Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.02.2019
Ran by Rick (administrator) on HALPC (20-02-2019 15:41:11)
Running from C:\Users\Rick\Desktop\Downloads\Geeks 11 01 19
Loaded Profiles: Rick (Available Profiles: Rick & Administrator)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.16.3.21\nsWscSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Secure VPN\client\NSVService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Smile\application\ColorMunki Smile Tray.exe
() C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\Creator\FoxitProxyServer_Socket_RD.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2143552 2012-03-21] (FSPro Labs -> FSPro Labs)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-09-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [UPSmart2000R] => C:\Program Files (x86)\UPSmart2000R\UPSmart2000R.exe [1721856 2011-06-21] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-11-23] (Acer Incorporated -> )
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-01-07] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [Avanquest Message] => C:\Users\Rick\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [497640 2017-02-20] (AVANQUEST S.A. -> Avanquest Software)
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [5KPlayer] => C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe [29318088 2018-06-20] (Digiarty, Inc. -> DearMob)
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [Bonus.SSR.FR14] => "C:\Program Files (x86)\ABBYY FineReader 14\ScreenshotReader.exe" /autorun
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [SurfEasy] => C:\Program Files (x86)\Norton WiFi Privacy\client\Norton WiFi Privacy.exe startup
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [Deskpecker] => C:\Program Files (x86)\Zamaan's Software\Deskpecker 1.0\deskpecker.exe
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-13] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Run: [UPSmart] => C:\Program Files (x86)\IDBK\UPSmart\UPSmart.exe [4472320 2015-04-10] ()
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1708016 2019-02-13] (Google LLC -> Google Inc.)
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=0|2|Default|0|chrome-extension://admmjipmmciaobhojoghlmleefbicajg/|admmjipmmciaobhojoghlmleefbicajg-52d81f95-f5f9-4213-8fd9-b451d6a0ec2b --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\MountPoints2: {07374292-edfb-11e3-825e-40f02f1b2390} - "G:\HPLauncher.exe"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\DOLPHI~1.SCR [275931 2005-05-16] ()
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32: [vidc.rscc] => C:\Windows\system32\rscc.dll [836096 2013-02-21] (RSUPPORT)
HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech Inc.)
HKLM\...\Drivers32-x32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-15] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-15] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4C32.dll [413760 2010-03-15] (Microsoft Corporation)
HKLM\...\Drivers32-x32: [vidc.rscc] => C:\Windows\SysWOW64\rscc.dll [671744 2013-02-21] (RSUPPORT)
HKLM\...\Drivers32-x32: [vidc.n264] => C:\Windows\SysWOW64\n264.dll [12888576 2014-10-20] (RSUPPORT)
HKLM\...\Drivers32-x32: [vidc.mp4v] => C:\Windows\SysWOW64\n264.dll [12888576 2014-10-20] (RSUPPORT)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\Installer\chrmstp.exe [2019-02-16] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-09-25] (Qualcomm Atheros -> Qualcomm®Atheros®)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ColorMunki Smile Tray.lnk [2017-02-17]
ShortcutTarget: ColorMunki Smile Tray.lnk -> C:\Program Files (x86)\X-Rite\ColorMunki Smile\application\ColorMunki Smile Tray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk [2017-10-04]
ShortcutTarget: Scanner Finder.lnk -> C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe ()
Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2018-07-31]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{700625b6-a397-4ec9-928e-f5e2582bcb2a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{dc9ebe64-8951-4d4c-8f4e-7a22cf7a6f01}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-1630993411-145381888-747447847-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1630993411-145381888-747447847-1001 -> DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=oem&geo=AU&ver=22.16.3.21&locale=en_AU&guid=F113AF33-50B6-4FC4-9B92-A61EDF325BE2&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1630993411-145381888-747447847-1001 -> {2EE8CAB0-3292-4D28-A7B7-2A77AFAA1ACE} URL =
SearchScopes: HKU\S-1-5-21-1630993411-145381888-747447847-1001 -> {6BF85770-390E-4771-8FDF-86EA5796A242} URL = hxxps://www.google.com.au/search?hl=en&q={searchTerms}&meta=cr%3DcountryAU
SearchScopes: HKU\S-1-5-21-1630993411-145381888-747447847-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=oem&geo=AU&ver=22.16.3.21&locale=en_AU&guid=F113AF33-50B6-4FC4-9B92-A61EDF325BE2&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-1630993411-145381888-747447847-1001 -> {C7C07245-7FB2-48A9-85DE-F1A2B330DC1D} URL = hxxps://www.google.com.au/search?hl=en&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
DPF: HKLM-x32 {CB927D12-4FF7-4A9E-A169-56E4B8A75598} hxxps://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF DefaultProfile: zv9a8e0y.default
FF ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\zv9a8e0y.default [2019-02-20]
FF Homepage: Mozilla\Firefox\Profiles\zv9a8e0y.default -> hxxps://www.google.com.au/?gws_rd=ssl|hxxps://www.google.com.au/?gws_rd=ssl|about:preferences
FF Extension: (Norton Password Manager) - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\zv9a8e0y.default\Extensions\
[email protected] [2019-01-05]
FF Extension: (Norton Safe Search) - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\zv9a8e0y.default\Extensions\
[email protected] [2018-11-22] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\zv9a8e0y.default\Extensions\
[email protected] [2018-11-22] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\zv9a8e0y.default\Extensions\
[email protected] [2019-01-05]
FF Extension: (Safe Preview) - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\zv9a8e0y.default\Extensions\
[email protected] [2016-06-08] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-13] ()
FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-19] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-13] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-12-27] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2014-08-29] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2018-05-01] ()
FF Plugin HKU\S-1-5-21-1630993411-145381888-747447847-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rick\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-19] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.com.au/webhp?cr=countryAU&tbs=ctr:countryAU"
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
CHR Profile: C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default [2019-02-14]
CHR Extension: (Google Slides) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-27]
CHR Extension: (Logitech Unifying for Chrome) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\agpmgihmmmfkbhckmciedmhincdggomo [2015-10-27]
CHR Extension: (Google Docs) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-27]
CHR Extension: (Google Drive) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-27]
CHR Extension: (Norton Security Toolbar) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-12-07]
CHR Extension: (Google Search) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-12-06]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2015-12-07]
CHR Extension: (Google Sheets) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Norton Identity Safe) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-12-06]
CHR Extension: (Norton Safe) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-10-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-27]
CHR Extension: (Norton Security Toolbar) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2015-10-27]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2015-11-16]
CHR Extension: (Gmail) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-27]
CHR Profile: C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default [2019-02-20]
CHR Extension: (Slides) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Norton Password Manager) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-02-19]
CHR Extension: (Docs) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Flash Player) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2018-10-30]
CHR Extension: (Google Search) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-09-26]
CHR Extension: (Norton Safe Search) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogpedgkejfmehnklhahflpmplhiceal [2018-11-16]
CHR Extension: (Sheets) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Norton Safe Web) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (AdBlock) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-02-16]
CHR Extension: (Skype) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-26]
CHR Extension: (Norton Home Page) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2018-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-16]
CHR Profile: C:\Users\Rick\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-02-20]
CHR Profile: C:\Users\Rick\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-20]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1630993411-145381888-747447847-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc. -> Apple Inc.)
