DEA0:0000:0000:0000:0045 Error: (09/01/2021 01:13:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname MPMM1.local already in use; will try MPMM1-2.local instead Error: (09/01/2021 01:13:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 MPMM1.local. Addr 192.168.1.90 System errors: ============= Error: (09/01/2021 03:02:41 PM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: This computer was not able to set up a secure session with a domain controller in domain MCL due to the following: We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. Error: (09/01/2021 02:48:26 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (09/01/2021 02:38:26 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: MCL) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (09/01/2021 01:10:26 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (09/01/2021 12:52:25 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: MCL) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (09/01/2021 11:32:25 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (09/01/2021 11:06:25 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: MCL) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (09/01/2021 11:02:37 AM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: This computer was not able to set up a secure session with a domain controller in domain MCL due to the following: We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. Windows Defender: ================ Date: 2021-09-01 14:53:20 Description: Controlled Folder Access blocked C:\Program Files\NVIDIA Corporation\NvBackend\NvSHIM.exe from making changes to memory. Detection time: 2021-09-01T19:53:20.239Z Path: \Device\HarddiskVolume4 Process Name: C:\Program Files\NVIDIA Corporation\NvBackend\NvSHIM.exe Security intelligence Version: 1.347.816.0 Engine Version: 1.1.18400.5 Product Version: 4.18.2107.4 Date: 2021-09-01 14:34:37 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-08-31 23:45:11 Description: Controlled Folder Access blocked C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe from making changes to memory. Detection time: 2021-09-01T04:45:11.429Z Path: \Device\HarddiskVolume4 Process Name: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe Security intelligence Version: 1.347.816.0 Engine Version: 1.1.18400.5 Product Version: 4.18.2107.4 Date: 2021-08-31 23:44:16 Description: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe has been blocked from modifying %userprofile%\Videos\Tdbswd56spcap by Controlled Folder Access. Detection time: 2021-09-01T04:44:16.467Z Path: %userprofile%\Videos\Tdbswd56spcap Process Name: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe Security intelligence Version: 1.347.816.0 Engine Version: 1.1.18400.5 Product Version: 4.18.2107.4 Date: 2021-08-31 14:59:44 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-08-27 20:10:44 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2021-08-27 05:55:36 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2021-08-26 20:53:11 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.347.484.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18400.5 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2021-08-26 20:42:52 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: =============== Date: 2021-09-01 03:07:29 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements. Date: 2021-09-01 02:19:22 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2021-09-01 02:17:35 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== BIOS: Dell Inc. A11 05/07/2019 Motherboard: Dell Inc. 088DT1 Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Percentage of memory in use: 48% Total physical RAM: 16334.93 MB Available physical RAM: 8457.21 MB Total Virtual: 32718.93 MB Available Virtual: 21946.13 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:911.69 GB) (Free:376.82 GB) NTFS Drive e: (RECOVERY) (Fixed) (Total:19.78 GB) (Free:8.65 GB) NTFS ==>[system with boot components (obtained from drive)] Drive h: (MPMM SDD Drive 1TB) (Fixed) (Total:931.51 GB) (Free:498.63 GB) NTFS Drive j: (MPMM SDD Drive 2TB) (Fixed) (Total:1862.98 GB) (Free:1860.8 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 90CAB908) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=19.8 GB) - (Type=27) Partition 3: (Not Active) - (Size=911.7 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 1863 GB) (Disk ID: 7140C96E) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 184C4081) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================