S4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated -> Acer Incorporated)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Trusted Connect Service -> Intel® Corporation)
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-31] (Logitech -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation -> Symantec Corporation)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe [328648 2018-12-13] (Symantec Corporation -> Symantec Corporation)
R2 NortonWiFiPrivacy; C:\Program Files (x86)\Norton Secure VPN\client\NSVService.exe [6236176 2018-11-22] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.16.3.21\nsWscSvc.exe [915712 2018-12-13] (Symantec Corporation -> Symantec Corporation)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [355184 2017-09-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation -> Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2015-09-18] (X-Rite Incorporated -> X-Rite Inc.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 378634B9; C:\WINDOWS\System32\drivers\378634B9.sys [478392 2016-09-13] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.12.0.104\Definitions\BASHDefs\20190212.002\BHDrvx64.sys [1934048 2019-02-12] (Symantec Corporation -> Symantec Corporation)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\ccSetx64.sys [189152 2018-12-12] (Symantec Corporation -> Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-12-05] (Symantec Corporation -> Symantec Corporation)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2018-12-07] (Symantec Corporation -> Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 EyeOneDisplay; C:\WINDOWS\System32\Drivers\i1display_x64.sys [15016 2013-01-07] (X-Rite Incorporated -> GretagMacbeth LLC)
R0 FSProFilter; C:\WINDOWS\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs -> FSPro Labs)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.12.0.104\Definitions\IPSDefs\20190219.061\IDSvia64.sys [1424904 2019-01-23] (Symantec Corporation -> Symantec Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-02-20] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-02-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-02-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-02-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-02-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
U5 NortonSecureVPN; C:\Program Files (x86)\Norton Secure VPN\client\NSVService.exe [6236176 2018-11-22] (Symantec Corporation -> Symantec Corporation)
S3 npf; C:\WINDOWS\system32\drivers\npf.sys [35344 2018-07-17] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaewu.inf_amd64_8baa9d083edacf87\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSP64.SYS [855256 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSPX64.SYS [49880 2018-12-12] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SYMEFASI64.SYS [1969328 2018-12-12] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymELAM.sys [25744 2018-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-06-15] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.12.0.104\SymPlatform\SymEvnt.sys [678616 2019-02-02] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\Ironx64.SYS [308416 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\symnets.sys [567024 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52512 2018-10-13] (Symantec Corporation -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-05-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\wpCtrlDrv.sys [1011056 2018-12-12] (Symantec Corporation -> Symantec Corporation)
U3 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-20 15:30 - 2019-02-20 15:30 - 000000000 ____D C:\Users\Rick\Desktop\POWERTECH PLUS MB-3603 User Manual
2019-02-20 15:18 - 2019-02-20 15:18 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-20 15:18 - 2019-02-20 15:18 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-02-20 15:18 - 2019-02-20 15:18 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-02-20 15:18 - 2019-02-20 15:18 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-02-20 15:18 - 2019-02-20 15:18 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-02-20 15:15 - 2019-02-20 15:40 - 000000000 ____D C:\Users\Rick\Desktop\To Post
2019-02-20 14:18 - 2019-02-20 14:18 - 000000000 ____D C:\Users\Rick\AppData\Local\AOP SDK
2019-02-20 02:40 - 2019-02-20 02:40 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-02-17 18:26 - 2019-02-17 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-17 18:26 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-02-17 18:26 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-15 22:20 - 2019-02-15 22:20 - 000000000 ____D C:\Users\Rick\AppData\Roaming\Ashampoo
2019-02-14 14:21 - 2019-02-14 14:21 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-02-14 14:10 - 2019-02-14 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-02-14 14:10 - 2019-02-14 14:10 - 000000000 ____D C:\Program Files\VS Revo Group
2019-02-13 17:42 - 2019-02-06 18:54 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-13 17:42 - 2019-02-06 18:32 - 003648512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-13 17:42 - 2019-02-06 17:52 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-13 17:42 - 2019-02-06 14:01 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-13 17:42 - 2019-02-06 14:01 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-13 17:42 - 2019-02-06 14:00 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-13 17:42 - 2019-02-06 14:00 - 007520112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-13 17:42 - 2019-02-06 14:00 - 006572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-13 17:42 - 2019-02-06 14:00 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-13 17:42 - 2019-02-06 13:52 - 022014464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-13 17:42 - 2019-02-06 13:45 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-13 17:42 - 2019-02-06 13:42 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-13 17:42 - 2019-02-06 13:41 - 025853952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-13 17:42 - 2019-02-06 13:40 - 005792256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-13 17:42 - 2019-02-06 13:37 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-13 17:42 - 2019-02-06 13:33 - 022714880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-13 17:42 - 2019-02-06 13:29 - 004865536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-13 17:42 - 2019-02-06 13:26 - 007599616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-13 17:42 - 2019-02-06 13:24 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-13 17:42 - 2019-01-10 04:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-13 17:42 - 2019-01-10 04:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-13 17:42 - 2019-01-10 04:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-02-13 17:42 - 2019-01-09 20:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-13 17:42 - 2019-01-09 16:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-13 17:42 - 2019-01-09 16:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-13 17:42 - 2019-01-09 16:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-13 17:42 - 2019-01-09 16:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-13 17:42 - 2019-01-09 16:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-13 17:42 - 2019-01-09 16:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-13 17:42 - 2019-01-09 16:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-13 17:42 - 2019-01-09 16:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-13 17:42 - 2019-01-09 16:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-13 17:42 - 2019-01-09 16:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-13 17:42 - 2019-01-09 16:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-02-13 17:42 - 2019-01-09 16:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-02-13 17:42 - 2019-01-09 16:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-13 17:42 - 2019-01-09 16:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-13 17:42 - 2019-01-09 16:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-02-13 17:42 - 2019-01-09 16:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-13 17:42 - 2019-01-09 16:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-13 17:41 - 2019-02-06 18:53 - 001634704 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-13 17:41 - 2019-02-06 18:35 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-13 17:41 - 2019-02-06 18:30 - 004052992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-13 17:41 - 2019-02-06 18:30 - 001662464 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-13 17:41 - 2019-02-06 18:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-13 17:41 - 2019-02-06 18:11 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-13 17:41 - 2019-02-06 17:57 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-13 17:41 - 2019-02-06 17:52 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-13 17:41 - 2019-02-06 17:52 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-13 17:41 - 2019-02-06 14:01 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-13 17:41 - 2019-02-06 14:01 - 000720480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-13 17:41 - 2019-02-06 14:01 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-13 17:41 - 2019-02-06 14:01 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-13 17:41 - 2019-02-06 14:01 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-02-13 17:41 - 2019-02-06 14:01 - 000033576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-13 17:41 - 2019-02-06 14:00 - 002719760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-13 17:41 - 2019-02-06 14:00 - 002421264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-13 17:41 - 2019-02-06 14:00 - 001257904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-13 17:41 - 2019-02-06 14:00 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-13 17:41 - 2019-02-06 14:00 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-02-13 17:41 - 2019-02-06 14:00 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-02-13 17:41 - 2019-02-06 14:00 - 000945680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-13 17:41 - 2019-02-06 14:00 - 000899728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-13 17:41 - 2019-02-06 14:00 - 000466960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-13 17:41 - 2019-02-06 14:00 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-13 17:41 - 2019-02-06 14:00 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-13 17:41 - 2019-02-06 14:00 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-13 17:41 - 2019-02-06 13:59 - 001922064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-13 17:41 - 2019-02-06 13:59 - 001457248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-13 17:41 - 2019-02-06 13:59 - 000983128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-13 17:41 - 2019-02-06 13:59 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-13 17:41 - 2019-02-06 13:41 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-02-13 17:41 - 2019-02-06 13:40 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-13 17:41 - 2019-02-06 13:38 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-13 17:41 - 2019-02-06 13:38 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-02-13 17:41 - 2019-02-06 13:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-13 17:41 - 2019-02-06 13:28 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-13 17:41 - 2019-02-06 13:28 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-13 17:41 - 2019-02-06 13:27 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-13 17:41 - 2019-02-06 13:27 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-13 17:41 - 2019-02-06 13:27 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-13 17:41 - 2019-02-06 13:27 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-13 17:41 - 2019-02-06 13:26 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-13 17:41 - 2019-02-06 13:26 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-13 17:41 - 2019-02-06 13:26 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-13 17:41 - 2019-02-06 13:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-02-13 17:41 - 2019-02-06 13:25 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-13 17:41 - 2019-02-06 13:25 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-13 17:41 - 2019-02-06 13:24 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-13 17:41 - 2019-02-06 13:23 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-13 17:41 - 2019-02-06 13:22 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-13 17:41 - 2019-02-06 13:22 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-13 17:41 - 2019-02-06 13:21 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-13 17:41 - 2019-02-06 12:04 - 000001314 _____ C:\WINDOWS\system32\tcbres.wim
2019-02-13 17:41 - 2019-01-12 19:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-13 17:41 - 2019-01-12 13:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-13 17:41 - 2019-01-10 05:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-02-13 17:41 - 2019-01-10 04:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-13 17:41 - 2019-01-10 04:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-02-13 17:41 - 2019-01-10 04:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-02-13 17:41 - 2019-01-10 04:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-02-13 17:41 - 2019-01-09 21:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-13 17:41 - 2019-01-09 20:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-02-13 17:41 - 2019-01-09 19:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-13 17:41 - 2019-01-09 19:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-13 17:41 - 2019-01-09 16:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-13 17:41 - 2019-01-09 16:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-13 17:41 - 2019-01-09 16:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2019-02-13 17:41 - 2019-01-09 16:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-13 17:41 - 2019-01-09 16:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-13 17:41 - 2019-01-09 16:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-13 17:41 - 2019-01-09 16:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-13 17:41 - 2019-01-09 16:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-13 17:41 - 2019-01-09 16:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-13 17:41 - 2019-01-09 16:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2019-02-13 17:41 - 2019-01-09 16:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-13 17:41 - 2019-01-09 16:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-13 17:41 - 2019-01-09 16:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-13 17:41 - 2019-01-09 16:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-02-13 17:41 - 2019-01-09 16:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-02-13 17:41 - 2019-01-09 16:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-13 17:41 - 2019-01-09 16:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-02-13 17:41 - 2019-01-09 16:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-02-13 17:41 - 2019-01-09 16:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-13 17:41 - 2019-01-09 16:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-13 17:41 - 2019-01-09 16:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-02-13 17:41 - 2019-01-09 16:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-02-13 17:41 - 2019-01-09 16:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 17:41 - 2019-01-09 16:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-02-13 17:41 - 2019-01-09 16:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-13 17:41 - 2019-01-09 16:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-02-13 17:41 - 2019-01-09 16:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-13 17:41 - 2019-01-09 16:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-13 17:41 - 2019-01-09 16:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-13 17:41 - 2019-01-09 16:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-13 17:41 - 2019-01-09 16:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-02-13 17:41 - 2019-01-09 16:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-13 17:41 - 2019-01-09 16:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-13 17:41 - 2019-01-09 16:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-02-13 17:41 - 2019-01-09 16:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-02-13 17:41 - 2019-01-09 16:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-02-13 17:41 - 2019-01-09 15:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-13 17:41 - 2019-01-09 15:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2019-02-13 17:41 - 2019-01-08 20:08 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-13 17:41 - 2019-01-08 14:06 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-13 17:41 - 2019-01-08 14:06 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-13 17:41 - 2019-01-08 14:06 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-11 14:08 - 2019-02-20 15:41 - 000000000 ____D C:\FRST
2019-02-04 21:38 - 2019-02-09 18:26 - 000000000 ____D C:\Users\Rick\AppData\Local\Canon Easy-PhotoPrint EX
2019-02-04 21:38 - 2019-02-04 21:38 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX2
2019-02-04 21:38 - 2019-02-04 21:38 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX
2019-02-04 21:38 - 2019-02-04 21:38 - 000000000 ___HD C:\ProgramData\CanonEPP
2019-01-29 14:15 - 2019-01-29 14:15 - 000001237 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disketch Disc Label Software.lnk
2019-01-29 14:15 - 2019-01-29 14:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
2019-01-29 14:15 - 2019-01-29 14:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs
2019-01-29 14:15 - 2019-01-29 14:15 - 000000000 ____D C:\Program Files (x86)\NCH Software
2019-01-27 22:32 - 2017-03-02 02:47 - 000000055 _____ C:\Users\Rick\Desktop\Ann and Les Gunn (2).txt
2019-01-21 18:35 - 2019-01-21 18:35 - 000000000 ____D C:\Users\Rick\AppData\Roaming\CDROLLER
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-20 15:40 - 2018-04-12 10:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-20 15:17 - 2018-10-10 22:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security with Backup
2019-02-20 15:12 - 2018-05-16 17:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-20 15:12 - 2016-10-02 22:04 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-20 15:11 - 2018-04-12 08:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-02-20 15:06 - 2018-05-16 17:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-20 14:20 - 2018-12-07 22:24 - 000000000 ____D C:\Program Files\CCleaner
2019-02-20 05:25 - 2018-05-16 17:45 - 000000000 ____D C:\Users\Rick
2019-02-19 21:35 - 2018-05-16 17:55 - 000004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9FED51AC-BB0D-4BEE-9687-B54D279E2473}
2019-02-19 21:35 - 2016-09-26 02:11 - 000000000 ____D C:\Users\Rick\AppData\Local\File Viewer Plus
2019-02-19 21:29 - 2018-05-16 18:00 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-19 21:29 - 2018-04-12 10:36 - 000000000 ____D C:\WINDOWS\INF
2019-02-19 18:34 - 2015-10-27 11:17 - 000000000 ____D C:\Users\Rick\AppData\Roaming\Adobe
2019-02-19 15:06 - 2018-04-12 10:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-19 15:06 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-19 01:04 - 2018-07-06 22:18 - 000000000 ____D C:\Users\Rick\AppData\Roaming\5KPlayer
2019-02-18 21:44 - 2015-10-28 00:56 - 000000000 ____D C:\Users\Rick\AppData\Local\CrashDumps
2019-02-17 21:50 - 2018-05-20 20:36 - 000000000 ____D C:\Users\Rick\AppData\Local\D3DSCache
2019-02-17 18:27 - 2015-10-27 13:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-17 18:26 - 2018-04-12 10:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-02-17 00:07 - 2018-07-21 23:57 - 000000000 ____D C:\WINDOWS\Minidump
2019-02-16 20:06 - 2018-04-12 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-02-16 14:39 - 2016-09-01 03:53 - 000000000 ____D C:\AdwCleaner
2019-02-16 03:58 - 2017-12-19 09:52 - 000000000 ____D C:\Users\Rick\AppData\LocalLow\Mozilla
2019-02-16 03:48 - 2015-12-07 13:19 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-15 22:20 - 2018-11-26 14:20 - 000000000 ____D C:\Users\Rick\AppData\Local\Ashampoo
2019-02-15 22:20 - 2016-06-19 21:41 - 000000000 ____D C:\ProgramData\Ashampoo
2019-02-15 22:20 - 2016-05-22 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-02-15 22:19 - 2016-05-22 19:18 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2019-02-15 17:32 - 2017-09-29 19:08 - 000000000 ____D C:\Program Files\rempl
2019-02-15 02:04 - 2015-12-24 01:02 - 000000000 ____D C:\Users\Rick\AppData\Local\ElevatedDiagnostics
2019-02-14 14:24 - 2018-05-16 17:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-02-14 14:16 - 2014-06-14 15:50 - 000000000 ____D C:\Users\Rick\AppData\LocalLow\Temp
2019-02-14 00:15 - 2018-05-16 17:40 - 005435112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-14 00:10 - 2018-04-12 10:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-02-14 00:10 - 2018-04-12 10:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-02-14 00:10 - 2018-04-12 10:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-02-14 00:10 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-14 00:10 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-14 00:10 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-13 17:48 - 2018-04-12 10:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-13 17:41 - 2015-10-27 12:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-13 17:38 - 2015-10-27 12:47 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-13 15:56 - 2018-07-05 15:29 - 000000000 ____D C:\Users\Rick\AppData\Roaming\dvdcss
2019-02-13 15:49 - 2014-11-10 23:43 - 000000000 ____D C:\Users\Rick\Documents\liteCam
2019-02-13 15:48 - 2015-12-05 02:17 - 000025088 _____ C:\Users\Rick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-13 05:16 - 2018-05-16 17:55 - 000004578 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-13 05:16 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-13 05:16 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-13 04:24 - 2018-05-16 17:55 - 000004566 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-02-13 03:58 - 2018-09-08 04:26 - 000000000 ____D C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\百度网盘
2019-02-11 03:02 - 2018-05-16 17:55 - 000003352 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1630993411-145381888-747447847-1001
2019-02-11 03:02 - 2018-05-16 17:45 - 000002364 _____ C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-11 03:02 - 2014-07-26 03:23 - 000000000 __RDO C:\Users\Rick\OneDrive
2019-02-10 22:20 - 2018-04-12 20:18 - 000000000 ____D C:\WINDOWS\OCR
2019-02-09 19:00 - 2015-11-04 15:07 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-02-09 18:46 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-02-08 17:52 - 2018-07-11 14:28 - 000000000 ____D C:\ProgramData\Packages
2019-02-06 21:23 - 2018-04-12 10:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-05 15:02 - 2018-08-12 03:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2019-02-04 21:38 - 2015-11-04 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2019-02-04 21:37 - 2015-11-04 15:09 - 000000000 ____D C:\Program Files\Canon
2019-02-03 09:53 - 2018-11-14 23:17 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-03 09:53 - 2018-11-14 23:17 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-30 21:24 - 2015-10-27 12:04 - 000000000 ____D C:\ProgramData\FLEXnet
2019-01-29 14:16 - 2015-12-03 14:38 - 000000000 ____D C:\Users\Rick\AppData\Roaming\NCH Software
2019-01-24 22:01 - 2017-10-21 20:06 - 000000000 ____D C:\ProgramData\Corel
2019-01-24 19:55 - 2015-10-28 00:25 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-23 19:13 - 2014-01-07 06:27 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
==================== Files in the root of some directories =======
2016-05-21 15:20 - 2018-09-18 18:43 - 000013531 _____ () C:\Users\Rick\AppData\Roaming\event.log
2015-12-05 02:17 - 2019-02-13 15:48 - 000025088 _____ () C:\Users\Rick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-22 18:55 - 2018-09-22 18:55 - 000000000 _____ () C:\Users\Rick\AppData\Local\oobelibMkey.log
2015-11-17 17:18 - 2015-11-17 17:18 - 000000000 _____ () C:\Users\Rick\AppData\Local\{33487DA2-1ED6-4DAD-A40C-AB6B7AA40B7E}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-16 17:40
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.02.2019
Ran by Rick (20-02-2019 15:43:01)
Running from C:\Users\Rick\Desktop\Downloads\Geeks 11 01 19
Windows 10 Home Version 1803 17134.590 (X64) (2018-05-16 07:16:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1630993411-145381888-747447847-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1630993411-145381888-747447847-503 - Limited - Disabled)
Guest (S-1-5-21-1630993411-145381888-747447847-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1630993411-145381888-747447847-1003 - Limited - Enabled)
Rick (S-1-5-21-1630993411-145381888-747447847-1001 - Administrator - Enabled) => C:\Users\Rick
WDAGUtilityAccount (S-1-5-21-1630993411-145381888-747447847-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Shadow 2.0 (HKLM\...\3D Shadow_is1) (Version: 2.0 - Lokas Software)
5KPlayer (HKLM-x32\...\5KPlayer) (Version: 5.1 - DearMob, Inc.)
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3019 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
ADAudit Plus (HKLM-x32\...\{B4E87CC6-F195-4CFE-92A2-8439FC3716C9}) (Version: 4.6.0 - ZOHO Corp)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
AnalogX NetStat Live (HKLM-x32\...\AnalogX NetStat Live) (Version: - AnalogX)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Burning Studio 2019 (HKLM-x32\...\{91B33C97-293D-A984-2057-76661C44CB0E}_is1) (Version: 1.20.0 - Ashampoo GmbH & Co. KG)
Ashampoo Cover Studio 2017 (HKLM-x32\...\{91B33C97-6D7D-102A-7711-56C011AFB81B}_is1) (Version: 3.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo MyAutoplay Menu v.1.0.5 (HKLM-x32\...\{91B33C97-FD41-09C7-0F51-78F94C35D772}_is1) (Version: 1.0.5 - Ashampoo GmbH & Co. KG)
Avanquest Message (HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\{20573C69-4A68-4BEF-A23D-365CB66924CE}) (Version: 2.06.0 - Avanquest Software)
Awesome Duplicate Photo Finder v. 1.0.1 (HKLM-x32\...\Awesome Duplicate Photo Finder_is1) (Version: - Duplicate-Finder.com)
BenVista PhotoZoom Classic 6.1 (HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\PhotoZoom Classic 6) (Version: 6.1 - BenVista Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
CODIJY Pro version 3.6.1 (HKLM\...\{26339FAF-FA88-4C47-9E68-D4D3E8C512D9}_is1) (Version: 3.6.1 - CODIJY)
CoffeeCup Free Zip Wizard (HKLM-x32\...\CoffeeCup Free Zip Wizard) (Version: - CoffeeCup Software)
ColorMunki Smile (HKLM-x32\...\ColorMunki Smile_is1) (Version: - X-Rite)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Disketch Disc Label Software (HKLM-x32\...\Disketch) (Version: 3.39 - NCH Software)
Dolphin Pod 0.3 (HKLM-x32\...\Dolphin Pod_is1) (Version: - )
DVD-Cloner V9.60 Build 1114 (HKLM-x32\...\DVD-Cloner 9_is1) (Version: 9.60.0.1114 - OpenCloner Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.11 - Sharpened Productions)
File Viewer Plus (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.2.1 - Sharpened Productions)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.0.16811 - Foxit Software Inc.)
Free FreeCell Solitaire 2015 v3.0 (HKLM-x32\...\Free FreeCell Solitaire_is1) (Version: - TreeCardGames)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.109 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.22) (Version: 9.22 - Artifex Software Inc.)
Grant Digital (HKLM-x32\...\{ED4830CC-FB1B-4E51-9ED3-0FCC97758D1D}) (Version: - )
HAL 9000 [Console] Basic Screen Saver (HKLM-x32\...\HAL 9000 [Console] Basic) (Version: - )
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8101 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson)
ImageMixer VCD2 for FinePix (HKLM-x32\...\{934E9442-D305-4ACF-AD87-A6C11D677CB9}) (Version: - )
InCD EasyWrite Reader (HKLM-x32\...\MRW!UninstallKey) (Version: - )
InPixio Photo (HKLM-x32\...\{5F0C0CD8-77B1-4C3E-9F01-5AF10D85DBB4}) (Version: 6.09.0 - Avanquest Software)
InPixio Photo Maximizer (HKLM-x32\...\{33DB8C17-40C9-4629-B6D4-05A4C7E8AA86}) (Version: 2.03.25799 - Avanquest Software)
InstaCards (HKLM-x32\...\{58259C24-7B5E-4977-93B0-E9EEA1B884CE}) (Version: 1.6.1 - Avanquest Software)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
LicenseCrawler version 1.25 build-298 (HKLM-x32\...\{12151216-3E3F-4118-AE95-49C39F1D7EA2}_is1) (Version: 1.25 build-298 - Martin Klinzmann)
liteCam HD (HKLM-x32\...\{4926737D-839C-430F-805F-28C7EF86A432}) (Version: 4.95.0000 - RSUPPORT)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
Macrium Reflect Free Edition (HKLM\...\{08B0BEF7-A098-4A77-B132-8702E9F43682}) (Version: 6.1.1225 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Mahjong Champ (HKLM-x32\...\MahjongChamp) (Version: - )
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee Safe Connect (HKLM-x32\...\{54EB2499-4B4F-4AE5-9D1E-CCAE9D6ED880}) (Version: 1.3.1.128 - McAfee, Inc)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\OneDriveSetup.exe) (Version: 19.002.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{386881cc-7635-4ec3-aaf3-e28904b27a28}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Photo Noir (HKLM-x32\...\Movavi Photo Noir) (Version: 1.0.1 - Movavi)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
My Lockbox 2.8.2 (HKLM\...\My Lockbox_is1) (Version: 2.8.2 - )
Nero 11 InfoTool (HKLM-x32\...\{64BEF779-5053-48AF-A3D8-B70EBC1C70E7}) (Version: 11.0.00500 - Nero AG)
Nero 2015 (HKLM-x32\...\{E6626251-ED62-469C-821F-D75C50154C48}) (Version: 16.0.02800 - Nero AG)
Nero CoverDesigner 2017 (HKLM-x32\...\{29102D23-A61D-48BC-876D-449BF9937B62}) (Version: 18.0.00900 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 20.0.1011 - Nero AG)
Nero Prerequisite Installer 7.0 (HKLM-x32\...\{20A619F0-E309-4434-A7ED-C270759803AA}) (Version: 19.0.00000 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Secure VPN (HKLM-x32\...\Norton Secure VPN) (Version: 1.6.0.280 - Symantec Corporation)
Norton Security (HKLM-x32\...\NGC) (Version: 22.16.3.21 - Symantec Corporation)
Norton WiFi Privacy (HKLM-x32\...\Norton WiFi Privacy) (Version: 1.4.9 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
PcCloneEX (HKLM-x32\...\PcCloneEX) (Version: - )
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PicaView32 (HKLM-x32\...\PicaView32) (Version: - )
Plantraco FMS Model Installer (HKLM-x32\...\{002D2C86-303B-4146-A3F6-8F0BA5A93F11}) (Version: 1.0.5 - Plantraco)
PowerPoint CD-ROM Wizard (HKLM-x32\...\PowerPoint CD-ROM Wizard) (Version: - )
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0000 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.11 - Qualcomm Atheros)
RAW FILE CONVERTER LE (HKLM-x32\...\{D680C913-5955-469D-9D88-C1940F7506D6}) (Version: - )
Rays (HKLM\...\Digital Film Tools-Rays 1.0) (Version: 1.0 - Digital Film Tools)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
RMP4 (HKLM-x32\...\{F78FC958-7354-43EA-BF26-AFCBFE7B9C18}) (Version: 1.05.0000 - RSUPPORT)
RSCC (HKLM-x32\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.02.0000 - RSUPPORT)
ScanWizard 5 (HKLM-x32\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - )
Serif WebPlus X7 (HKLM\...\{DDC54AEA-0ED0-4F2F-9C3C-7C382D80B5FB}) (Version: 15.0.4.38 - Serif (Europe) Ltd)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
stashimi (HKLM-x32\...\{9E0284FD-B627-42AC-B17A-99930793A9E5}) (Version: 12.1.9800.0 - Audials AG)
SureThing Decal Maker (HKLM-x32\...\MVApplication1) (Version: - )
Unity Web Player (HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UPSmart version 1.5 (HKLM-x32\...\UPSmart_is1) (Version: 1.5 - Guangdong IDBK software technology Inc)
UPSmart2000R 1.9( Build 110621 ) (HKLM-x32\...\UPSmart2000R_is1) (Version: 1.9 - )
Video Booth (HKLM-x32\...\VideoBooth) (Version: 2.8.1.8 - )
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{27c7215d-df19-4095-8f6a-eba55cab35be}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{F413FB4C-7CFF-4737-BCC3-5EE43BFB3721}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.) Hidden
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.1.1.40 - WildTangent)
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.60 - WildTangent) Hidden
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - )
X-Rite Device Services Manager (HKLM-x32\...\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}) (Version: 2.4.1 - X-Rite)
Zipware (HKLM-x32\...\{978B4C17-660C-4521-A024-0E4311DF0192}) (Version: 1.2.0 - Bazwise)
百度网盘 (HKLM-x32\...\百度云管家) (Version: 6.2.4 - 百度在线网络技术(北京)有限公司)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1630993411-145381888-747447847-1001_Classes\CLSID\{F692AFB9-21F4-EE57-7255-CA9A52655345}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers1-x32: [ASZipF] -> {e13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => -> No File
ContextMenuHandlers1-x32: [ASZipF64] -> {e13d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => -> No File
ContextMenuHandlers1-x32: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1-x32-x32: [ccZipWizDll] -> {FFEAB400-3031-11D5-B653-0050BAD1A371} => C:\Program Files (x86)\CoffeeCup Software\FreeZip\cczipdll.dll [2001-04-14] (CoffeeCup Software)
ContextMenuHandlers1-x32-x32: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-03] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32-x32: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1-x32-x32: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers1-x32-x32-x32: [PicaView32] -> {68f32140-2ca3-11d0-acc1-444553540000} => C:\Program Files (x86)\PICAVI~1\PicaView.dll -> No File
ContextMenuHandlers1-x32-x32-x32: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1-x32-x32-x32: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-13] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1-x32-x32-x32: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Rick\AppData\Roaming\baidu\BaiduNetdisk\YunShellExt64.dll -> No File
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-13] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-07] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ASZipF] -> {e13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} => -> No File
ContextMenuHandlers6: [ASZipF64] -> {e13d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} => -> No File
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.16.3.21\buShell.dll [2018-12-12] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-03] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-07] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.16.3.21\NavShExt.dll [2018-12-13] (Symantec Corporation -> Symantec Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AA0B89D-FC57-489F-96C8-1B2409FEE784} - System32\Tasks\GoogleUpdateTaskMachineUA1d1b3309bb50295 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {2D578C79-C768-4973-B599-3C6085E828CF} - System32\Tasks\CareCenter\Spotify Web Helper_Reg_HKCURun_S-1-5-21-1630993411-145381888-747447847-1001 => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
Task: {2F1171C8-8F99-40CC-85F0-6C02351FE0A6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {32DD3A34-10B3-4BBF-A519-BEB19B897897} - System32\Tasks\
[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {42F19B06-23B5-4258-97F9-B82DE655E4B4} - System32\Tasks\Abelssoft\Abelssoft Abelssoft File Organizer_117 => C:\Program Files (x86)\Abelssoft File Organizer\AbLauncher.exe
Task: {43D3296B-AFF6-4CEA-8929-E06F9706C0E7} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.16.3.21\SymErr.exe (Symantec Corporation -> Symantec Corporation)
Task: {4480CF55-9C9D-4E42-9EC6-DFAAFE16C986} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.16.3.21\SymErr.exe (Symantec Corporation -> Symantec Corporation)
Task: {4733B00B-CD56-4474-A8DE-87A80D8827A1} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.16.3.21\SymErr.exe (Symantec Corporation -> Symantec Corporation)
Task: {4B03C7D4-4B11-44CA-A80A-B5B346229A13} - System32\Tasks\{6C49A8F2-4C8C-449C-BBB9-6F0A12CEE1BC} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Rick\Desktop\Navy\New folder\freezip.exe" -d "C:\Users\Rick\Desktop\Navy\New folder"
Task: {4FC8428F-A07A-49DE-9BEC-2A26C04F5344} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {51BB7444-0E84-4A99-82D0-B4AC2B2C19EC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5DDA4DFC-3179-4CFB-BF12-D63DB742015B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe (Acer Incorporated -> )
Task: {674997DC-07F8-4B9B-B01B-5E2BBD94FD74} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe (Acer Incorporated -> Acer Incorporated)
Task: {67DDF01E-9BE3-4F75-BAF1-E7E0C253CA0E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6A6745C1-3B55-430B-8821-1A00BBD3E284} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.16.3.21\WSCStub.exe (Symantec Corporation -> Symantec Corporation)
Task: {6D727AAB-CD0C-46F6-B520-A3EF4CB701A9} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe (X-Rite Incorporated -> X-Rite Inc.)
Task: {6F83278E-0757-4266-A13E-BE4996F1E4DB} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe (Nero AG -> Nero AG)
Task: {729A2C47-8797-48E8-B494-6C733C3442A5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> )
Task: {7A383737-2EC7-41EF-8D24-E7E745A1D810} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7D0B6B5E-862D-4708-9F10-00EEC5698842} - System32\Tasks\CareCenter\BCSSync_Reg_HKLMWow6432Run => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {8258A44C-AF33-4AF8-BB6E-4FB3D00F296A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {891D978B-CC83-4DC0-8B35-E6BF65228EEA} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe (Acer Incorporated -> )
Task: {A1B092F4-BB88-4842-B834-A63F5135FFF8} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\inPixio\InPixio Photo Clip 8 Demo\InPixioPhotoClip8.exe
Task: {A906909E-1638-427D-9571-0BAF4C968473} - System32\Tasks\CareCenter\ABBYY Screenshot Reader Bonus_Reg_HKCURun_S-1-5-21-1630993411-145381888-747447847-1001 => C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe
Task: {AB2F7DE3-5D2C-4EBD-917F-F7A9CF634C23} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe (Symantec Corporation -> Symantec Corporation)
Task: {B06FF82D-8BE6-4633-8D8D-C82D3162FB4B} - System32\Tasks\CareCenter\OneNote 2010 Screen Clipper and Launcher.lnk_FolderAppdata_S-1-5-21-1630993411-145381888-747447847-1001 => C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Task: {B59C37AA-5BDE-49D7-A3F6-2683D4B25389} - System32\Tasks\CareCenter\CanonQuickMenu_Reg_HKLMWow6432Run => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Canon Inc. -> CANON INC.)
Task: {C7F54203-607F-41C8-9FD0-B0DF4DF5B24A} - System32\Tasks\GoogleUpdateTaskMachineCore1d1b3309b3906f6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {D7569C8C-3763-4460-923B-DECB9FBC73A2} - System32\Tasks\S-1-5-21-1630993411-145381888-747447847-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {F17E0D40-D4EB-4086-B5DE-B7650AA84A4C} - System32\Tasks\CareCenter\OfficeSyncProcess_Reg_HKCURun_S-1-5-21-1630993411-145381888-747447847-1001 => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation -> Microsoft Corporation)
Task: {F89E8CF7-22D1-4BFC-8312-96F0FF6CA68A} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Rick\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 10:34 - 2018-04-12 10:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 10:34 - 2018-04-12 10:34 - 000444416 _____ () c:\windows\system32\SSDM.dll
2016-10-02 22:04 - 2016-12-30 00:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2018-04-12 10:34 - 2018-04-12 10:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 13:26 - 2018-11-09 13:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2014-01-07 06:48 - 2013-07-30 18:11 - 000110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2019-02-13 17:42 - 2019-02-06 13:25 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-08 17:50 - 2019-02-08 17:51 - 028028416 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-02-08 17:50 - 2019-02-08 17:50 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-09 15:33 - 2018-10-09 15:33 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 18:36 - 2018-11-29 18:36 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-08 17:50 - 2019-02-08 17:50 - 006033408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-08 17:50 - 2019-02-08 17:50 - 009338368 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19011.11311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-02-15 22:22 - 2019-02-15 22:22 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-02-15 22:22 - 2019-02-15 22:22 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.39.180.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2016-12-22 13:55 - 2016-08-18 07:50 - 002365920 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Smile\application\ColorMunki Smile Tray.exe
2017-10-04 14:06 - 2009-06-26 15:25 - 000356352 _____ () C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
2019-02-04 21:43 - 2019-02-04 21:43 - 000059376 _____ () C:\Program Files\CCleaner\branding.dll
2019-02-12 15:24 - 2019-02-12 15:24 - 008562688 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1901.311.0_x64__8wekyb3d8bbwe\OneConnect.dll
2015-07-13 10:33 - 2015-07-13 10:33 - 001592832 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 14:03 - 2013-06-21 14:03 - 002633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2016-12-22 13:55 - 2016-08-19 00:16 - 044202496 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Smile\application\Prism.dll
2016-12-22 13:55 - 2016-08-19 00:16 - 000898560 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Smile\application\libxml2.dll
2016-12-22 13:55 - 2016-08-19 00:16 - 003449344 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Smile\application\CxF2_VC90MD_2.1.dll
2016-12-22 13:55 - 2016-08-19 00:16 - 000073728 _____ () C:\Program Files (x86)\X-Rite\ColorMunki Smile\application\zlib1.dll
2017-10-04 14:06 - 2009-07-22 16:58 - 000258048 _____ () C:\Program Files (x86)\ScanWizard 5\SFRes.dll
2018-11-20 02:11 - 2018-11-20 02:11 - 004310088 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-04 18:36 - 2015-11-04 18:36 - 000149720 _____ () C:\Program Files (x86)\Acer\abDocs Office AddIn\AcerWordAddin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-23 00:25 - 2016-08-08 15:27 - 000000855 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Acer\Remote Files\;C:\Program Files (x86)\Common Files\ACD Systems\EN\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1630993411-145381888-747447847-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rick\Documents\My Documents\Spare Icons\1\Photos 2\Wallpaper\BingWallpaper-2018-06-18.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CCDMonitorService => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel® ME Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: L4301_Solar => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NOBU => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: ReflectService.exe => 2
MSCONFIG\Services: Stereo Service => 2
HKLM\...\StartupApproved\StartupFolder: => "PC Clone EX.LNK"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "mylbx"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "LifeCam"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "ShaPlus Bandwidth Meter"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "abDocsDllLoader"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "ABBYY Screenshot Reader Bonus"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "Avanquest Message"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "5KPlayer"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "Bonus.SSR.FR14"
HKU\S-1-5-21-1630993411-145381888-747447847-1001\...\StartupApproved\Run: => "UPSmart"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0955A86A-2ED8-4E39-9329-0F2A2ABC8744}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe No File
FirewallRules: [{50143828-261D-4073-AE7B-F625BD9012A6}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe No File
FirewallRules: [{484F38D2-32FC-4FDC-9DC2-4DDEC02F66AA}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe No File
FirewallRules: [{7DC0C804-70DF-424D-BD87-6AD435A39C3E}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe No File
FirewallRules: [{EE5AF3DE-39B7-4032-8B82-A7DAC76C73CA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{8A6A80A5-8488-4639-AC02-0D10F3BA96E2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{2D90616E-620B-4704-9FE2-188396CD332B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{897B1F29-60CF-4AFC-BA04-3BE54DA11E35}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FAE71AF6-7F25-4423-B1CA-E5D4C25A24BE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{61F70EAE-A460-45BD-AC7D-542ED2A34FE7}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B1B8424F-3F40-4F51-AAE7-B0433B25D790}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{4C4AC1DC-3879-41DD-8E1A-9C8709745E01}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{E006BC02-43B3-41A1-BA28-2D78FAC1E58C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{AC8334EF-1EBF-46D6-942D-E6645FDF3A02}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{6F2575DD-8B74-452A-A869-F3220637BA29}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{AA1F52B4-5D29-4263-983C-F171A36DD445}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{59A244B5-FD13-4CE9-B7BB-434E9B1CCB5C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{D0C095EF-62FB-4836-AF9E-09BBCCEDD3B1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{15937FE9-6B7C-4F06-A3AA-09E4142B19F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{BC6340C9-1AAA-4B4A-884F-33EE6946AD08}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{710A0316-D030-4762-A753-884D9F048C01}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{0A791055-516F-4ABF-9CC0-7C60F8E04AE3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{7F9D5A5D-3277-4778-8DB6-43DE68F0F1F9}] => (Allow) C:\Program Files (x86)\stashimi\stashimi 12\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{3FCCCE94-DC9B-4961-990D-F763B5CDF777}] => (Allow) LPort=12972
FirewallRules: [{A5D845CB-23BA-4445-A24C-FE60495D37E4}] => (Allow) LPort=14714
FirewallRules: [{8007E4CA-A8D1-4C1F-9DEF-791B533C01DD}] => (Allow) LPort=31931
FirewallRules: [{49A38E7F-03A1-41A9-A70D-136BE1A71605}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe (Nero AG -> Nero AG)
FirewallRules: [{C9CC69B5-59D1-4B62-96C1-F3C853B80215}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe (Nero AG -> Nero AG)
FirewallRules: [{07755194-8ABB-4D57-8FE9-F2D7E9E1CE0C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{3753B8A7-C901-420F-B35E-E695CFA30C26}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{C61BECE5-79BF-4348-A2BC-E705831F4572}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{4AAF9233-4763-4545-9569-3A432271E7DE}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{6D3F7FC8-EAB4-47B8-B745-80245527CD1D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{09FF3557-254C-4CA3-8034-4F22E5DEFF4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FED014A0-63EE-45F5-8B26-CD012D2DDCA2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52A5CACB-9FCD-4682-92EB-655F401BE9AA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{6B512EC7-1C9A-4DD0-B90B-F3260D3426ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{11764031-4EC4-46FD-BF07-045402D5F92D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{1033ED95-03C5-49BE-AED3-8A0CACCA4B07}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{E6B331CE-C73A-4EF3-8F2D-4E023D1C4A1F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{F5BB788E-DF73-4CCF-A918-C717FFBEFB6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{32469169-AA4A-45EB-ACB1-CE527B05773B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{38363DE5-0DF2-4D82-91E0-FA87882BB990}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{BFA0A2B0-62A9-40BA-B6EB-36ED5C0698EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3503228D-7DAD-4A19-8D18-181F6D555EB2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{33E3A89D-8087-4EE4-B24A-8A9AD592F383}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EEFCB46-7766-49B8-8658-0795DC9BFDF2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB345A0B-5CFD-4DA3-8DF8-533AF5BBCAC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BD99BF21-82FD-4F96-8C8E-9C395773199D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{32DA455E-E9CB-46B6-A5BA-4D85A2D09E33}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{BF17EB2F-6735-44B1-B7B8-DF2AF8D34021}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{E25F5355-6388-4598-B2A9-B2C64F9CFE62}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{20E6D3A9-4BD0-40A4-9A38-2C32477831DA}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{2F288AEC-36A5-410F-845A-FDBC12DB8DE1}] => (Allow) LPort=5454
FirewallRules: [{81821348-98D7-44C8-BA48-72A6A06ED2EA}] => (Allow) LPort=5454
FirewallRules: [{A4A4AE44-7EC8-455B-A560-BD6C2CB6DA66}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2018\on1sandbox.exe No File
FirewallRules: [{51D22DDC-5C82-4E23-8274-257254BF729E}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2018\on1sandbox.exe No File
FirewallRules: [{35F70A29-BE37-4140-977B-FA4726385DF0}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2018\on1capture.exe No File
FirewallRules: [{63EFCE3B-EFFE-4686-BD84-4E8318A16A87}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2018\on1capture.exe No File
FirewallRules: [{1051BA62-C267-4506-8C21-30088E14074C}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2018\on1 photo raw 2018.exe No File
FirewallRules: [{F614331A-D0D5-4542-B9A9-DA557EE0D6C6}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2018\on1 photo raw 2018.exe No File
FirewallRules: [{F0295F0F-85D4-4554-B3AF-893FB77414B1}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{8A1B1CB5-E93D-4CE5-BD55-93384AAD9EF1}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [TCP Query User{68FD5875-AB16-4B73-866E-0FDAA21B88F4}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty, Inc. -> DearMob)
FirewallRules: [UDP Query User{F5A1BA6C-C456-4E11-9357-B01CF09840BC}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty, Inc. -> DearMob)
FirewallRules: [{306B9756-D585-4046-85CB-5779A0470EC4}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty, Inc. -> DearMob)
FirewallRules: [{A710A770-E3F8-422A-87D7-2BADDBB83176}] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty, Inc. -> DearMob)
FirewallRules: [TCP Query User{E0311600-CFE6-4EE0-9FE4-5F080D548139}C:\program files (x86)\norton wifi privacy\client\norton wifi privacy.exe] => (Block) C:\program files (x86)\norton wifi privacy\client\norton wifi privacy.exe No File
FirewallRules: [UDP Query User{7372B4B5-E4B1-40DF-AAAB-591E3BED6389}C:\program files (x86)\norton wifi privacy\client\norton wifi privacy.exe] => (Block) C:\program files (x86)\norton wifi privacy\client\norton wifi privacy.exe No File
FirewallRules: [{12C793FA-308C-483E-A837-D55A23A9B9E0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C74F49EA-15F3-4ACA-8D9D-E1F65FF23CE5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7DC66632-EE26-4ACB-BF46-A41F6ED806C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DBC7321D-2567-4F07-BBDF-C0EED41F366B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE1E5A85-3049-4129-842C-D4925CB80336}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
11-02-2019 12:58:33 Scheduled Checkpoint
15-02-2019 17:31:33 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/20/2019 03:10:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Error: (02/20/2019 03:09:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {49e97ba9-3808-4cbc-a5c7-6ec85a0be7e4}
Error: (02/19/2019 06:34:54 PM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: Event-ID 3
Error: (02/19/2019 06:34:54 PM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: Event-ID 3
Error: (02/19/2019 06:34:54 PM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: Event-ID 3
Error: (02/19/2019 06:34:54 PM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: Event-ID 3
Error: (02/19/2019 06:34:54 PM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: Event-ID 3
Error: (02/19/2019 06:34:54 PM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: Event-ID 3
System errors:
=============
Error: (02/20/2019 03:33:02 PM) (Source: DCOM) (EventID: 10016) (User: HALPC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HalPC\Rick SID (S-1-5-21-1630993411-145381888-747447847-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/20/2019 03:31:55 PM) (Source: DCOM) (EventID: 10016) (User: HALPC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HalPC\Rick SID (S-1-5-21-1630993411-145381888-747447847-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/20/2019 03:19:36 PM) (Source: DCOM) (EventID: 10016) (User: HALPC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user HalPC\Rick SID (S-1-5-21-1630993411-145381888-747447847-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/20/2019 03:14:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/20/2019 03:13:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/20/2019 03:13:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/20/2019 03:12:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Media Player Network Sharing Service service terminated with the following error:
An attempt was made to reference a token that does not exist.
Error: (02/20/2019 03:12:20 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
CodeIntegrity:
===================================
Date: 2019-01-23 05:22:38.485
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-23 05:22:38.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-23 05:22:38.432
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-23 05:22:38.405
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-23 05:22:38.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-23 05:22:38.379
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-23 05:22:38.297
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.
Date: 2019-01-23 05:22:38.269
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Acer\shellext\x64\shellext_win.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 36%
Total physical RAM: 8125.09 MB
Available physical RAM: 5183.94 MB
Total Virtual: 16317.09 MB
Available Virtual: 13499.52 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:457.31 GB) (Free:382.22 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.31 GB) (Free:457.12 GB) NTFS
\\?\Volume{b096842d-7d80-4c4a-8eb4-e5827b8055db}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.15 GB) NTFS
\\?\Volume{f6bcedad-eb04-46fa-b9ae-76917f8a3f45}\ (Push Button Reset) (Fixed) (Total:16.08 GB) (Free:1.17 GB) NTFS
\\?\Volume{dab56a16-f60a-48f0-ab2f-c837a014a40d}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3456572E)
Partition: GPT.
==================== End of Addition.txt ============================